Prosím o kontrolu-pomalý ntb Vyřešeno
Re: Prosím o kontrolu-pomalý ntb
Znatelně lepší ale není to ono.. Je nějaká možnost jak zrychlit systém ještě?
CPU: Intel Core i7 4790
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu-pomalý ntb
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu-pomalý ntb
ComboFix 16-04-22.01 - ASUS 24.04.2016 11:24:00.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2039.1376 [GMT 2:00]
Spuštěný z: c:\users\ASUS\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-03-24 do 2016-04-24 )))))))))))))))))))))))))))))))
.
.
2016-04-23 22:28 . 2016-04-23 22:10 24064 ----a-w- c:\windows\zoek-delete.exe
2016-04-23 22:28 . 2016-04-24 09:32 -------- d-----w- c:\users\ASUS\AppData\Local\Temp
2016-04-23 22:12 . 2016-04-23 22:12 -------- d-----w- c:\users\ASUS\AppData\Local\CrashDumps
2016-04-23 22:10 . 2016-04-23 22:27 -------- d-----w- C:\zoek_backup
2016-04-23 20:35 . 2016-04-23 21:47 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-04-23 20:35 . 2016-04-23 20:57 -------- d-----w- c:\programdata\RogueKiller
2016-04-23 17:54 . 2016-04-23 17:54 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-04-23 17:53 . 2016-03-10 12:09 53120 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-04-23 17:53 . 2016-03-10 12:08 126336 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-04-23 17:53 . 2016-03-10 12:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-04-23 17:53 . 2016-04-23 17:53 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-04-23 17:53 . 2016-04-23 17:53 -------- d-----w- c:\programdata\Malwarebytes
2016-04-23 17:49 . 2016-04-23 20:26 -------- d-----w- C:\AdwCleaner
2016-04-23 17:47 . 2016-04-23 17:47 -------- d-----w- c:\users\ASUS\AppData\Local\Adobe
2016-04-23 09:03 . 2016-04-23 09:03 -------- d-----w- c:\users\ASUS\AppData\Roaming\IObit
2016-04-23 08:58 . 2015-07-01 09:47 912000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFCA34DB-8E62-4427-B607-8A9DFB6E90C5}\gapaengine.dll
2016-04-23 08:57 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF0B9C76-597D-42EC-B4E6-1AA1847E9925}\mpengine.dll
2016-04-21 06:06 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-04-21 05:55 . 2016-04-21 05:58 -------- d-----w- c:\users\ASUS\AppData\Local\Viber
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-22 07:57 . 2013-10-04 19:29 374944 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-18 995184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-08-21 16:30 959176 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-15 19:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-01-20 21:02 5496600 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-07-03 13:16 3673184 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000000]
2012-02-29 05:03 249440 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIHJE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-10-02 13:34 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-10-02 13:34 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-10-02 13:34 150552 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
2013-11-17 15:06 11930696 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 16:26 21650016 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-12-17 21:12 508800 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-10-06 08:00 1141328 ----a-w- c:\users\ASUS\AppData\Roaming\uTorrent\utorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
2016-04-13 13:54 69268048 ----a-w- c:\users\ASUS\AppData\Local\Viber\Viber.exe
.
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-07-18 295376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-10-04 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-08 243128]
S1 MpKsld29b9e63;MpKsld29b9e63;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF0B9C76-597D-42EC-B4E6-1AA1847E9925}\MpKsld29b9e63.sys [2016-04-24 39168]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-04-08 11:02 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-11-20 09:32]
.
2016-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-11-20 09:32]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 176.62.225.2 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKU-Default-Run-Advanced SystemCare 7 - c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe
AddRemove-{8409c4f7-2340-4933-a304-5d37db4fb48b} - c:\programdata\Package Cache\{8409c4f7-2340-4933-a304-5d37db4fb48b}\Intel® Driver Update Utility Installer.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,ef,d8,2e,f0,77,c9,4f,ae,e2,f1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,ef,d8,2e,f0,77,c9,4f,ae,e2,f1,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2016-04-24 11:35:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-04-24 09:35
.
Před spuštěním: Volných bajtů: 53 993 111 552
Po spuštění: Volných bajtů: 53 757 616 128
.
- - End Of File - - 6F475D44CD1FBE51561BED9BA438A182
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2039.1376 [GMT 2:00]
Spuštěný z: c:\users\ASUS\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-03-24 do 2016-04-24 )))))))))))))))))))))))))))))))
.
.
2016-04-23 22:28 . 2016-04-23 22:10 24064 ----a-w- c:\windows\zoek-delete.exe
2016-04-23 22:28 . 2016-04-24 09:32 -------- d-----w- c:\users\ASUS\AppData\Local\Temp
2016-04-23 22:12 . 2016-04-23 22:12 -------- d-----w- c:\users\ASUS\AppData\Local\CrashDumps
2016-04-23 22:10 . 2016-04-23 22:27 -------- d-----w- C:\zoek_backup
2016-04-23 20:35 . 2016-04-23 21:47 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-04-23 20:35 . 2016-04-23 20:57 -------- d-----w- c:\programdata\RogueKiller
2016-04-23 17:54 . 2016-04-23 17:54 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-04-23 17:53 . 2016-03-10 12:09 53120 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-04-23 17:53 . 2016-03-10 12:08 126336 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-04-23 17:53 . 2016-03-10 12:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-04-23 17:53 . 2016-04-23 17:53 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-04-23 17:53 . 2016-04-23 17:53 -------- d-----w- c:\programdata\Malwarebytes
2016-04-23 17:49 . 2016-04-23 20:26 -------- d-----w- C:\AdwCleaner
2016-04-23 17:47 . 2016-04-23 17:47 -------- d-----w- c:\users\ASUS\AppData\Local\Adobe
2016-04-23 09:03 . 2016-04-23 09:03 -------- d-----w- c:\users\ASUS\AppData\Roaming\IObit
2016-04-23 08:58 . 2015-07-01 09:47 912000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFCA34DB-8E62-4427-B607-8A9DFB6E90C5}\gapaengine.dll
2016-04-23 08:57 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF0B9C76-597D-42EC-B4E6-1AA1847E9925}\mpengine.dll
2016-04-21 06:06 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-04-21 05:55 . 2016-04-21 05:58 -------- d-----w- c:\users\ASUS\AppData\Local\Viber
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-22 07:57 . 2013-10-04 19:29 374944 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-18 995184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-08-21 16:30 959176 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-15 19:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-01-20 21:02 5496600 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-07-03 13:16 3673184 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000000]
2012-02-29 05:03 249440 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIHJE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-10-02 13:34 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-10-02 13:34 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-10-02 13:34 150552 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
2013-11-17 15:06 11930696 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 16:26 21650016 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-12-17 21:12 508800 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-10-06 08:00 1141328 ----a-w- c:\users\ASUS\AppData\Roaming\uTorrent\utorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
2016-04-13 13:54 69268048 ----a-w- c:\users\ASUS\AppData\Local\Viber\Viber.exe
.
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-07-18 295376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-10-04 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-08 243128]
S1 MpKsld29b9e63;MpKsld29b9e63;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF0B9C76-597D-42EC-B4E6-1AA1847E9925}\MpKsld29b9e63.sys [2016-04-24 39168]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-04-08 11:02 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-11-20 09:32]
.
2016-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-11-20 09:32]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 176.62.225.2 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKU-Default-Run-Advanced SystemCare 7 - c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe
AddRemove-{8409c4f7-2340-4933-a304-5d37db4fb48b} - c:\programdata\Package Cache\{8409c4f7-2340-4933-a304-5d37db4fb48b}\Intel® Driver Update Utility Installer.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,ef,d8,2e,f0,77,c9,4f,ae,e2,f1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,ef,d8,2e,f0,77,c9,4f,ae,e2,f1,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2016-04-24 11:35:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-04-24 09:35
.
Před spuštěním: Volných bajtů: 53 993 111 552
Po spuštění: Volných bajtů: 53 757 616 128
.
- - End Of File - - 6F475D44CD1FBE51561BED9BA438A182
A36C5E4F47E84449FF07ED3517B43A31
CPU: Intel Core i7 4790
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu-pomalý ntb
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Folder::
c:\program files\Google\Update
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,ef,d8,2e,f0,77,c9,4f,ae,e2,f1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,ef,d8,2e,f0,77,c9,4f,ae,e2,f1,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu-pomalý ntb
ComboFix 16-04-22.01 - ASUS 25.04.2016 12:36:29.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2039.1435 [GMT 2:00]
Spuštěný z: c:\users\ASUS\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ASUS\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdate.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateWebPlugin.exe
c:\program files\Google\Update\1.3.29.5\goopdate.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_am.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ar.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_bg.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_bn.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ca.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_cs.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_da.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_de.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_el.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_en.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_es.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_et.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_fa.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_fi.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_fil.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_fr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_gu.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_hi.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_hr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_hu.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_id.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_is.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_it.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_iw.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ja.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_kn.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ko.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_lt.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_lv.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ml.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_mr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ms.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_nl.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_no.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_pl.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ro.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ru.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sk.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sl.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sv.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sw.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ta.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_te.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_th.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_tr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_uk.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ur.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_vi.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.29.5\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.29.5\psmachine.dll
c:\program files\Google\Update\1.3.29.5\psmachine_64.dll
c:\program files\Google\Update\1.3.29.5\psuser.dll
c:\program files\Google\Update\1.3.29.5\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.112\49.0.2623.112_49.0.2623.110_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-03-25 do 2016-04-25 )))))))))))))))))))))))))))))))
.
.
2016-04-25 10:43 . 2016-04-25 10:44 -------- d-----w- c:\users\ASUS\AppData\Local\temp
2016-04-25 10:43 . 2016-04-25 10:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-04-24 09:43 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E2A4066-BC97-40B4-8F2D-8A967A181E04}\mpengine.dll
2016-04-23 22:28 . 2016-04-23 22:10 24064 ----a-w- c:\windows\zoek-delete.exe
2016-04-23 22:12 . 2016-04-23 22:12 -------- d-----w- c:\users\ASUS\AppData\Local\CrashDumps
2016-04-23 22:10 . 2016-04-23 22:27 -------- d-----w- C:\zoek_backup
2016-04-23 20:35 . 2016-04-23 21:47 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-04-23 20:35 . 2016-04-23 20:57 -------- d-----w- c:\programdata\RogueKiller
2016-04-23 17:54 . 2016-04-23 17:54 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-04-23 17:53 . 2016-03-10 12:09 53120 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-04-23 17:53 . 2016-03-10 12:08 126336 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-04-23 17:53 . 2016-03-10 12:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-04-23 17:53 . 2016-04-23 17:53 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-04-23 17:53 . 2016-04-23 17:53 -------- d-----w- c:\programdata\Malwarebytes
2016-04-23 17:49 . 2016-04-23 20:26 -------- d-----w- C:\AdwCleaner
2016-04-23 17:47 . 2016-04-23 17:47 -------- d-----w- c:\users\ASUS\AppData\Local\Adobe
2016-04-23 09:03 . 2016-04-23 09:03 -------- d-----w- c:\users\ASUS\AppData\Roaming\IObit
2016-04-23 08:58 . 2015-07-01 09:47 912000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFCA34DB-8E62-4427-B607-8A9DFB6E90C5}\gapaengine.dll
2016-04-23 08:57 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-04-21 05:55 . 2016-04-21 05:58 -------- d-----w- c:\users\ASUS\AppData\Local\Viber
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-22 07:57 . 2013-10-04 19:29 374944 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-18 995184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-08-21 16:30 959176 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-15 19:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-01-20 21:02 5496600 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-07-03 13:16 3673184 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-10-02 13:34 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-10-02 13:34 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-10-02 13:34 150552 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
2013-11-17 15:06 11930696 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 16:26 21650016 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-12-17 21:12 508800 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-10-06 08:00 1141328 ----a-w- c:\users\ASUS\AppData\Roaming\uTorrent\utorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
2016-04-13 13:54 69268048 ----a-w- c:\users\ASUS\AppData\Local\Viber\Viber.exe
.
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-07-18 295376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-10-04 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-08 243128]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-04-08 11:02 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 176.62.225.2 8.8.8.8
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2016-04-25 12:47:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-04-25 10:47
ComboFix2.txt 2016-04-24 09:35
.
Před spuštěním: Volných bajtů: 53 520 515 072
Po spuštění: Volných bajtů: 53 222 940 672
.
- - End Of File - - CC8493739F475A333259319315ED9FAB
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2039.1435 [GMT 2:00]
Spuštěný z: c:\users\ASUS\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ASUS\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdate.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.29.5\GoogleUpdateWebPlugin.exe
c:\program files\Google\Update\1.3.29.5\goopdate.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_am.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ar.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_bg.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_bn.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ca.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_cs.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_da.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_de.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_el.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_en.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_es.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_et.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_fa.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_fi.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_fil.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_fr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_gu.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_hi.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_hr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_hu.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_id.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_is.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_it.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_iw.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ja.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_kn.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ko.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_lt.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_lv.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ml.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_mr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ms.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_nl.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_no.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_pl.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ro.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ru.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sk.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sl.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sv.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_sw.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ta.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_te.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_th.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_tr.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_uk.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_ur.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_vi.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.29.5\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.29.5\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.29.5\psmachine.dll
c:\program files\Google\Update\1.3.29.5\psmachine_64.dll
c:\program files\Google\Update\1.3.29.5\psuser.dll
c:\program files\Google\Update\1.3.29.5\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.112\49.0.2623.112_49.0.2623.110_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-03-25 do 2016-04-25 )))))))))))))))))))))))))))))))
.
.
2016-04-25 10:43 . 2016-04-25 10:44 -------- d-----w- c:\users\ASUS\AppData\Local\temp
2016-04-25 10:43 . 2016-04-25 10:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-04-24 09:43 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E2A4066-BC97-40B4-8F2D-8A967A181E04}\mpengine.dll
2016-04-23 22:28 . 2016-04-23 22:10 24064 ----a-w- c:\windows\zoek-delete.exe
2016-04-23 22:12 . 2016-04-23 22:12 -------- d-----w- c:\users\ASUS\AppData\Local\CrashDumps
2016-04-23 22:10 . 2016-04-23 22:27 -------- d-----w- C:\zoek_backup
2016-04-23 20:35 . 2016-04-23 21:47 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-04-23 20:35 . 2016-04-23 20:57 -------- d-----w- c:\programdata\RogueKiller
2016-04-23 17:54 . 2016-04-23 17:54 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-04-23 17:53 . 2016-03-10 12:09 53120 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-04-23 17:53 . 2016-03-10 12:08 126336 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-04-23 17:53 . 2016-03-10 12:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-04-23 17:53 . 2016-04-23 17:53 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-04-23 17:53 . 2016-04-23 17:53 -------- d-----w- c:\programdata\Malwarebytes
2016-04-23 17:49 . 2016-04-23 20:26 -------- d-----w- C:\AdwCleaner
2016-04-23 17:47 . 2016-04-23 17:47 -------- d-----w- c:\users\ASUS\AppData\Local\Adobe
2016-04-23 09:03 . 2016-04-23 09:03 -------- d-----w- c:\users\ASUS\AppData\Roaming\IObit
2016-04-23 08:58 . 2015-07-01 09:47 912000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFCA34DB-8E62-4427-B607-8A9DFB6E90C5}\gapaengine.dll
2016-04-23 08:57 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-04-21 05:55 . 2016-04-21 05:58 -------- d-----w- c:\users\ASUS\AppData\Local\Viber
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-22 07:57 . 2013-10-04 19:29 374944 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-18 995184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-08-21 16:30 959176 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-15 19:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-01-20 21:02 5496600 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-07-03 13:16 3673184 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-10-02 13:34 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-10-02 13:34 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-10-02 13:34 150552 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
2013-11-17 15:06 11930696 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 16:26 21650016 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-12-17 21:12 508800 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-10-06 08:00 1141328 ----a-w- c:\users\ASUS\AppData\Roaming\uTorrent\utorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
2016-04-13 13:54 69268048 ----a-w- c:\users\ASUS\AppData\Local\Viber\Viber.exe
.
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-07-18 295376]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-10-04 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-08 243128]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-04-08 11:02 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 176.62.225.2 8.8.8.8
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2016-04-25 12:47:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-04-25 10:47
ComboFix2.txt 2016-04-24 09:35
.
Před spuštěním: Volných bajtů: 53 520 515 072
Po spuštění: Volných bajtů: 53 222 940 672
.
- - End Of File - - CC8493739F475A333259319315ED9FAB
A36C5E4F47E84449FF07ED3517B43A31
CPU: Intel Core i7 4790
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
Re: Prosím o kontrolu-pomalý ntb
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:53:03, on 25.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\Explorer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\ASUS\Downloads\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
--
End of file - 2074 bytes
Scan saved at 12:53:03, on 25.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\Explorer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\ASUS\Downloads\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
--
End of file - 2074 bytes
CPU: Intel Core i7 4790
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
Re: Prosím o kontrolu-pomalý ntb
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-04-25 12:51:12
-----------------------------
12:51:12.095 OS Version: Windows 6.1.7601 Service Pack 1
12:51:12.095 Number of processors: 2 586 0xF0D
12:51:12.095 ComputerName: ASUS-NTB UserName: ASUS
12:51:19.879 Initialize success
12:51:19.926 VM: initialized successfully
12:51:19.926 VM: Intel CPU virtualization not supported
12:51:38.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
12:51:38.734 Disk 0 Vendor: WDC_WD1600BEVT-22ZCT0 11.01A11 Size: 152627MB BusType: 11
12:51:38.921 Disk 0 MBR read successfully
12:51:38.936 Disk 0 MBR scan
12:51:38.936 Disk 0 Windows 7 default MBR code
12:51:38.936 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 10001 MB offset 63
12:51:38.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 20482875
12:51:38.968 Disk 0 Boot: NTFS code=1
12:51:38.983 Disk 0 Partition - 00 0F Extended LBA 66315 MB offset 176763195
12:51:39.014 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 66315 MB offset 176763258
12:51:39.014 Disk 0 scanning sectors +312576705
12:51:39.077 Disk 0 scanning C:\Windows\system32\drivers
12:51:44.178 Service scanning
12:51:56.798 Modules scanning
12:51:56.798 Disk 0 trace - called modules:
12:51:56.845 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
12:51:56.861 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a97030]
12:51:56.861 3 CLASSPNP.SYS[88e0459e] -> nt!IofCallDriver -> [0x859ae918]
12:51:56.876 5 ACPI.sys[88aae3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0x85580908]
12:51:56.876 Disk 0 statistics 78291/0/0 @ 8,06 MB/s
12:51:56.892 Scan finished successfully
12:52:14.255 Disk 0 MBR has been saved successfully to "C:\Users\ASUS\Desktop\MBR.dat"
12:52:14.255 The log file has been saved successfully to "C:\Users\ASUS\Desktop\aswMBR.txt"
Run date: 2016-04-25 12:51:12
-----------------------------
12:51:12.095 OS Version: Windows 6.1.7601 Service Pack 1
12:51:12.095 Number of processors: 2 586 0xF0D
12:51:12.095 ComputerName: ASUS-NTB UserName: ASUS
12:51:19.879 Initialize success
12:51:19.926 VM: initialized successfully
12:51:19.926 VM: Intel CPU virtualization not supported
12:51:38.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
12:51:38.734 Disk 0 Vendor: WDC_WD1600BEVT-22ZCT0 11.01A11 Size: 152627MB BusType: 11
12:51:38.921 Disk 0 MBR read successfully
12:51:38.936 Disk 0 MBR scan
12:51:38.936 Disk 0 Windows 7 default MBR code
12:51:38.936 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 10001 MB offset 63
12:51:38.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 20482875
12:51:38.968 Disk 0 Boot: NTFS code=1
12:51:38.983 Disk 0 Partition - 00 0F Extended LBA 66315 MB offset 176763195
12:51:39.014 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 66315 MB offset 176763258
12:51:39.014 Disk 0 scanning sectors +312576705
12:51:39.077 Disk 0 scanning C:\Windows\system32\drivers
12:51:44.178 Service scanning
12:51:56.798 Modules scanning
12:51:56.798 Disk 0 trace - called modules:
12:51:56.845 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
12:51:56.861 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a97030]
12:51:56.861 3 CLASSPNP.SYS[88e0459e] -> nt!IofCallDriver -> [0x859ae918]
12:51:56.876 5 ACPI.sys[88aae3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0x85580908]
12:51:56.876 Disk 0 statistics 78291/0/0 @ 8,06 MB/s
12:51:56.892 Scan finished successfully
12:52:14.255 Disk 0 MBR has been saved successfully to "C:\Users\ASUS\Desktop\MBR.dat"
12:52:14.255 The log file has been saved successfully to "C:\Users\ASUS\Desktop\aswMBR.txt"
CPU: Intel Core i7 4790
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu-pomalý ntb
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu-pomalý ntb
Ram jsou v pohodě :)
----------------------------------------------------------------------------
CrystalDiskInfo 6.8.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
Date : 2016/04/26 19:37:19
-- Controller Map ----------------------------------------------------------
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ ATA Channel 0 (0)
- MATSHITA DVD-RAM UJ870QJ ATA Device
- WDC WD1600BEVT-22ZCT0 ATA Device
- ATA Channel 1 (1)
- ATA Channel 2 (2)
+ Řadiče úložiště Intel(R) ICH8M v režimu Ultra ATA - 2850 [ATA]
- ATA Channel 0 (0)
-- Disk List ---------------------------------------------------------------
(1) WDC WD1600BEVT-22ZCT0 : 160,0 GB [0/1/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD1600BEVT-22ZCT0
----------------------------------------------------------------------------
Model : WDC WD1600BEVT-22ZCT0
Firmware : 11.01A11
Serial Number : WD-WXE308JK6543
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 11610 hod.
Power On Count : 4871 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 00000000002E Počet chyb čtení
03 160 159 _21 0000000003CF Čas na roztočení ploten
04 _93 _93 __0 000000001C6B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _85 _85 __0 000000002D5A Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _96 _96 __0 000000001307 Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000002BA Počet vypnutí disku
C1 113 113 __0 00000003FCB2 Počet cyklů načítání/vymazání
C2 114 _82 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4533 3038 4A4B 3635 3433
020: 0000 4000 0032 3131 2E30 3141 3131 5744 4320 5744
030: 3136 3030 4245 5654 2D32 325A 4354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 004C 0040
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 001A
090: 001A 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AC1C 44E8 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169E 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 72A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 2E 00 00 00 00 00 00 03 27
010: 00 A0 9F CF 03 00 00 00 00 00 04 32 00 5D 5D 6B
020: 1C 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 55 55 5A 2D 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 07 13 00 00 00 00 00 C0 32
070: 00 C8 C8 BA 02 00 00 00 00 00 C1 32 00 71 71 B2
080: FC 03 00 00 00 00 C2 22 00 72 52 1D 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 01 00 00 00 00
0C0: 00 00 C8 09 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 28 14 01 7B
170: 03 00 01 00 02 40 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B5
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CC
----------------------------------------------------------------------------
CrystalDiskInfo 6.8.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x86)
Date : 2016/04/26 19:37:19
-- Controller Map ----------------------------------------------------------
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ ATA Channel 0 (0)
- MATSHITA DVD-RAM UJ870QJ ATA Device
- WDC WD1600BEVT-22ZCT0 ATA Device
- ATA Channel 1 (1)
- ATA Channel 2 (2)
+ Řadiče úložiště Intel(R) ICH8M v režimu Ultra ATA - 2850 [ATA]
- ATA Channel 0 (0)
-- Disk List ---------------------------------------------------------------
(1) WDC WD1600BEVT-22ZCT0 : 160,0 GB [0/1/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD1600BEVT-22ZCT0
----------------------------------------------------------------------------
Model : WDC WD1600BEVT-22ZCT0
Firmware : 11.01A11
Serial Number : WD-WXE308JK6543
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 11610 hod.
Power On Count : 4871 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 00000000002E Počet chyb čtení
03 160 159 _21 0000000003CF Čas na roztočení ploten
04 _93 _93 __0 000000001C6B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _85 _85 __0 000000002D5A Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _96 _96 __0 000000001307 Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000002BA Počet vypnutí disku
C1 113 113 __0 00000003FCB2 Počet cyklů načítání/vymazání
C2 114 _82 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4533 3038 4A4B 3635 3433
020: 0000 4000 0032 3131 2E30 3141 3131 5744 4320 5744
030: 3136 3030 4245 5654 2D32 325A 4354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 004C 0040
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 001A
090: 001A 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AC1C 44E8 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169E 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 72A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 2E 00 00 00 00 00 00 03 27
010: 00 A0 9F CF 03 00 00 00 00 00 04 32 00 5D 5D 6B
020: 1C 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 55 55 5A 2D 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 07 13 00 00 00 00 00 C0 32
070: 00 C8 C8 BA 02 00 00 00 00 00 C1 32 00 71 71 B2
080: FC 03 00 00 00 00 C2 22 00 72 52 1D 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 01 00 00 00 00
0C0: 00 00 C8 09 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 28 14 01 7B
170: 03 00 01 00 02 40 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B5
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CC
CPU: Intel Core i7 4790
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu-pomalý ntb
0000000003CF Čas na roztočení ploten
ještě jednou CDI.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
ještě jednou CDI.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu-pomalý ntb
OTL logfile created on: 26.4.2016 22:01:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,08% Memory free
3,98 Gb Paging File | 3,26 Gb Available in Paging File | 81,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 52,98 Gb Free Space | 71,10% Space Free | Partition Type: NTFS
Drive D: | 64,76 Gb Total Space | 63,21 Gb Free Space | 97,60% Space Free | Partition Type: NTFS
Computer Name: ASUS-NTB | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\ASUS\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\CCleaner\Lang\lang-1029.dll ()
========== Services (SafeList) ==========
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
O1 HOSTS File: ([2016.04.25 12:44:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 176.62.225.2 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{778DCEEA-DCCC-4124-A66D-F1F6110DE7A2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCEA33DD-8166-4C72-BE6F-FEB4BEF698A3}: DhcpNameServer = 176.62.225.2 8.8.8.8
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016.04.26 21:59:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2016.04.26 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2016.04.26 19:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2016.04.25 16:28:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.04.25 16:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2016.04.25 12:47:33 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2016.04.25 12:43:29 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\temp
[2016.04.24 11:18:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2016.04.24 00:12:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\CrashDumps
[2016.04.24 00:10:32 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2016.04.23 22:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016.04.23 22:29:36 | 001,610,008 | ---- | C] (Malwarebytes) -- C:\Users\ASUS\Desktop\JRT.exe
[2016.04.23 19:54:30 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2016.04.23 19:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016.04.23 19:53:40 | 000,126,336 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2016.04.23 19:53:40 | 000,053,120 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2016.04.23 19:53:40 | 000,024,448 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2016.04.23 19:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2016.04.23 19:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016.04.23 19:49:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.04.23 19:47:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Adobe
[2016.04.23 11:03:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\IObit
[2016.04.21 07:55:29 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Viber
========== Files - Modified Within 30 Days ==========
[2016.04.26 21:59:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2016.04.26 19:36:57 | 000,001,930 | ---- | M] () -- C:\Users\ASUS\Desktop\CrystalDiskInfo.lnk
[2016.04.26 19:35:14 | 000,026,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.04.26 19:35:14 | 000,026,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.04.26 19:28:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.04.26 19:27:56 | 1603,723,264 | -HS- | M] () -- C:\hiberfil.sys
[2016.04.25 12:52:14 | 000,000,512 | ---- | M] () -- C:\Users\ASUS\Desktop\MBR.dat
[2016.04.25 12:44:45 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2016.04.24 00:10:57 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2016.04.24 00:06:59 | 001,309,184 | ---- | M] () -- C:\Users\ASUS\Desktop\zoek.exe
[2016.04.23 23:47:10 | 000,024,688 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2016.04.23 22:29:51 | 001,610,008 | ---- | M] (Malwarebytes) -- C:\Users\ASUS\Desktop\JRT.exe
[2016.04.23 19:54:57 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2016.04.23 19:53:55 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016.04.23 19:47:49 | 003,683,904 | ---- | M] () -- C:\Users\ASUS\Desktop\AdwCleaner.exe
[2016.04.22 09:57:44 | 000,374,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2016.04.15 21:41:31 | 000,667,160 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.04.15 21:41:31 | 000,652,686 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.04.15 21:41:31 | 000,140,306 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.04.15 21:41:31 | 000,121,088 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.04.08 13:04:24 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2016.04.26 19:36:57 | 000,001,930 | ---- | C] () -- C:\Users\ASUS\Desktop\CrystalDiskInfo.lnk
[2016.04.25 16:33:58 | 000,032,768 | ---- | C] () -- C:\Users\ASUS\Desktop\memtest.exe
[2016.04.25 12:52:14 | 000,000,512 | ---- | C] () -- C:\Users\ASUS\Desktop\MBR.dat
[2016.04.24 00:28:48 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2016.04.24 00:06:48 | 001,309,184 | ---- | C] () -- C:\Users\ASUS\Desktop\zoek.exe
[2016.04.23 22:35:46 | 000,024,688 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2016.04.23 19:53:55 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016.04.23 19:47:40 | 003,683,904 | ---- | C] () -- C:\Users\ASUS\Desktop\AdwCleaner.exe
[2014.10.22 13:51:04 | 000,000,112 | ---- | C] () -- C:\Windows\System32\winopsys.dat
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.20 23:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.10.08 16:45:55 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\DAEMON Tools Lite
[2016.04.23 11:03:01 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\IObit
[2015.02.01 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\java
[2014.07.31 23:23:32 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TeamViewer
[2015.02.02 17:11:17 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2014.08.31 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Unity
[2015.05.21 08:50:24 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\uTorrent
[2016.04.23 10:45:32 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ViberPC
========== Purity Check ==========
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,08% Memory free
3,98 Gb Paging File | 3,26 Gb Available in Paging File | 81,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 52,98 Gb Free Space | 71,10% Space Free | Partition Type: NTFS
Drive D: | 64,76 Gb Total Space | 63,21 Gb Free Space | 97,60% Space Free | Partition Type: NTFS
Computer Name: ASUS-NTB | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\ASUS\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\CCleaner\Lang\lang-1029.dll ()
========== Services (SafeList) ==========
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
O1 HOSTS File: ([2016.04.25 12:44:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 176.62.225.2 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{778DCEEA-DCCC-4124-A66D-F1F6110DE7A2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCEA33DD-8166-4C72-BE6F-FEB4BEF698A3}: DhcpNameServer = 176.62.225.2 8.8.8.8
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016.04.26 21:59:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2016.04.26 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2016.04.26 19:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2016.04.25 16:28:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.04.25 16:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2016.04.25 12:47:33 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2016.04.25 12:43:29 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\temp
[2016.04.24 11:18:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2016.04.24 00:12:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\CrashDumps
[2016.04.24 00:10:32 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2016.04.23 22:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016.04.23 22:29:36 | 001,610,008 | ---- | C] (Malwarebytes) -- C:\Users\ASUS\Desktop\JRT.exe
[2016.04.23 19:54:30 | 000,170,200 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2016.04.23 19:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016.04.23 19:53:40 | 000,126,336 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2016.04.23 19:53:40 | 000,053,120 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2016.04.23 19:53:40 | 000,024,448 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2016.04.23 19:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2016.04.23 19:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016.04.23 19:49:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.04.23 19:47:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Adobe
[2016.04.23 11:03:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\IObit
[2016.04.21 07:55:29 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Viber
========== Files - Modified Within 30 Days ==========
[2016.04.26 21:59:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2016.04.26 19:36:57 | 000,001,930 | ---- | M] () -- C:\Users\ASUS\Desktop\CrystalDiskInfo.lnk
[2016.04.26 19:35:14 | 000,026,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.04.26 19:35:14 | 000,026,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.04.26 19:28:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.04.26 19:27:56 | 1603,723,264 | -HS- | M] () -- C:\hiberfil.sys
[2016.04.25 12:52:14 | 000,000,512 | ---- | M] () -- C:\Users\ASUS\Desktop\MBR.dat
[2016.04.25 12:44:45 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2016.04.24 00:10:57 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2016.04.24 00:06:59 | 001,309,184 | ---- | M] () -- C:\Users\ASUS\Desktop\zoek.exe
[2016.04.23 23:47:10 | 000,024,688 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2016.04.23 22:29:51 | 001,610,008 | ---- | M] (Malwarebytes) -- C:\Users\ASUS\Desktop\JRT.exe
[2016.04.23 19:54:57 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2016.04.23 19:53:55 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016.04.23 19:47:49 | 003,683,904 | ---- | M] () -- C:\Users\ASUS\Desktop\AdwCleaner.exe
[2016.04.22 09:57:44 | 000,374,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2016.04.15 21:41:31 | 000,667,160 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.04.15 21:41:31 | 000,652,686 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.04.15 21:41:31 | 000,140,306 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.04.15 21:41:31 | 000,121,088 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.04.08 13:04:24 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2016.04.26 19:36:57 | 000,001,930 | ---- | C] () -- C:\Users\ASUS\Desktop\CrystalDiskInfo.lnk
[2016.04.25 16:33:58 | 000,032,768 | ---- | C] () -- C:\Users\ASUS\Desktop\memtest.exe
[2016.04.25 12:52:14 | 000,000,512 | ---- | C] () -- C:\Users\ASUS\Desktop\MBR.dat
[2016.04.24 00:28:48 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2016.04.24 00:06:48 | 001,309,184 | ---- | C] () -- C:\Users\ASUS\Desktop\zoek.exe
[2016.04.23 22:35:46 | 000,024,688 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2016.04.23 19:53:55 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016.04.23 19:47:40 | 003,683,904 | ---- | C] () -- C:\Users\ASUS\Desktop\AdwCleaner.exe
[2014.10.22 13:51:04 | 000,000,112 | ---- | C] () -- C:\Windows\System32\winopsys.dat
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.20 23:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.10.08 16:45:55 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\DAEMON Tools Lite
[2016.04.23 11:03:01 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\IObit
[2015.02.01 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\java
[2014.07.31 23:23:32 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TeamViewer
[2015.02.02 17:11:17 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2014.08.31 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Unity
[2015.05.21 08:50:24 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\uTorrent
[2016.04.23 10:45:32 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ViberPC
========== Purity Check ==========
< End of report >
CPU: Intel Core i7 4790
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
Re: Prosím o kontrolu-pomalý ntb
OTL Extras logfile created on: 26.4.2016 22:01:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,08% Memory free
3,98 Gb Paging File | 3,26 Gb Available in Paging File | 81,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 52,98 Gb Free Space | 71,10% Space Free | Partition Type: NTFS
Drive D: | 64,76 Gb Total Space | 63,21 Gb Free Space | 97,60% Space Free | Partition Type: NTFS
Computer Name: ASUS-NTB | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15D84DC1-F9CA-4AD5-A44D-4C0F0EB78469}" = lport=445 | protocol=6 | dir=in | app=system |
"{18CCBDEE-F440-4F63-9419-37AABB79A074}" = rport=445 | protocol=6 | dir=out | app=system |
"{2565E6BA-300B-47A9-8A5F-FC8BBDD5F94D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{297A20C0-B383-4A09-9597-CD2777B13BBE}" = lport=139 | protocol=6 | dir=in | app=system |
"{45F14E0B-07A7-49E0-9B0F-91F52356A295}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CBE6206-707A-4C44-9421-AA30D39BD561}" = rport=139 | protocol=6 | dir=out | app=system |
"{702ADC2F-A417-40D0-9802-F41AF47082E3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{88021894-CABD-4C1C-9F68-E0F2EF74809A}" = rport=137 | protocol=17 | dir=out | app=system |
"{BEF356BC-248C-4E17-BF51-BA15306DDB0C}" = lport=137 | protocol=17 | dir=in | app=system |
"{C76D6CDD-98E3-499B-8E60-1B74F4DE0DAB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C8760DCB-F37B-47E3-B900-8701CF6A98C1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{CF806783-F2C4-452A-9CF5-03A012DC63F6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E7D86CDC-0EB7-4D69-9D81-0FB6CDB43C31}" = rport=138 | protocol=17 | dir=out | app=system |
"{F0244040-975C-44CD-B317-457F4DE6E590}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4836FCE-9713-4DCA-AE8A-00D406239CEE}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{35E22AE5-589F-473C-89D3-12C0EED27023}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{535D56AF-A69D-4474-8B12-EF782EA01931}" = dir=in | app=c:\users\asus\appdata\local\viber\viber.exe |
"{5ED7F0C9-B08F-45F5-8C33-1AADBD1A9695}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B92F081-D7C3-407C-BA40-EBC74C70EE2E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AA193956-F954-4BF3-A737-C223632D11E9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BE875587-36D3-4B43-A58D-0EBDD3D9CD82}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe |
"{DB4AF013-CF0E-4BA4-BFEA-EF3E36135800}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe |
"{FDDC1F44-0C0E-4C4A-9D8D-B4D4E4B8A391}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{295558E2-4C7B-4A62-9480-DF95D563190C}C:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg" = protocol=6 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg |
"TCP Query User{36B00C17-1146-4FAD-A286-B88FFD1B9EB8}C:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg" = protocol=6 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg |
"TCP Query User{E7CF42E9-8A32-491D-B6EE-FCB1AA16B1FF}C:\users\asus\desktop\aplikace\etacidnys new\eg.exe" = protocol=6 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.exe |
"UDP Query User{A90AF8FC-D8FF-4458-84D5-D802391A62C6}C:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg" = protocol=17 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg |
"UDP Query User{F3EA4A31-6910-4BEA-A1F9-D14553FF3917}C:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg" = protocol=17 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg |
"UDP Query User{F729B128-AB6C-44D6-A717-19E4B0EB7EDD}C:\users\asus\desktop\aplikace\etacidnys new\eg.exe" = protocol=17 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59D268DF-CCA9-44C5-8F96-2E51BB34C829}" = Microsoft Security Client
"{59DB38EB-F864-4E10-841D-38CFBCF864B0}" = Intel(R) Driver Update Utility 2.0
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{90140000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{CF2FF2C3-3013-33E4-8413-92090A340FE1}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.8.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON Scanner" = EPSON Scan
"EPSON SX130 Series" = EPSON SX130 Series Printer Uninstall
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IObitUninstall" = IObit Uninstaller
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.WORD" = Microsoft Word 2010
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Viber" = Viber
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.4.2016 18:11:54 | Computer Name = ASUS-NTB | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko:
0x540c90b2 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x003b2822 ID chybujícího procesu: 0x424 Čas spuštění
chybující aplikace: 0x01d19dad1fc77214 Cesta k chybující aplikaci: C:\Users\ASUS\AppData\Local\Temp\DaS_21.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 6263f7a6-09a0-11e6-91ab-00235486b4b2
Error - 23.4.2016 18:31:26 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 24.4.2016 5:17:02 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 24.4.2016 5:33:15 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 24.4.2016 5:53:40 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 25.4.2016 6:28:08 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 25.4.2016 6:46:13 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 25.4.2016 10:28:14 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 25.4.2016 10:33:58 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 26.4.2016 13:29:47 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 23.5.2014 13:55:19 | Computer Name = ASUS-NTB | Source = MCUpdate | ID = 0
Description = 19:55:18 - Chyba při připojování k Internetu 19:55:18 - Nelze kontaktovat
server..
Error - 23.5.2014 15:55:02 | Computer Name = ASUS-NTB | Source = MCUpdate | ID = 0
Description = 21:55:02 - Chyba při připojování k Internetu 21:55:02 - Nelze kontaktovat
server..
Error - 24.5.2014 6:42:40 | Computer Name = ASUS-NTB | Source = MCUpdate | ID = 0
Description = 12:42:39 - Chyba při připojování k Internetu 12:42:40 - Nelze kontaktovat
server..
Error - 24.5.2014 8:44:45 | Computer Name = ASUS-NTB | Source = MCUpdate | ID = 0
Description = 14:44:44 - Chyba při připojování k Internetu 14:44:45 - Nelze kontaktovat
server..
[ System Events ]
Error - 23.4.2016 18:25:37 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 23.4.2016 18:25:38 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 24.4.2016 5:23:46 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 24.4.2016 5:26:13 | Computer Name = ASUS-NTB | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.217.2148.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.12603.0 Kód chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k
neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi
naleznete v nápovědě a podpoře.
Error - 24.4.2016 5:27:14 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 24.4.2016 5:31:39 | Computer Name = ASUS-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (11:30:07, ?24.?4.?2016) bylo neočekávané.
Error - 25.4.2016 6:36:12 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 25.4.2016 6:39:53 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 25.4.2016 6:40:57 | Computer Name = ASUS-NTB | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.217.2220.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.12603.0 Kód chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k
neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi
naleznete v nápovědě a podpoře.
Error - 25.4.2016 6:44:27 | Computer Name = ASUS-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (12:43:14, ?25.?4.?2016) bylo neočekávané.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,08% Memory free
3,98 Gb Paging File | 3,26 Gb Available in Paging File | 81,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 52,98 Gb Free Space | 71,10% Space Free | Partition Type: NTFS
Drive D: | 64,76 Gb Total Space | 63,21 Gb Free Space | 97,60% Space Free | Partition Type: NTFS
Computer Name: ASUS-NTB | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15D84DC1-F9CA-4AD5-A44D-4C0F0EB78469}" = lport=445 | protocol=6 | dir=in | app=system |
"{18CCBDEE-F440-4F63-9419-37AABB79A074}" = rport=445 | protocol=6 | dir=out | app=system |
"{2565E6BA-300B-47A9-8A5F-FC8BBDD5F94D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{297A20C0-B383-4A09-9597-CD2777B13BBE}" = lport=139 | protocol=6 | dir=in | app=system |
"{45F14E0B-07A7-49E0-9B0F-91F52356A295}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CBE6206-707A-4C44-9421-AA30D39BD561}" = rport=139 | protocol=6 | dir=out | app=system |
"{702ADC2F-A417-40D0-9802-F41AF47082E3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{88021894-CABD-4C1C-9F68-E0F2EF74809A}" = rport=137 | protocol=17 | dir=out | app=system |
"{BEF356BC-248C-4E17-BF51-BA15306DDB0C}" = lport=137 | protocol=17 | dir=in | app=system |
"{C76D6CDD-98E3-499B-8E60-1B74F4DE0DAB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C8760DCB-F37B-47E3-B900-8701CF6A98C1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{CF806783-F2C4-452A-9CF5-03A012DC63F6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E7D86CDC-0EB7-4D69-9D81-0FB6CDB43C31}" = rport=138 | protocol=17 | dir=out | app=system |
"{F0244040-975C-44CD-B317-457F4DE6E590}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4836FCE-9713-4DCA-AE8A-00D406239CEE}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{35E22AE5-589F-473C-89D3-12C0EED27023}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{535D56AF-A69D-4474-8B12-EF782EA01931}" = dir=in | app=c:\users\asus\appdata\local\viber\viber.exe |
"{5ED7F0C9-B08F-45F5-8C33-1AADBD1A9695}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B92F081-D7C3-407C-BA40-EBC74C70EE2E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AA193956-F954-4BF3-A737-C223632D11E9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BE875587-36D3-4B43-A58D-0EBDD3D9CD82}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe |
"{DB4AF013-CF0E-4BA4-BFEA-EF3E36135800}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe |
"{FDDC1F44-0C0E-4C4A-9D8D-B4D4E4B8A391}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{295558E2-4C7B-4A62-9480-DF95D563190C}C:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg" = protocol=6 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg |
"TCP Query User{36B00C17-1146-4FAD-A286-B88FFD1B9EB8}C:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg" = protocol=6 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg |
"TCP Query User{E7CF42E9-8A32-491D-B6EE-FCB1AA16B1FF}C:\users\asus\desktop\aplikace\etacidnys new\eg.exe" = protocol=6 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.exe |
"UDP Query User{A90AF8FC-D8FF-4458-84D5-D802391A62C6}C:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg" = protocol=17 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg |
"UDP Query User{F3EA4A31-6910-4BEA-A1F9-D14553FF3917}C:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg" = protocol=17 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.dlleg |
"UDP Query User{F729B128-AB6C-44D6-A717-19E4B0EB7EDD}C:\users\asus\desktop\aplikace\etacidnys new\eg.exe" = protocol=17 | dir=in | app=c:\users\asus\desktop\aplikace\etacidnys new\eg.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59D268DF-CCA9-44C5-8F96-2E51BB34C829}" = Microsoft Security Client
"{59DB38EB-F864-4E10-841D-38CFBCF864B0}" = Intel(R) Driver Update Utility 2.0
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{90140000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{CF2FF2C3-3013-33E4-8413-92090A340FE1}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.8.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON Scanner" = EPSON Scan
"EPSON SX130 Series" = EPSON SX130 Series Printer Uninstall
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IObitUninstall" = IObit Uninstaller
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.WORD" = Microsoft Word 2010
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Viber" = Viber
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.4.2016 18:11:54 | Computer Name = ASUS-NTB | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko:
0x540c90b2 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x003b2822 ID chybujícího procesu: 0x424 Čas spuštění
chybující aplikace: 0x01d19dad1fc77214 Cesta k chybující aplikaci: C:\Users\ASUS\AppData\Local\Temp\DaS_21.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 6263f7a6-09a0-11e6-91ab-00235486b4b2
Error - 23.4.2016 18:31:26 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 24.4.2016 5:17:02 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 24.4.2016 5:33:15 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 24.4.2016 5:53:40 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 25.4.2016 6:28:08 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 25.4.2016 6:46:13 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 25.4.2016 10:28:14 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 25.4.2016 10:33:58 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
Error - 26.4.2016 13:29:47 | Computer Name = ASUS-NTB | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 23.5.2014 13:55:19 | Computer Name = ASUS-NTB | Source = MCUpdate | ID = 0
Description = 19:55:18 - Chyba při připojování k Internetu 19:55:18 - Nelze kontaktovat
server..
Error - 23.5.2014 15:55:02 | Computer Name = ASUS-NTB | Source = MCUpdate | ID = 0
Description = 21:55:02 - Chyba při připojování k Internetu 21:55:02 - Nelze kontaktovat
server..
Error - 24.5.2014 6:42:40 | Computer Name = ASUS-NTB | Source = MCUpdate | ID = 0
Description = 12:42:39 - Chyba při připojování k Internetu 12:42:40 - Nelze kontaktovat
server..
Error - 24.5.2014 8:44:45 | Computer Name = ASUS-NTB | Source = MCUpdate | ID = 0
Description = 14:44:44 - Chyba při připojování k Internetu 14:44:45 - Nelze kontaktovat
server..
[ System Events ]
Error - 23.4.2016 18:25:37 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 23.4.2016 18:25:38 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 24.4.2016 5:23:46 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 24.4.2016 5:26:13 | Computer Name = ASUS-NTB | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.217.2148.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.12603.0 Kód chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k
neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi
naleznete v nápovědě a podpoře.
Error - 24.4.2016 5:27:14 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 24.4.2016 5:31:39 | Computer Name = ASUS-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (11:30:07, ?24.?4.?2016) bylo neočekávané.
Error - 25.4.2016 6:36:12 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 25.4.2016 6:39:53 | Computer Name = ASUS-NTB | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 25.4.2016 6:40:57 | Computer Name = ASUS-NTB | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.217.2220.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.12603.0 Kód chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k
neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi
naleznete v nápovědě a podpoře.
Error - 25.4.2016 6:44:27 | Computer Name = ASUS-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (12:43:14, ?25.?4.?2016) bylo neočekávané.
< End of report >
CPU: Intel Core i7 4790
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
GPU: MSI NVIDIA GTX 1060 6 GB
RAM: Kingston HyperX Fury 2x8 GB
SSD : Crucial MX100 - 128GB
MB: ASRock Fatal1ty B85 Killer - Intel B85
PSU: Seasonic M12II-620W
CASE: Zalman Z11 Plus
Windows 10 Home 64 Bit
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 70 hostů