Preventivní kontrola - zpomalené PC

[Márty84]

Proc jste tam tu 1. cast daval 3x? Smaznul jsem to.


Najdete tento soubor C:\Users\Aleš\AppData\Roaming\Injector.exe a otestujte ho na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4204834074-59371053-2892247922-1000\..\SearchScopes\{AB61E89B-F140-47C1-8FA6-DA15AAB6E072}: "URL" = http://www.mysearchresults.com/search?&c=2652&t=03&q={searchTerms}
O3 - HKU\S-1-5-21-4204834074-59371053-2892247922-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4204834074-59371053-2892247922-1000\..\Toolbar\WebBrowser: (no name) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4204834074-59371053-2892247922-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-4204834074-59371053-2892247922-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4204834074-59371053-2892247922-1001\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4204834074-59371053-2892247922-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4204834074-59371053-2892247922-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4204834074-59371053-2892247922-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013.02.17 15:10:14 | 000,000,450 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for Aleš.job
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[15 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\124a447bb4093d6ddf2d2c374ba1d895\*.tmp files -> C:\Windows\SoftwareDistribution\Download\124a447bb4093d6ddf2d2c374ba1d895\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\189e3a2221d714f740d20d570654bd3d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\189e3a2221d714f740d20d570654bd3d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\45bd45d1a582efcc6ca9a14d98ee11b2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\45bd45d1a582efcc6ca9a14d98ee11b2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5ef31d28d04e27c764f5430cbe7f7d62\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5ef31d28d04e27c764f5430cbe7f7d62\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\61f858b96c5d63eaa9c4c8d453dfc25a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\61f858b96c5d63eaa9c4c8d453dfc25a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6fe84d7c916a54bb3f1349413404e64a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6fe84d7c916a54bb3f1349413404e64a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\78414749316425830b51fd73dfc9852c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\78414749316425830b51fd73dfc9852c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\af21406f1e4c3508bd0f39fcba709c92\*.tmp files -> C:\Windows\SoftwareDistribution\Download\af21406f1e4c3508bd0f39fcba709c92\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[eXclusive]

https://www.virustotal.com/cs/file/3a12 ... 362340188/

[eXclusive]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Aleš
->Temp folder emptied: 10849846 bytes
->Temporary Internet Files folder emptied: 392281 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 58161619 bytes
->Flash cache emptied: 492 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25062 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 66,00 mb


[EMPTYFLASH]

User: Aleš
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AB61E89B-F140-47C1-8FA6-DA15AAB6E072}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB61E89B-F140-47C1-8FA6-DA15AAB6E072}\ not found.
Registry value HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7473B6BD-4691-4744-A82B-7854EB3D70B6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}\ not found.
Registry value HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ not found.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dell.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4204834074-59371053-2892247922-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\Tasks\Norton Security Scan for Aleš.job moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP231A.tmp\System.Workflow.ComponentModel.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP231A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23D6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5EA3.tmp\PresentationCore.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5EA3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5F7D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP657.tmp\PresentationCore.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP657.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP76F.tmp\System.Data.Entity.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP76F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7EE0.tmp\PresentationCore.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7EE0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC3DB.tmp\System.Web.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC3DB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD0B.tmp\System.Workflow.ComponentModel.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD0B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE88A.tmp\System.Design.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE88A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP109.tmp\System.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP109.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP146A.tmp\Microsoft.MediaCenter.UI.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP146A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2387.tmp\System.Management.Automation.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2387.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP31AA.tmp\System.ServiceModel.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP31AA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP444.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP44DC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP513B.tmp\Microsoft.JScript.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP513B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7139.tmp\System.Management.Automation.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7139.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP85F2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAD40.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBCF8.tmp\System.Windows.Forms.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBCF8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDD06.tmp\Microsoft.PowerShell.Editor.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDD06.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI2F3A.tmp deleted successfully.
C:\Windows\Installer\MSIB65C.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\124a447bb4093d6ddf2d2c374ba1d895\BIT6ACB.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\189e3a2221d714f740d20d570654bd3d\BIT673F.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\45bd45d1a582efcc6ca9a14d98ee11b2\BIT6992.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\5ef31d28d04e27c764f5430cbe7f7d62\BIT6616.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\61f858b96c5d63eaa9c4c8d453dfc25a\BIT6888.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\6fe84d7c916a54bb3f1349413404e64a\BIT650C.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\78414749316425830b51fd73dfc9852c\BIT6113.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\af21406f1e4c3508bd0f39fcba709c92\BIT6BD5.tmp deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03032013_205156

Files\Folders moved on Reboot...
C:\Users\Aleš\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\_avast_\unp131667796.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Pokud tam ten soubor nemate schvalne, smazte ho. Jestli se bude branit, napiste, odpalime ho silou.



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[eXclusive]

Ten soubor tam nemám schválně a smazat taky nejde.

Log:

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ComboFix 13-03-03.01 - Aleš 03.03.2013 21:18:00.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3990.2405 [GMT 1:00]
Spuštěný z: c:\users\AleÜ\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Aleš\AppData\Roaming\Injector.exe
c:\users\Aleš\AppData\Roaming\Microsoft\Windows\Recent\Saints Row The Third.url
c:\users\Public\sdelevURL.tmp
c:\windows\cscmondump.bin
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-03 do 2013-03-03 )))))))))))))))))))))))))))))))
.
.
2013-03-03 20:21 . 2013-03-03 20:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-03 20:21 . 2013-03-03 20:21 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-03-03 20:21 . 2013-03-03 20:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-03 19:51 . 2013-03-03 19:51 -------- d-----w- C:\_OTL
2013-03-03 17:30 . 2013-03-03 18:49 512 ----a-w- C:\PhysicalMBR.bin
2013-03-03 14:26 . 2013-03-03 14:26 -------- d-----w- c:\users\Aleš\AppData\Local\ElevatedDiagnostics
2013-03-03 13:31 . 2013-03-03 13:31 -------- d-----w- C:\rsit
2013-03-03 09:10 . 2013-03-03 20:00 -------- d-----w- c:\program files (x86)\Steam
2013-03-01 12:03 . 2013-03-01 12:03 -------- d-----w- c:\program files\Defraggler
2013-03-01 11:59 . 2013-03-01 11:59 -------- d-----w- c:\program files\CCleaner
2013-03-01 11:31 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B6F86912-B2FE-45DC-8D19-45CA76801221}\mpengine.dll
2013-02-27 19:39 . 2013-03-03 13:31 -------- d-----w- c:\program files\trend micro
2013-02-25 17:00 . 2013-02-25 17:00 -------- d-----w- c:\users\Aleš\AppData\Roaming\Unity
2013-02-25 16:49 . 2013-03-03 11:10 -------- d-----w- c:\users\Aleš\AppData\Local\Unity
2013-02-25 13:43 . 2013-02-25 13:43 -------- d-----w- c:\users\Aleš\.swt
2013-02-24 15:32 . 2013-02-24 15:32 -------- d-----w- c:\users\Aleš\AppData\Roaming\Malwarebytes
2013-02-22 15:37 . 2013-02-26 20:23 -------- d-----w- c:\program files\WinRAR
2013-02-19 11:56 . 2013-02-22 12:07 -------- d-----w- c:\users\Aleš\AppData\Local\CrashDumps
2013-02-18 22:42 . 2013-02-24 16:59 -------- d-----w- c:\program files (x86)\VideoLAN
2013-02-18 22:30 . 2013-02-18 22:30 -------- d-----w- c:\users\Aleš\AppData\Roaming\TechSmith
2013-02-18 22:30 . 2013-02-18 22:30 -------- d-----w- c:\users\Aleš\AppData\Local\TechSmith
2013-02-18 20:42 . 2013-02-18 20:42 -------- d-----w- c:\users\Aleš\AppData\Local\FlvtoConverter
2013-02-18 20:42 . 2013-02-18 20:43 -------- d-----w- c:\users\Aleš\AppData\Roaming\FlvtoConverter
2013-02-18 20:36 . 2012-01-20 13:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-02-18 20:36 . 2013-02-19 14:02 -------- d-----w- c:\users\Aleš\AppData\Roaming\systweak
2013-02-18 12:43 . 2013-02-22 11:43 -------- d-----w- c:\users\Aleš\AppData\Local\Flvto Converter
2013-02-18 09:36 . 2013-02-18 09:36 -------- d-----w- c:\users\Aleš\AppData\Roaming\Publish Providers
2013-02-18 09:26 . 2013-02-22 11:35 -------- d-----w- c:\users\Aleš\AppData\Local\Sony
2013-02-18 09:26 . 2013-02-18 09:26 -------- d-----w- c:\windows\SysWow64\spool
2013-02-18 09:16 . 2013-02-18 09:40 -------- d-----w- c:\users\Aleš\AppData\Roaming\Sony
2013-02-18 08:02 . 2013-02-22 11:49 -------- d-----w- c:\users\Aleš\AppData\Roaming\Seznam.cz
2013-02-17 20:08 . 2013-02-17 20:17 -------- d-----w- c:\users\Aleš\AppData\Roaming\Ulozto File Manager
2013-02-17 14:22 . 2013-03-03 11:10 -------- d-----w- c:\users\Aleš\AppData\Roaming\BitTorrent
2013-02-17 14:10 . 2013-02-17 14:10 -------- d-----w- c:\programdata\Symantec
2013-02-17 14:10 . 2013-02-17 14:10 -------- d-----w- c:\windows\system32\drivers\NSSx64
2013-02-16 11:54 . 2013-02-22 12:03 -------- d-----w- c:\users\Aleš\AppData\Roaming\GlarySoft
2013-02-16 11:51 . 2013-02-16 11:51 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-02-16 11:51 . 2013-02-16 11:51 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-02-16 10:58 . 2013-02-16 10:58 955888 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-16 10:58 . 2013-02-16 10:58 839152 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-16 10:45 . 2013-02-16 10:45 455680 ----a-w- c:\windows\system32\deploytk.dll
2013-02-16 10:09 . 2013-02-16 10:08 410984 ----a-w- c:\windows\SysWow64\deploytk.dll
2013-02-15 14:28 . 2013-02-15 14:28 -------- d-----w- c:\users\Aleš\AppData\Roaming\Apple Computer
2013-02-15 12:29 . 2013-02-15 12:29 -------- d-----w- c:\users\Aleš\AppData\Roaming\logs
2013-02-13 15:41 . 2013-02-13 15:41 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 15:41 . 2013-02-13 15:41 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 15:41 . 2013-02-13 15:41 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 15:41 . 2013-02-13 15:41 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 15:41 . 2013-02-13 15:41 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 15:36 . 2013-02-13 15:36 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 15:36 . 2013-02-13 15:36 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 15:34 . 2013-02-13 15:34 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 15:34 . 2013-02-13 15:34 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 15:34 . 2013-02-13 15:34 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 15:34 . 2013-02-13 15:34 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 15:34 . 2013-02-13 15:34 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 15:34 . 2013-02-13 15:34 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 15:34 . 2013-02-13 15:34 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 00:26 . 2013-02-13 00:26 28544 ----a-w- c:\windows\system32\xfcodec64.dll
2013-02-10 12:30 . 2013-02-10 12:30 -------- d--h--r- c:\users\Aleš\AppData\Roaming\SecuROM
2013-02-08 17:00 . 2013-02-08 17:00 -------- d-----w- c:\users\Aleš\AppData\Local\Vitalwerks
2013-02-08 16:31 . 2012-10-26 18:01 237400 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-02-08 16:31 . 2012-10-26 17:59 119640 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-02-06 21:25 . 2009-07-10 11:33 1589248 ----a-w- c:\windows\SysWow64\libmysql_d.dll
2013-02-06 18:53 . 2013-02-06 18:53 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2013-02-02 11:33 . 2013-02-02 11:33 -------- d-----w- c:\users\Aleš\AppData\Local\Razer
2013-02-02 09:55 . 2012-10-12 18:09 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-02-02 08:51 . 2013-02-02 08:56 -------- d-----w- c:\users\Aleš\AppData\Roaming\Solveig Multimedia
2013-02-02 08:32 . 2013-02-02 08:32 -------- d-----w- c:\program files (x86)\Common Files\Solveig Multimedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 19:59 . 2012-10-26 11:04 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 19:59 . 2012-10-26 11:04 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-18 14:12 . 2012-11-15 17:43 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-02-18 14:12 . 2012-11-15 17:43 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-14 13:18 . 2012-10-26 09:11 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-13 15:34 . 2013-02-13 15:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-19 19:00 . 2013-01-19 18:20 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2012-12-29 10:34 . 2013-01-20 16:02 958272 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-12-29 10:34 . 2013-01-20 16:02 9389888 ----a-w- c:\windows\system32\nvcuda.dll
2012-12-29 10:34 . 2013-01-20 16:02 7931896 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-12-29 10:34 . 2013-01-20 16:02 7565240 ----a-w- c:\windows\system32\nvopencl.dll
2012-12-29 10:34 . 2013-01-20 16:02 6263784 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-12-29 10:34 . 2013-01-20 16:02 30648 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-12-29 10:34 . 2013-01-20 16:02 2904504 ----a-w- c:\windows\system32\nvcuvid.dll
2012-12-29 10:34 . 2013-01-20 16:02 284600 ----a-w- c:\windows\system32\drivers\nvkflt.sys
2012-12-29 10:34 . 2013-01-20 16:02 2720696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-12-29 10:34 . 2013-01-20 16:02 26931128 ----a-w- c:\windows\system32\nvoglv64.dll
2012-12-29 10:34 . 2013-01-20 16:02 25256376 ----a-w- c:\windows\system32\nvcompiler.dll
2012-12-29 10:34 . 2013-01-20 16:02 246024 ----a-w- c:\windows\system32\nvinitx.dll
2012-12-29 10:34 . 2013-01-20 16:02 2344888 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-12-29 10:34 . 2013-01-20 16:02 20450232 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-12-29 10:34 . 2013-01-20 16:02 1985976 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-12-29 10:34 . 2013-01-20 16:02 18054312 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-12-29 10:34 . 2013-01-20 16:02 17560504 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-12-29 10:34 . 2013-01-20 16:02 15129064 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-12-29 10:34 . 2013-01-20 16:02 15052368 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-12-29 10:34 . 2013-01-20 16:02 12641120 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-12-29 10:34 . 2013-01-20 16:02 10997176 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-12-29 10:34 . 2012-10-08 09:42 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 10:34 . 2012-10-08 09:42 2504248 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-12-29 10:34 . 2012-10-08 09:42 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-10-08 09:42 201728 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-12-29 10:34 . 2012-10-08 09:42 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-08 09:42 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 08:40 . 2012-10-26 08:55 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-10-26 08:55 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-10-26 08:55 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-10-26 08:55 997816 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-29 08:40 . 2012-10-26 08:55 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-10-26 08:55 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-10-26 08:55 55736 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-29 08:40 . 2012-10-26 08:55 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2012-10-26 08:55 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-29 01:54 . 2012-12-29 01:54 550328 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-12-25 18:32 . 2012-10-29 22:38 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-16 17:11 . 2012-12-25 15:55 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-25 15:55 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-25 15:55 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-25 15:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 16:28 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 16:28 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 16:28 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 16:28 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 16:28 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 16:28 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 16:28 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 16:28 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 16:28 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 16:28 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 16:28 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 16:28 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 16:28 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 16:28 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 16:28 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 16:28 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 16:28 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 16:28 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 16:28 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 16:28 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 16:28 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 16:28 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 16:28 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 16:28 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 16:28 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 16:28 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 16:28 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 16:28 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 16:28 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 16:28 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 16:28 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 16:28 51712 ----a-w- c:\windows\SysWow64\esrb.rs
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Antamedia DBServer AsService"=
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-05-31 717952]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-08-09 35256]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 66328]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MsgPlusDriver;Messenger Plus! Virtual Camera;c:\windows\system32\DRIVERS\MsgPlusDriver.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-25 272688]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-15 40712]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\system32\DRIVERS\usb3Hub.sys [2012-08-09 48096]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-26 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\system32\DRIVERS\XHCIPort.sys [2012-08-09 188384]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-29 30648]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-12-29 284600]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-03 983104]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-11-04 58128]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2010-10-19 274432]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2010-11-04 59904]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-08-09 25528]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-13 95744]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-13 212992]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-02 29288]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2012-08-09 42392]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-23 14:59 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page =
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Bugatti Veyron Mod]
"Install Dir"="c:\\Program Files (x86)\\EA Games\\Need for Speed Most Wanted\\CARS"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Cop Hummer H3 Mod]
"Install Dir"="c:\\Program Files (x86)\\EA GAMES\\Need for Speed Most Wanted"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-03-03 21:25:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-03 20:25
.
Před spuštěním: Volných bajtů: 435 298 267 136
Po spuštění: Volných bajtů: 434 840 064 000
.
- - End Of File - - 904BD5F388538B3C43AA0F2130DF2630

[Márty84]

Tak toho smejda odstranil CF sam



Presunte ComboFix primo na disk C (takze cesta k nemu bude c:\ComboFix.exe )
Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Folder::
c:\programdata\Symantec

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Bugatti Veyron Mod]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Cop Hummer H3 Mod]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte take primo na C (takze cesta k nemu bude c:\CFScript.txt ).
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[eXclusive]

ComboFix 13-03-03.01 - Aleš 04.03.2013 15:15:52.7.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3990.2672 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-04 do 2013-03-04 )))))))))))))))))))))))))))))))
.
.
2013-03-04 14:18 . 2013-03-04 14:18 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-04 14:18 . 2013-03-04 14:18 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-03-04 14:18 . 2013-03-04 14:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-03 19:51 . 2013-03-03 19:51 -------- d-----w- C:\_OTL
2013-03-03 17:30 . 2013-03-03 18:49 512 ----a-w- C:\PhysicalMBR.bin
2013-03-03 14:26 . 2013-03-03 14:26 -------- d-----w- c:\users\Aleš\AppData\Local\ElevatedDiagnostics
2013-03-03 13:31 . 2013-03-03 13:31 -------- d-----w- C:\rsit
2013-03-03 09:10 . 2013-03-03 22:08 -------- d-----w- c:\program files (x86)\Steam
2013-03-01 12:03 . 2013-03-01 12:03 -------- d-----w- c:\program files\Defraggler
2013-03-01 11:59 . 2013-03-01 11:59 -------- d-----w- c:\program files\CCleaner
2013-03-01 11:31 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B6F86912-B2FE-45DC-8D19-45CA76801221}\mpengine.dll
2013-02-27 19:39 . 2013-03-03 13:31 -------- d-----w- c:\program files\trend micro
2013-02-25 17:00 . 2013-02-25 17:00 -------- d-----w- c:\users\Aleš\AppData\Roaming\Unity
2013-02-25 16:49 . 2013-03-03 11:10 -------- d-----w- c:\users\Aleš\AppData\Local\Unity
2013-02-25 13:43 . 2013-02-25 13:43 -------- d-----w- c:\users\Aleš\.swt
2013-02-24 15:32 . 2013-02-24 15:32 -------- d-----w- c:\users\Aleš\AppData\Roaming\Malwarebytes
2013-02-22 15:37 . 2013-02-26 20:23 -------- d-----w- c:\program files\WinRAR
2013-02-19 11:56 . 2013-02-22 12:07 -------- d-----w- c:\users\Aleš\AppData\Local\CrashDumps
2013-02-18 22:42 . 2013-02-24 16:59 -------- d-----w- c:\program files (x86)\VideoLAN
2013-02-18 22:30 . 2013-02-18 22:30 -------- d-----w- c:\users\Aleš\AppData\Roaming\TechSmith
2013-02-18 22:30 . 2013-02-18 22:30 -------- d-----w- c:\users\Aleš\AppData\Local\TechSmith
2013-02-18 20:42 . 2013-02-18 20:42 -------- d-----w- c:\users\Aleš\AppData\Local\FlvtoConverter
2013-02-18 20:42 . 2013-02-18 20:43 -------- d-----w- c:\users\Aleš\AppData\Roaming\FlvtoConverter
2013-02-18 20:36 . 2012-01-20 13:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-02-18 20:36 . 2013-02-19 14:02 -------- d-----w- c:\users\Aleš\AppData\Roaming\systweak
2013-02-18 12:43 . 2013-02-22 11:43 -------- d-----w- c:\users\Aleš\AppData\Local\Flvto Converter
2013-02-18 09:36 . 2013-02-18 09:36 -------- d-----w- c:\users\Aleš\AppData\Roaming\Publish Providers
2013-02-18 09:26 . 2013-02-22 11:35 -------- d-----w- c:\users\Aleš\AppData\Local\Sony
2013-02-18 09:26 . 2013-02-18 09:26 -------- d-----w- c:\windows\SysWow64\spool
2013-02-18 09:16 . 2013-02-18 09:40 -------- d-----w- c:\users\Aleš\AppData\Roaming\Sony
2013-02-18 08:02 . 2013-02-22 11:49 -------- d-----w- c:\users\Aleš\AppData\Roaming\Seznam.cz
2013-02-17 20:08 . 2013-02-17 20:17 -------- d-----w- c:\users\Aleš\AppData\Roaming\Ulozto File Manager
2013-02-17 14:22 . 2013-03-04 14:04 -------- d-----w- c:\users\Aleš\AppData\Roaming\BitTorrent
2013-02-17 14:10 . 2013-02-17 14:10 -------- d-----w- c:\windows\system32\drivers\NSSx64
2013-02-16 11:54 . 2013-02-22 12:03 -------- d-----w- c:\users\Aleš\AppData\Roaming\GlarySoft
2013-02-16 11:51 . 2013-02-16 11:51 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-02-16 11:51 . 2013-02-16 11:51 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-02-16 10:58 . 2013-02-16 10:58 955888 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-16 10:58 . 2013-02-16 10:58 839152 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-16 10:45 . 2013-02-16 10:45 455680 ----a-w- c:\windows\system32\deploytk.dll
2013-02-16 10:09 . 2013-02-16 10:08 410984 ----a-w- c:\windows\SysWow64\deploytk.dll
2013-02-15 14:28 . 2013-02-15 14:28 -------- d-----w- c:\users\Aleš\AppData\Roaming\Apple Computer
2013-02-15 12:29 . 2013-02-15 12:29 -------- d-----w- c:\users\Aleš\AppData\Roaming\logs
2013-02-13 15:41 . 2013-02-13 15:41 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 15:41 . 2013-02-13 15:41 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 15:41 . 2013-02-13 15:41 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 15:41 . 2013-02-13 15:41 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 15:41 . 2013-02-13 15:41 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 15:36 . 2013-02-13 15:36 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 15:36 . 2013-02-13 15:36 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 15:34 . 2013-02-13 15:34 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 15:34 . 2013-02-13 15:34 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 15:34 . 2013-02-13 15:34 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 15:34 . 2013-02-13 15:34 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 15:34 . 2013-02-13 15:34 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 15:34 . 2013-02-13 15:34 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 15:34 . 2013-02-13 15:34 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 00:26 . 2013-02-13 00:26 28544 ----a-w- c:\windows\system32\xfcodec64.dll
2013-02-08 17:00 . 2013-02-08 17:00 -------- d-----w- c:\users\Aleš\AppData\Local\Vitalwerks
2013-02-08 16:31 . 2012-10-26 18:01 237400 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-02-08 16:31 . 2012-10-26 17:59 119640 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-02-06 21:25 . 2009-07-10 11:33 1589248 ----a-w- c:\windows\SysWow64\libmysql_d.dll
2013-02-06 18:53 . 2013-02-06 18:53 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 19:59 . 2012-10-26 11:04 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 19:59 . 2012-10-26 11:04 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-18 14:12 . 2012-11-15 17:43 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-02-18 14:12 . 2012-11-15 17:43 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-14 13:18 . 2012-10-26 09:11 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-13 15:34 . 2013-02-13 15:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-19 19:00 . 2013-01-19 18:20 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2012-12-29 10:34 . 2013-01-20 16:02 958272 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-12-29 10:34 . 2013-01-20 16:02 9389888 ----a-w- c:\windows\system32\nvcuda.dll
2012-12-29 10:34 . 2013-01-20 16:02 7931896 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-12-29 10:34 . 2013-01-20 16:02 7565240 ----a-w- c:\windows\system32\nvopencl.dll
2012-12-29 10:34 . 2013-01-20 16:02 6263784 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-12-29 10:34 . 2013-01-20 16:02 30648 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-12-29 10:34 . 2013-01-20 16:02 2904504 ----a-w- c:\windows\system32\nvcuvid.dll
2012-12-29 10:34 . 2013-01-20 16:02 284600 ----a-w- c:\windows\system32\drivers\nvkflt.sys
2012-12-29 10:34 . 2013-01-20 16:02 2720696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-12-29 10:34 . 2013-01-20 16:02 26931128 ----a-w- c:\windows\system32\nvoglv64.dll
2012-12-29 10:34 . 2013-01-20 16:02 25256376 ----a-w- c:\windows\system32\nvcompiler.dll
2012-12-29 10:34 . 2013-01-20 16:02 246024 ----a-w- c:\windows\system32\nvinitx.dll
2012-12-29 10:34 . 2013-01-20 16:02 2344888 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-12-29 10:34 . 2013-01-20 16:02 20450232 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-12-29 10:34 . 2013-01-20 16:02 1985976 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-12-29 10:34 . 2013-01-20 16:02 18054312 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-12-29 10:34 . 2013-01-20 16:02 17560504 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-12-29 10:34 . 2013-01-20 16:02 15129064 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-12-29 10:34 . 2013-01-20 16:02 15052368 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-12-29 10:34 . 2013-01-20 16:02 12641120 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-12-29 10:34 . 2013-01-20 16:02 10997176 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-12-29 10:34 . 2012-10-08 09:42 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 10:34 . 2012-10-08 09:42 2504248 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-12-29 10:34 . 2012-10-08 09:42 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-10-08 09:42 201728 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-12-29 10:34 . 2012-10-08 09:42 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-08 09:42 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 08:40 . 2012-10-26 08:55 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-10-26 08:55 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-10-26 08:55 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-10-26 08:55 997816 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-12-29 08:40 . 2012-10-26 08:55 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-10-26 08:55 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-10-26 08:55 55736 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-12-29 08:40 . 2012-10-26 08:55 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2012-10-26 08:55 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-29 01:54 . 2012-12-29 01:54 550328 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-12-25 18:32 . 2012-10-29 22:38 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-16 17:11 . 2012-12-25 15:55 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-25 15:55 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-25 15:55 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-25 15:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 16:28 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 16:28 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 16:28 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 16:28 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 16:28 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 16:28 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 16:28 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 16:28 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 16:28 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 16:28 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 16:28 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 16:28 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 16:28 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 16:28 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 16:28 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 16:28 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 16:28 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 16:28 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 16:28 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 16:28 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 16:28 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 16:28 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 16:28 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 16:28 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 16:28 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 16:28 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 16:28 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 16:28 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 16:28 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 16:28 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 16:28 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 16:28 51712 ----a-w- c:\windows\SysWow64\esrb.rs
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Antamedia DBServer AsService"=
.
2;2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service [x]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-05-31 717952]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-08-09 35256]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 66328]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MsgPlusDriver;Messenger Plus! Virtual Camera;c:\windows\system32\DRIVERS\MsgPlusDriver.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-25 272688]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-15 40712]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\system32\DRIVERS\usb3Hub.sys [2012-08-09 48096]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-26 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\system32\DRIVERS\XHCIPort.sys [2012-08-09 188384]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-29 30648]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-12-29 284600]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-03 983104]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-11-04 58128]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2010-10-19 274432]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2010-11-04 59904]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-08-09 25528]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-13 95744]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-13 212992]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-02 29288]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2012-08-09 42392]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-23 14:59 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page =
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Bugatti Veyron Mod]
"Install Dir"="c:\\Program Files (x86)\\EA Games\\Need for Speed Most Wanted\\CARS"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Cop Hummer H3 Mod]
"Install Dir"="c:\\Program Files (x86)\\EA GAMES\\Need for Speed Most Wanted"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-03-04 15:22:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-04 14:22
ComboFix2.txt 2013-03-04 13:45
ComboFix3.txt 2013-03-03 20:25
.
Před spuštěním: Volných bajtů: 434 648 993 792
Po spuštění: Volných bajtů: 434 563 452 928
.
- - End Of File - - B81015E3FEC4FF7E7E39B021E8506C2A

[Márty84]

Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.


Dejte novy log z RSIT a napiste, jak je na tom pc

[eXclusive]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Aleš at 2013-03-04 20:16:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 412 GB (90%) free of 457 GB
Total RAM: 3990 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:16:22, on 4.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Aleš.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - https://battlefield.play4free.com/stati ... 0.80.2.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 7246 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 26668304
\??\C:\Windows\system32\conhost.exe "238157069562799336-232651983-18862131201239393613-18079125410224891651865957925
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
taskeng.exe {10DC275C-4918-4163-B385-A8FD7B855FF3}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {80398C1B-AAF7-49EA-8483-6F6FB152DCD1}
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4316.0.599365320\2075122848" --supports-dual-gpus=false --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2253 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4316.2.1241475718\727203703" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="4316.3.2053676793\855827658" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="4316.4.91989764\605318254" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2013Q1/3/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4316.5.1129184893\1945775175" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4316.6.417468440\588652469" --lang=cs --ignored=" --type=renderer " /prefetch:13
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Aleš\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Aleš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Assassin.LNK]
C:\PROGRA~2\Ubisoft\ASSASS~1\Register\REGIST~1.EXE -d 805245 -l english -r 7 -g Assassin -c us -i 3538 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll C:\Windows\System32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-11-29 384000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"VIDC.XFR1"=xfcodec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2013-03-04 20:13:48 ----D---- C:\rsit
2013-03-04 20:09:33 ----SHD---- C:\$RECYCLE.BIN
2013-03-04 15:18:54 ----D---- C:\Windows\temp
2013-03-03 10:10:41 ----D---- C:\Program Files (x86)\Steam
2013-03-01 13:03:10 ----D---- C:\Program Files\Defraggler
2013-03-01 12:59:36 ----D---- C:\Program Files\CCleaner
2013-02-27 20:39:43 ----D---- C:\Program Files\trend micro
2013-02-27 16:58:54 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-27 16:58:54 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-27 16:58:54 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 16:58:54 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 16:58:53 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-27 16:58:53 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 16:58:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 16:58:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 16:58:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 16:58:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 16:58:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 16:58:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 16:58:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 16:58:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 16:58:50 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-27 16:58:50 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-27 16:58:50 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 16:58:50 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 16:58:50 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 16:58:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 16:58:49 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-27 16:58:49 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-27 16:58:49 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-27 16:58:49 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 16:58:48 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-27 16:58:48 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-27 16:58:48 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-27 16:58:48 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 16:58:48 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 16:58:48 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 16:58:47 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-27 16:58:47 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-27 16:58:47 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-27 16:58:47 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-27 16:58:47 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-27 16:58:47 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 16:58:47 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 16:58:47 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 16:58:47 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 16:58:47 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 16:58:47 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 16:58:46 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-02-27 16:58:46 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 16:58:46 ----A---- C:\Windows\system32\d2d1.dll
2013-02-25 18:00:39 ----D---- C:\Users\Aleš\AppData\Roaming\Unity
2013-02-24 16:32:15 ----D---- C:\Users\Aleš\AppData\Roaming\Malwarebytes
2013-02-22 16:37:57 ----D---- C:\Program Files\WinRAR
2013-02-18 23:42:54 ----D---- C:\Program Files (x86)\VideoLAN
2013-02-18 23:30:47 ----D---- C:\Users\Aleš\AppData\Roaming\TechSmith
2013-02-18 21:42:36 ----D---- C:\Users\Aleš\AppData\Roaming\FlvtoConverter
2013-02-18 21:36:38 ----A---- C:\Windows\system32\roboot64.exe
2013-02-18 21:36:32 ----D---- C:\Users\Aleš\AppData\Roaming\systweak
2013-02-18 10:36:10 ----D---- C:\Users\Aleš\AppData\Roaming\Publish Providers
2013-02-18 10:26:42 ----D---- C:\Windows\SYSWOW64\spool
2013-02-18 10:16:13 ----D---- C:\Users\Aleš\AppData\Roaming\Sony
2013-02-18 09:02:01 ----D---- C:\Users\Aleš\AppData\Roaming\Seznam.cz
2013-02-17 21:08:42 ----D---- C:\Users\Aleš\AppData\Roaming\Ulozto File Manager
2013-02-17 15:22:49 ----D---- C:\Users\Aleš\AppData\Roaming\BitTorrent
2013-02-17 15:10:09 ----D---- C:\Windows\system32\drivers\NSSx64
2013-02-16 12:54:59 ----D---- C:\Users\Aleš\AppData\Roaming\GlarySoft
2013-02-16 12:51:58 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2013-02-16 12:51:58 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2013-02-16 11:58:52 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-02-16 11:58:52 ----A---- C:\Windows\system32\deployJava1.dll
2013-02-16 11:45:17 ----A---- C:\Windows\system32\deploytk.dll
2013-02-16 11:09:03 ----A---- C:\Windows\SYSWOW64\deploytk.dll
2013-02-15 15:28:04 ----D---- C:\Users\Aleš\AppData\Roaming\Apple Computer
2013-02-15 13:29:36 ----D---- C:\Users\Aleš\AppData\Roaming\logs
2013-02-13 16:41:46 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-13 16:41:46 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-13 16:41:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-13 16:36:28 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-13 16:36:28 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-13 16:35:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\wininet.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\vbscript.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\urlmon.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\url.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\mshtml.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\jscript9.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\jscript.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-13 16:35:51 ----A---- C:\Windows\system32\ieui.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\iertutil.dll
2013-02-13 16:35:51 ----A---- C:\Windows\system32\ieframe.dll
2013-02-13 16:34:51 ----A---- C:\Windows\system32\win32k.sys
2013-02-13 16:34:28 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-13 16:34:28 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-13 16:34:28 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-13 16:34:28 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-13 16:34:28 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-13 16:34:28 ----A---- C:\Windows\system32\winsrv.dll
2013-02-13 01:26:34 ----A---- C:\Windows\system32\xfcodec64.dll
2013-02-08 17:31:37 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2013-02-08 17:31:32 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2013-02-06 22:25:00 ----A---- C:\Windows\SYSWOW64\libmysql_d.dll
2013-02-06 19:53:03 ----A---- C:\Windows\system32\drivers\hamachi.sys
2013-02-02 11:03:29 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-02-02 10:55:31 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2013-02-02 09:51:54 ----D---- C:\Users\Aleš\AppData\Roaming\Solveig Multimedia
2013-01-27 11:58:37 ----D---- C:\Program Files (x86)\Ubisoft
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-01-20 17:02:42 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvopencl.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvoglv64.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvinitx.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvcuvid.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvcuda.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\nvcompiler.dll
2013-01-20 17:02:42 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2013-01-20 17:02:42 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-01-20 17:02:42 ----A---- C:\Windows\system32\drivers\nvkflt.sys
2013-01-19 19:20:53 ----A---- C:\Windows\SYSWOW64\nxEuUninstall.bat
2013-01-19 17:38:00 ----D---- C:\Users\Aleš\AppData\Roaming\Microsoft Games
2013-01-19 12:53:18 ----D---- C:\Windows\erdnt
2013-01-17 23:52:43 ----SHD---- C:\ProgramData\GMNYQO
2013-01-17 18:11:41 ----A---- C:\Windows\SYSWOW64\TubeFinder.exe
2013-01-17 18:11:40 ----D---- C:\Users\Aleš\AppData\Roaming\FreeFLVConverter
2013-01-17 18:11:40 ----A---- C:\Windows\SYSWOW64\VB6STKIT.DLL
2013-01-17 18:11:40 ----A---- C:\Windows\SYSWOW64\VB6FR.DLL
2013-01-17 18:11:40 ----A---- C:\Windows\SYSWOW64\PCCLPFR.DLL
2013-01-17 18:11:40 ----A---- C:\Windows\SYSWOW64\MSCMCFR.DLL
2013-01-17 18:11:40 ----A---- C:\Windows\SYSWOW64\CMDLGFR.DLL
2013-01-17 18:05:18 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2013-01-17 18:05:18 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2013-01-17 18:05:18 ----A---- C:\Windows\SYSWOW64\NCMedia2.dll
2013-01-17 17:56:12 ----A---- C:\Windows\SYSWOW64\unrar.dll
2013-01-17 17:51:12 ----D---- C:\Users\Aleš\AppData\Roaming\MOVAVI
2013-01-17 17:41:22 ----D---- C:\ProgramData\TEMP
2013-01-17 17:41:00 ----D---- C:\ProgramData\Uniblue
2013-01-17 17:40:45 ----D---- C:\Users\Aleš\AppData\Roaming\Applian FLV and Media Player
2013-01-16 20:10:47 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-01-15 23:28:29 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-01-15 23:28:28 ----HD---- C:\ProgramData\Common Files
2013-01-15 23:26:07 ----D---- C:\ProgramData\Real
2013-01-13 19:35:30 ----D---- C:\Windows\Downloaded Installations
2013-01-09 17:29:16 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 17:29:16 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 17:28:58 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 17:28:58 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 17:28:58 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 17:28:58 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 17:28:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 17:28:57 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 17:28:55 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 17:28:55 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 17:28:50 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 17:28:50 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 17:28:50 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 17:28:50 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 17:28:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 17:28:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 17:28:22 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 17:28:22 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 17:28:22 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 17:28:22 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 17:28:22 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 17:28:22 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 17:28:22 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 17:28:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:28:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:28:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:28:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:28:14 ----A---- C:\Windows\system32\taskhost.exe
2013-01-07 20:03:44 ----D---- C:\Users\Aleš\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-01-07 19:34:31 ----D---- C:\Program Files\Adobe
2013-01-07 19:29:54 ----D---- C:\Program Files\Common Files\Adobe
2013-01-05 12:29:00 ----D---- C:\Windows\Minidump
2013-01-04 13:07:24 ----D---- C:\Windows\pss
2013-01-04 12:59:12 ----RD---- C:\Program Files (x86)\Skype
2013-01-04 11:43:56 ----D---- C:\Users\Aleš\AppData\Roaming\Mozilla
2013-01-03 20:18:28 ----D---- C:\Users\Aleš\AppData\Roaming\Ubisoft
2012-12-29 02:54:24 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2012-12-25 23:33:27 ----D---- C:\Windows\Cache
2012-12-25 16:55:55 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-25 16:55:54 ----A---- C:\Windows\system32\atmlib.dll
2012-12-25 16:55:51 ----A---- C:\Windows\system32\atmfd.dll
2012-12-25 16:55:50 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-16 13:54:41 ----D---- C:\Windows\Sun
2012-12-13 15:52:09 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-12-13 15:52:09 ----A---- C:\Windows\system32\tzres.dll
2012-12-13 15:51:41 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2012-12-13 15:51:41 ----A---- C:\Windows\system32\dpnet.dll

======List of files/folders modified in the last 3 months======

2013-03-04 20:14:00 ----A---- C:\Windows\SYSWOW64\log.txt
2013-03-04 20:12:05 ----D---- C:\Windows\system32\config
2013-03-04 20:11:44 ----D---- C:\ProgramData\NVIDIA
2013-03-04 20:10:46 ----D---- C:\Windows
2013-03-04 20:08:30 ----RD---- C:\Users
2013-03-04 20:08:28 ----D---- C:\Windows\system32\drivers
2013-03-04 19:08:25 ----D---- C:\Users\Aleš\AppData\Roaming\Skype
2013-03-04 18:05:52 ----D---- C:\Windows\system32\NDF
2013-03-04 15:20:30 ----A---- C:\Windows\system.ini
2013-03-04 15:20:23 ----D---- C:\Windows\system32\drivers\etc
2013-03-04 15:17:25 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-04 15:17:25 ----D---- C:\Windows\SysWOW64
2013-03-04 15:17:25 ----D---- C:\Windows\AppPatch
2013-03-04 15:17:25 ----D---- C:\Program Files (x86)\Common Files
2013-03-04 14:41:24 ----D---- C:\ProgramData
2013-03-03 20:52:30 ----SHD---- C:\Windows\Installer
2013-03-03 20:52:30 ----D---- C:\Windows\Tasks
2013-03-03 19:49:00 ----SHD---- C:\System Volume Information
2013-03-03 15:39:24 ----D---- C:\Windows\System32
2013-03-03 15:39:24 ----D---- C:\Windows\inf
2013-03-03 15:39:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-03 12:10:57 ----D---- C:\Windows\Logs
2013-03-03 10:10:41 ----D---- C:\Program Files (x86)
2013-03-03 10:09:21 ----RSD---- C:\Windows\assembly
2013-03-02 22:18:15 ----D---- C:\Windows\system32\catroot2
2013-03-01 13:03:10 ----RD---- C:\Program Files
2013-03-01 12:59:39 ----D---- C:\Windows\system32\Tasks
2013-02-27 20:59:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-27 17:02:02 ----D---- C:\Windows\winsxs
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-27 17:01:15 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\en-US
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-27 17:01:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-02-27 17:01:13 ----D---- C:\Windows\system32\zh-HK
2013-02-27 17:01:13 ----D---- C:\Windows\system32\pt-PT
2013-02-27 17:01:13 ----D---- C:\Windows\system32\pt-BR
2013-02-27 17:01:13 ----D---- C:\Windows\system32\pl-PL
2013-02-27 17:01:13 ----D---- C:\Windows\system32\nl-NL
2013-02-27 17:01:13 ----D---- C:\Windows\system32\ko-KR
2013-02-27 17:01:13 ----D---- C:\Windows\system32\it-IT
2013-02-27 17:01:13 ----D---- C:\Windows\system32\hu-HU
2013-02-27 17:01:13 ----D---- C:\Windows\system32\el-GR
2013-02-27 17:01:12 ----D---- C:\Windows\system32\zh-TW
2013-02-27 17:01:12 ----D---- C:\Windows\system32\zh-CN
2013-02-27 17:01:12 ----D---- C:\Windows\system32\tr-TR
2013-02-27 17:01:12 ----D---- C:\Windows\system32\sv-SE
2013-02-27 17:01:12 ----D---- C:\Windows\system32\ru-RU
2013-02-27 17:01:12 ----D---- C:\Windows\system32\nb-NO
2013-02-27 17:01:12 ----D---- C:\Windows\system32\ja-JP
2013-02-27 17:01:12 ----D---- C:\Windows\system32\fr-FR
2013-02-27 17:01:12 ----D---- C:\Windows\system32\fi-FI
2013-02-27 17:01:12 ----D---- C:\Windows\system32\es-ES
2013-02-27 17:01:12 ----D---- C:\Windows\system32\en-US
2013-02-27 17:01:12 ----D---- C:\Windows\system32\de-DE
2013-02-27 17:01:12 ----D---- C:\Windows\system32\da-DK
2013-02-27 17:01:12 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 17:00:07 ----D---- C:\Windows\system32\catroot
2013-02-25 19:09:59 ----SD---- C:\ProgramData\Microsoft
2013-02-25 14:46:17 ----D---- C:\Windows\SYSWOW64\NV
2013-02-25 14:46:17 ----D---- C:\Windows\system32\NV
2013-02-25 14:43:50 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-02-25 14:43:41 ----D---- C:\temp
2013-02-25 14:27:41 ----D---- C:\Windows\system32\DriverStore
2013-02-24 18:06:34 ----D---- C:\Program Files\Intel
2013-02-22 13:12:30 ----D---- C:\Windows\SYSWOW64\config
2013-02-22 13:10:53 ----D---- C:\Program Files (x86)\Adobe
2013-02-22 13:10:50 ----D---- C:\ProgramData\Adobe
2013-02-22 13:09:34 ----D---- C:\Windows\SoftwareDistribution
2013-02-22 13:03:00 ----D---- C:\Users\Aleš\AppData\Roaming\Macromedia
2013-02-22 12:52:49 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-22 12:43:43 ----D---- C:\Windows\SYSWOW64\Macromed
2013-02-22 12:40:04 ----D---- C:\Program Files (x86)\Microsoft Office
2013-02-19 10:18:09 ----D---- C:\Windows\Prefetch
2013-02-18 20:59:14 ----RSD---- C:\Windows\Fonts
2013-02-18 15:12:14 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-02-18 15:12:14 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-02-18 11:25:34 ----D---- C:\Users\Aleš\AppData\Roaming\DVDVideoSoft
2013-02-15 15:32:08 ----D---- C:\Windows\debug
2013-02-14 18:21:21 ----D---- C:\Windows\Microsoft.NET
2013-02-14 14:22:53 ----A---- C:\Windows\win.ini
2013-02-14 14:18:20 ----A---- C:\Windows\system32\MRT.exe
2013-02-13 16:47:31 ----D---- C:\Windows\SYSWOW64\migration
2013-02-13 16:47:31 ----D---- C:\Windows\system32\migration
2013-02-13 16:47:31 ----D---- C:\Program Files\Internet Explorer
2013-02-13 16:47:31 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-13 16:08:52 ----RD---- C:\MSOCache
2013-02-10 15:52:39 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-02-02 10:58:15 ----D---- C:\Windows\Downloaded Program Files
2013-02-02 09:18:08 ----D---- C:\Users\Aleš\AppData\Roaming\Intel WiDi
2013-01-28 16:00:02 ----D---- C:\ProgramData\Skype
2013-01-19 12:59:00 ----RSHD---- C:\Windows\SYSWOW64\appdata
2013-01-17 17:31:00 ----SD---- C:\Users\Aleš\AppData\Roaming\Microsoft
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe
2013-01-16 19:59:02 ----D---- C:\Windows\Panther
2013-01-13 13:17:51 ----D---- C:\Windows\rescache
2013-01-07 19:44:43 ----D---- C:\Users\Aleš\AppData\Roaming\Adobe
2013-01-07 19:29:54 ----D---- C:\Program Files\Common Files
2013-01-04 12:59:59 ----D---- C:\Program Files (x86)\Google
2012-12-30 10:45:55 ----D---- C:\Windows\SYSWOW64\directx
2012-12-29 11:34:47 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2012-12-29 11:34:47 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvdispgenco64.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvdispco64.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvapi64.dll
2012-12-29 09:40:27 ----A---- C:\Windows\system32\nvsvc64.dll
2012-12-29 09:40:27 ----A---- C:\Windows\system32\nvcpl.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvvsvc.exe
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvsvcr.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvshext.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvmctray.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nv3dappshextr.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nv3dappshext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-12-29 30648]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2012-12-29 284600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2010-11-04 58128]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2010-10-19 274432]
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2010-11-04 59904]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-11-29 12252192]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-08-09 25528]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-09-13 95744]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-09-13 212992]
R3 qicflt;upper Device Filter Driver; C:\Windows\system32\DRIVERS\qicflt.sys [2010-07-02 29288]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wdkmd;Intel WiDi KMD; C:\Windows\system32\DRIVERS\WDKMD.sys [2012-08-09 42392]
S2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 AVerAF35;AVerMedia A867 USB DVB-T; C:\Windows\System32\Drivers\AVerAF35.sys [2010-05-31 717952]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2013-02-06 33344]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-08-09 35256]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 66328]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 MsgPlusDriver;Messenger Plus! Virtual Camera; C:\Windows\system32\DRIVERS\MsgPlusDriver.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-01-05 37888]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2012-11-15 40712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb3Hub;USB-IF USB 3.0 Hub; C:\Windows\system32\DRIVERS\usb3Hub.sys [2012-08-09 48096]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 XHCIPort;USB-IF xHCI USB Host Controller; C:\Windows\system32\DRIVERS\XHCIPort.sys [2012-08-09 188384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-03 983104]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-06-25 628016]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-29 884152]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-06-25 149296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-25 272688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-25 543144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-26 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------


A PC ještě zkusím

[Márty84]

OK

[Márty84]

Jeste drobna uprava

1) Otevrte Poznamkovy blok (pokud ho nemate na plose, tak kliknete na Start, pak programy a prislusenstvi)
2) Zkopirujte do nej ten zeleny text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

3) Vlevo nahore kliknete na napis Soubor
4) Kliknete na napis Ulozit jako...
5) Napiste spravne ten cerveny nazev oprava.reg a pak vyberte u moznosti Ulozit jako typ : Vsechny soubory
6) Ulozte, nejlepe na plochu
7) Na to, co jste prave ulozil/a, 2x kliknete, ono se to spusti a vy to jen potvrdte
8) Pak ten soubor muzete smazat

[eXclusive]

PC je ve stejném stavu jako předtím ( seká se od začátku - není potřeba restart )

[Márty84]

V tom pripade bohuzel. Logy uz jsou ciste. Muze to byt tim diskem.
Problemy jsou jen s hrami?

[eXclusive]

Už to jde přeinstaloval jsem tu hru znova

[eXclusive]

A ještě bych měl jeden problém . Když pracuju nebo nepracuju na PC tak mi furt problikává obrazovka