Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu - vir Policie ČR

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Prosím o kontrolu logu - vir Policie ČR

#1 Příspěvek od Mikone »

Dobrý den, po spuštění NTB naskočila stránka údajné Policie ČR, že z důvodu nelegálního software došlo k zablokování PC a že mám zaplatit. Po restartu NTB již tento normálně naběhl. Proto prosím o kontrolu, případně rady k odstranění. Předem děkuji. Michal


Zde log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Filip at 2013-07-15 20:08:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 83 GB (28%) free of 292 GB
Total RAM: 4063 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:08:47, on 15.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Filip.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=C:\PROGRA~3\wavav0bdtzbtb43b.bat
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Download Video - {3B54DEAB-C6D4-48a8-8C32-A70558643400} - C:\Program Files (x86)\FinalVideoDownloader\fvdRunner.html
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13424 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vfsFPService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe"
"C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {FE4F9EF5-80A2-4FDF-AFD7-AB392E859794}
"c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
"c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart Wireless B109n-z#1362744575" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2436.0.640851943\1876982426" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9480 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_67/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2436.2.46920599\221937267" /prefetch:673131151
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {88FD451F-2461-4378-901E-5B5770797E1F}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2436.6.373946129\1806469384" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe"
"C:\Users\Filip\Desktop\Údržba systému\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3699565631-1233754026-3347145664-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3699565631-1233754026-3347145664-1000UA.job
C:\Windows\tasks\HPCeeScheduleForFilip.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-27 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-27 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-29 4288048]
"Google Update"=C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-05 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent]
C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2009-12-01 842816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPCam_Menu]
c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-06-24 320056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Filip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
C:\PROGRA~2\Xfire\Xfire.exe [2012-10-27 3558856]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2013-07-15 09:38:08 ----A---- C:\ProgramData\wavav0bdtzbtb43b.bat
2013-07-11 10:01:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-11 10:01:16 ----A---- C:\Windows\system32\ieui.dll
2013-07-11 10:01:11 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-11 10:01:11 ----A---- C:\Windows\system32\iesetup.dll
2013-07-11 10:01:10 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-11 10:01:10 ----A---- C:\Windows\system32\iernonce.dll
2013-07-11 10:01:10 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-11 10:01:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-11 10:01:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-11 10:01:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 10:01:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-11 10:01:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-11 10:01:05 ----A---- C:\Windows\system32\iertutil.dll
2013-07-11 10:01:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-11 10:01:01 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-11 10:01:00 ----A---- C:\Windows\system32\jscript.dll
2013-07-11 10:00:59 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-11 10:00:56 ----A---- C:\Windows\system32\jscript9.dll
2013-07-11 10:00:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-11 10:00:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-11 10:00:50 ----A---- C:\Windows\system32\urlmon.dll
2013-07-11 10:00:45 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-11 10:00:45 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-11 10:00:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-11 10:00:41 ----A---- C:\Windows\system32\wininet.dll
2013-07-11 10:00:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-11 10:00:33 ----A---- C:\Windows\system32\ieframe.dll
2013-07-11 10:00:31 ----A---- C:\Windows\system32\mshtml.dll
2013-07-11 10:00:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 00:00:33 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 00:00:33 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 00:00:32 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 00:00:31 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 00:00:18 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 23:59:47 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 23:59:47 ----A---- C:\Windows\system32\DWrite.dll
2013-07-02 08:50:13 ----D---- C:\Program Files (x86)\Fraps 3.4.7 - Pln verze
2013-06-28 16:25:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys.sum
2013-06-28 16:25:24 ----A---- C:\Windows\system32\drivers\aswSP.sys.sum
2013-06-28 16:25:24 ----A---- C:\Windows\system32\drivers\aswSnx.sys.sum

======List of files/folders modified in the last 1 months======

2013-07-15 20:08:45 ----D---- C:\Program Files\trend micro
2013-07-15 20:08:16 ----D---- C:\Windows\Tasks
2013-07-15 20:08:16 ----D---- C:\Windows\system32\Tasks
2013-07-15 20:07:50 ----D---- C:\Windows\Temp
2013-07-15 20:01:38 ----D---- C:\Windows\system32\config
2013-07-15 19:52:13 ----D---- C:\ProgramData
2013-07-15 19:52:13 ----A---- C:\ProgramData\HPWALog.txt
2013-07-14 18:27:20 ----D---- C:\Users\Filip\AppData\Roaming\.minecraft
2013-07-14 17:28:27 ----D---- C:\ProgramData\PMB Files
2013-07-13 09:28:07 ----SHD---- C:\Windows\Installer
2013-07-13 09:28:06 ----D---- C:\Config.Msi
2013-07-13 09:23:19 ----D---- C:\Program Files (x86)
2013-07-12 23:41:59 ----D---- C:\Users\Filip\AppData\Roaming\Skype
2013-07-12 19:14:43 ----D---- C:\Windows\Microsoft.NET
2013-07-12 19:13:41 ----RSD---- C:\Windows\assembly
2013-07-12 07:50:45 ----D---- C:\Windows\winsxs
2013-07-12 07:50:18 ----D---- C:\Windows\Panther
2013-07-12 07:48:13 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-12 07:48:13 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 00:27:04 ----D---- C:\Windows\SysWOW64
2013-07-12 00:27:04 ----D---- C:\Windows\System32
2013-07-12 00:27:04 ----D---- C:\Program Files\Windows Defender
2013-07-12 00:27:04 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 00:27:04 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-12 00:27:03 ----D---- C:\Program Files\Internet Explorer
2013-07-11 22:08:25 ----SHD---- C:\System Volume Information
2013-07-11 10:15:56 ----D---- C:\ProgramData\Microsoft Help
2013-07-11 10:12:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-11 10:12:12 ----D---- C:\Windows\inf
2013-07-11 10:05:59 ----D---- C:\Windows\debug
2013-07-11 10:05:54 ----A---- C:\Windows\system32\MRT.exe
2013-07-11 10:02:42 ----D---- C:\Windows\system32\catroot
2013-07-11 10:02:30 ----D---- C:\Windows\system32\catroot2
2013-06-30 19:32:25 ----D---- C:\Windows\rescache
2013-06-28 17:33:14 ----D---- C:\Windows\system32\drivers
2013-06-28 16:38:22 ----D---- C:\Windows
2013-06-28 16:35:35 ----D---- C:\Users\Filip\AppData\Roaming\DAEMON Tools Lite
2013-06-28 16:35:27 ----D---- C:\Windows\Logs
2013-06-28 16:33:32 ----D---- C:\Program Files\CCleaner
2013-06-26 16:30:15 ----D---- C:\Program Files (x86)\GameforgeLive

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-08 503352]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-02-18 39768]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480]
R3 AVerAF15;AVerMedia BDA Digital Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-01-16 369024]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-14 233472]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 1394hub;1394 Enabled Hub; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CEDRIVER55;CEDRIVER55; \??\C:\Program Files (x86)\Cheat Engine\dbk64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 dump_wmimmc;dump_wmimmc; \??\C:\gPotato\Rappelz\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw1v64.sys [2009-07-21 7058432]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-03 4682]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-12-01 322624]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 TVCapSvc;TV Background Capture Service (TVBCS); C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [2009-07-24 275840]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2009-06-03 721712]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-03 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-03 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-10-24 4999600]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-04 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - vir Policie ČR

#2 Příspěvek od vyosek »

Zdravim :)

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=130781
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#3 Příspěvek od Mikone »

Místo druhého PC a flešky jsem musel použít mobil. S tím by ale problém být si myslím neměl.

Zde log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Filip (administrator) on 15-07-2013 21:09:56
Running from F:\download
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Winlogon: [Shell] C:\PROGRA~3\wavav0bdtzbtb43b.bat [x ] () <=== ATTENTION
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] ()
HKCU\...\Run: [Google Update] - "C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe" /c [135664 2010-03-05] (Google Inc.)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default\...\Policies\system: [WallpaperStyle] 2
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default User\...\Policies\system: [WallpaperStyle] 2
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKCU - {894DF7BE-FD83-442F-B1CF-7A6F697A2682} URL = http://websearch.ask.com/redirect?clien ... 7646337544
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Filip\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Filip\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Filip\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchppcb.xml
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Protector by IB\Firefox
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF HKLM-x32\...\Firefox\Extensions: [downloader@finalvideotools.com] C:\Program Files (x86)\FinalVideoDownloader\Firefox
FF Extension: FinalVideoDownloader plugin for Mozilla Firefox - C:\Program Files (x86)\FinalVideoDownloader\Firefox
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR DefaultSearchURL: (Ask) - http://websearch.ask.com/redirect?clien ... earchTerms}
CHR DefaultSuggestURL: (Ask) - http://ss.websearch.ask.com/query?qsrc= ... earchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Filip\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Filip\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Filip\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Filip\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Caroll \u017D\u00EDlov\u00E1) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccnacdnebecmijmibpalibnelnhkfknc\2013.7.14.16593_0
CHR Extension: (Skype Click to Call) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0
CHR StartMenuInternet: Google Chrome - "C:\Users\Filip\AppData\Local\Google\Chrome\Application\chrome.exe"

==================== Services (Whitelisted) =================

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4999600 2012-10-24] (INCA Internet Co., Ltd.)
S2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [275840 2009-07-24] ()
S2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2009-06-03] (Validity Sensors, Inc.)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-28] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-28] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-28] ()
S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [369024 2008-01-16] (AVerMedia TECHNOLOGIES, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-03] (INCA Internet Co., Ltd.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2010-11-08] (Duplex Secure Ltd.)
S3 CEDRIVER55; \??\C:\Program Files (x86)\Cheat Engine\dbk64.sys [x]
S3 dump_wmimmc; \??\C:\gPotato\Rappelz\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
S3 TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [x]

========================== Drivers MD5 =======================

C:\Windows\System32\svchost.exe C78655BC80301D76ED4FEF1C1EA40A7D
C:\Windows\SysWow64\svchost.exe 54A47F6B5E09A77E61649109C6A08866
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\61883.sys E0A8525A951ADDB4655BC2068566407D
C:\Windows\System32\DRIVERS\Accelerometer.sys 5C368F4B04ED2A923E6AFCA2D37BAFF5
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\System32\DRIVERS\agrsm64.sys 98022774D9930ECBB292E70DB7601DF6
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\System32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys 0BAEFD3F648C6E7AB52990DD9565E4E2
C:\Windows\System32\Drivers\aswKbd.sys 36949EB7E71C5779C5163AF6AFB2A161
C:\Windows\system32\drivers\aswMonFlt.sys FA562F34ED6633C66170B09182B4C049
C:\Windows\System32\Drivers\aswrdr2.sys 64E2BAB4096C13D2342BC4661C967E07
C:\Windows\System32\Drivers\aswRvrt.sys 5573AA70993A2BB81525B1C704B88763
C:\Windows\System32\Drivers\aswSnx.sys 8C0800CDB501CFC1164B286A0478DC10
C:\Windows\System32\Drivers\aswSP.sys 3815DB16CDA62190F5C0A65118F3D714
C:\Windows\System32\Drivers\aswTdi.sys 29DD8E458A84171202AA4979364C30C0
C:\Windows\System32\Drivers\aswVmm.sys 22F521108881DC59837F6FC614E0568F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtiHdmi.sys 04A5815DF7E8B037DF674D3CCACC0C31
C:\Windows\System32\DRIVERS\atikmdag.sys C5758BF1DFD762A5B17041FF061B7750
C:\Windows\System32\DRIVERS\avc.sys 16FABE84916623D0607E4A975544032C
C:\Windows\System32\Drivers\AVerAF15.sys 8B00F71167B0B2662E5FB3F5D5CB99AC
C:\Windows\system32\drivers\avgtpx64.sys 4C05242DC361A217223E9B8EC2B3A76B
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\drivers\btwaudio.sys 6BCFDC2B5B7F66D484486D4BD4B39A6B
C:\Windows\System32\drivers\btwavdt.sys 82DC8B7C626E526681C1BEBED2BC3FF9
C:\Windows\System32\DRIVERS\btwl2cap.sys 6149301DC3F81D6F9667A3FBAC410975
C:\Windows\System32\DRIVERS\btwrchid.sys 28E105AD3B79F440BF94780F507BF66A
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\System32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\enecir.sys 524C79054636D2E5751169005006460B
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 07DA62C960DDCCC2D35836AEAB4FC578
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hpdskflt.sys 4E0BEC0F78096FFD6D3314B497FC49D3
C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 9AF482D058BE59CC28BCE52E7C4B747C
C:\Windows\System32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jmcr.sys F8844B00C10E386C704C610E95A9847D
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MarvinBus64.sys 024DA28053D57E9E32BEE52600576BBB
C:\Windows\System32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 94C66EDEDCDB6A126880472F9A704D8E
C:\Windows\System32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\System32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msdv.sys 72949A24D37A20A54B3D4D3DADBB55E9
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETw1v64.sys E72F4522801FFB8F0456924FB0017BFF
C:\Windows\System32\DRIVERS\NETw5s64.sys 39EDE676D17F37AF4573C2B33EC28ACA
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\System32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 91B4E0273D2F6C24EF845F2B41311289
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\SysWow64\npptNT2.sys 9131FE60ADFAB595C8DA53AD6A06AA31
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\System32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 91296F0B2653281B2F11E0FCE56AA427
C:\Windows\System32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 34F974F8B3C86DE03A30DCBE79091C97
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys DFFBC024DFC7BB05B2129E05CBC7A201
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys AC3CC98B1BDB6540021D3FFB105AC2B9
C:\Windows\System32\drivers\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\DRIVERS\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 21:09 - 2013-07-15 21:09 - 00000000 ____D C:\FRST
2013-07-15 09:38 - 2013-07-15 09:38 - 00000162 _____ C:\ProgramData\wavav0bdtzbtb43b.reg
2013-07-15 09:38 - 2013-07-15 09:38 - 00000067 _____ C:\ProgramData\wavav0bdtzbtb43b.bat
2013-07-14 18:26 - 2013-07-14 18:26 - 00694784 _____ (AnjoCaido) C:\Users\Filip\Downloads\MinecraftSP (1).exe
2013-07-11 10:01 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 10:01 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 10:01 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 10:01 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-11 10:01 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-11 10:01 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-11 10:01 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 10:01 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 10:01 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 10:01 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 10:01 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 10:01 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-11 10:01 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-11 10:01 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-11 10:01 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-11 10:01 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 10:01 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-11 10:01 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 10:00 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 10:00 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 10:00 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 10:00 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 10:00 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 10:00 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-11 10:00 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 10:00 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 10:00 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 10:00 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 10:00 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 10:00 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 10:00 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-11 00:00 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 00:00 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 00:00 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 00:00 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 00:00 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 23:59 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 23:59 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 11:38 - 2013-07-09 11:38 - 00000000 ____D C:\Users\Filip\Downloads\backup
2013-07-09 11:37 - 2013-07-09 11:36 - 12902397 _____ C:\Users\Filip\Downloads\allfiles.ini
2013-07-09 11:36 - 2013-07-09 11:36 - 15884631 _____ C:\Users\Filip\Downloads\Pulsefire Ezreal.zip
2013-07-09 11:36 - 2013-07-09 11:36 - 00000000 ____D C:\Users\Filip\Downloads\skins
2013-07-09 11:36 - 2013-07-09 11:36 - 00000000 ____D C:\Users\Filip\Downloads\icons
2013-07-09 11:34 - 2012-02-29 11:26 - 18369867 ____N C:\Users\Filip\Downloads\Pulsefire Ezreal.rar
2013-07-09 11:33 - 2013-07-09 11:34 - 18357281 _____ C:\Users\Filip\Downloads\6819 (2).zip
2013-07-09 11:31 - 2013-07-09 11:39 - 00001949 _____ C:\Users\Filip\Downloads\LoL Skin Installer.settings
2013-07-09 11:31 - 2013-07-09 11:36 - 00002048 _____ C:\Users\Filip\Downloads\skins.db
2013-07-09 11:30 - 2013-07-09 11:38 - 00000000 ____D C:\Users\Filip\Downloads\fsb
2013-07-09 11:30 - 2012-09-20 02:30 - 05517824 ____N (LoL Skin Installer) C:\Users\Filip\Downloads\Skin Installer Ultimate.exe
2013-07-09 11:30 - 2012-09-20 02:30 - 03256320 ____N (The Open Toolkit Library) C:\Users\Filip\Downloads\OpenTK.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 03211264 ____N (The Open Toolkit Library) C:\Users\Filip\Downloads\OpenTK.Compatibility.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00914432 ____N (Igor Pavlov) C:\Users\Filip\Downloads\7z.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00904704 ____N C:\Users\Filip\Downloads\System.Data.SQLite.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00876032 ____N (Abysmal Software) C:\Users\Filip\Downloads\DevIL.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00490832 ____N C:\Users\Filip\Downloads\LGGSIU1.bmp
2013-07-09 11:30 - 2012-09-20 02:30 - 00445440 ____N (Dino Chiesa) C:\Users\Filip\Downloads\Ionic.Zip.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00268464 ____N C:\Users\Filip\Downloads\dxtVersion.ini
2013-07-09 11:30 - 2012-09-20 02:30 - 00200704 ____N (ICSharpCode.net) C:\Users\Filip\Downloads\ICSharpCode.SharpZipLib.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00163840 ____N (Igor Pavlov) C:\Users\Filip\Downloads\7z.exe
2013-07-09 11:30 - 2012-09-20 02:30 - 00162816 ____N C:\Users\Filip\Downloads\LOLViewer.exe
2013-07-09 11:30 - 2012-09-20 02:30 - 00083968 ____N (Microsoft) C:\Users\Filip\Downloads\RAF_Unpack_v1.00.exe
2013-07-09 11:30 - 2012-09-20 02:30 - 00077824 ____N (Be) C:\Users\Filip\Downloads\Be.Windows.Forms.HexBox.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00077824 ____N (Abysmal Software) C:\Users\Filip\Downloads\ILU.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00065536 ____N (ComponentAce) C:\Users\Filip\Downloads\zlib.net.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00055808 ____N (Igor Pavlov) C:\Users\Filip\Downloads\7-zip.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00044032 ____N (Sergey Stoyan, CliverSoft Co.) C:\Users\Filip\Downloads\MessageForm.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00043520 ____N C:\Users\Filip\Downloads\sai.exe
2013-07-09 11:30 - 2012-09-20 02:30 - 00036864 ____N (Tao Framework -- http://www.taoframework.com) C:\Users\Filip\Downloads\Tao.DevIl.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00035821 ____N C:\Users\Filip\Downloads\License - ICSharpCode.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00035382 ____N C:\Users\Filip\Downloads\License - Skin Installer Ultimate.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00035366 ____N C:\Users\Filip\Downloads\License - LoLViewer.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00032768 ____N C:\Users\Filip\Downloads\ColorSlider.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00026927 ____N C:\Users\Filip\Downloads\License - Devil.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00025600 ____N C:\Users\Filip\Downloads\TextEditor.exe
2013-07-09 11:30 - 2012-09-20 02:30 - 00025088 ____N (ItzWarty) C:\Users\Filip\Downloads\RAFLib.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00024576 ____N C:\Users\Filip\Downloads\ParticleReferenceForSIU.exe
2013-07-09 11:30 - 2012-09-20 02:30 - 00024576 ____N (The Open Toolkit Library) C:\Users\Filip\Downloads\OpenTK.GLControl.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00016384 ____N (Microsoft) C:\Users\Filip\Downloads\wLib.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00015360 ____N (Microsoft) C:\Users\Filip\Downloads\.wLib.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00014336 ____N C:\Users\Filip\Downloads\SIU-Updater.exe
2013-07-09 11:30 - 2012-09-20 02:30 - 00012969 ____N C:\Users\Filip\Downloads\License - MessageForm.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00007738 ____N C:\Users\Filip\Downloads\LeagueOfLegendsSkinInstallerLeagueCraftIntegration.user.js
2013-07-09 11:30 - 2012-09-20 02:30 - 00007506 ____N C:\Users\Filip\Downloads\License - ColorSlider.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00004096 ____N C:\Users\Filip\Downloads\Global Info.dll
2013-07-09 11:30 - 2012-09-20 02:30 - 00003965 ____N C:\Users\Filip\Downloads\License - OpenTK.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00002867 ____N C:\Users\Filip\Downloads\License - Be.HexBox.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00002660 ____N C:\Users\Filip\Downloads\License - Iconic Zip.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00001927 ____N C:\Users\Filip\Downloads\License - 7zip.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00001105 ____N C:\Users\Filip\Downloads\nocompress.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00001053 ____N C:\Users\Filip\Downloads\License - NantGoogleCode.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00001028 ____N C:\Users\Filip\Downloads\License - Tao.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00000994 ____N C:\Users\Filip\Downloads\License - zlib.txt
2013-07-09 11:30 - 2012-09-20 02:30 - 00000607 ____N C:\Users\Filip\Downloads\License - SqLite.txt
2013-07-09 11:29 - 2013-07-09 11:30 - 06709836 _____ C:\Users\Filip\Downloads\SIU 3.335-Lite (1).zip
2013-07-02 08:54 - 2013-07-02 08:54 - 00036079 _____ (Beepa Pty Ltd) C:\Users\Filip\Documents\uninstall.exe
2013-07-02 08:54 - 2013-07-02 08:54 - 00000750 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-07-02 08:54 - 2013-07-02 08:54 - 00000000 ____D C:\Users\Filip\Documents\HELP
2013-07-02 08:53 - 2013-07-02 08:54 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Filip\Downloads\setup.exe
2013-07-02 08:50 - 2013-07-02 08:50 - 00000000 ____D C:\Program Files (x86)\Fraps 3.4.7 - Pln verze
2013-07-02 08:49 - 2013-07-02 08:49 - 06129949 _____ ( ) C:\Users\Filip\Downloads\Fraps-3.4.7---Pln-verze.exe
2013-06-28 16:38 - 2013-07-15 20:55 - 00018144 _____ C:\Windows\setupact.log
2013-06-28 16:38 - 2013-06-28 16:38 - 00000000 _____ C:\Windows\setuperr.log
2013-06-28 16:25 - 2013-06-28 16:25 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-06-28 16:25 - 2013-06-28 16:25 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-06-28 16:25 - 2013-06-28 16:25 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-06-25 19:10 - 2013-06-25 19:11 - 00694784 _____ (AnjoCaido) C:\Users\Filip\Downloads\MinecraftSP.exe
2013-06-24 18:41 - 2013-06-24 18:41 - 00001966 _____ C:\Users\Public\Desktop\AION Free-to-Play.lnk

==================== One Month Modified Files and Folders =======

2013-07-15 21:09 - 2013-07-15 21:09 - 00000000 ____D C:\FRST
2013-07-15 21:06 - 2009-09-19 02:24 - 00671880 _____ C:\Windows\system32\perfh005.dat
2013-07-15 21:06 - 2009-09-19 02:24 - 00143086 _____ C:\Windows\system32\perfc005.dat
2013-07-15 21:06 - 2009-07-14 07:13 - 01594120 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-15 20:55 - 2013-06-28 16:38 - 00018144 _____ C:\Windows\setupact.log
2013-07-15 20:55 - 2013-05-14 07:09 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 20:55 - 2013-03-25 17:13 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForFilip.job
2013-07-15 20:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 20:53 - 2013-03-29 19:55 - 00000000 ____D C:\Users\Filip\AppData\Local\PMB Files
2013-07-15 20:53 - 2011-12-14 17:57 - 01085134 _____ C:\Windows\WindowsUpdate.log
2013-07-15 20:52 - 2013-04-23 13:12 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 20:48 - 2013-05-15 19:33 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3699565631-1233754026-3347145664-1000UA.job
2013-07-15 20:28 - 2013-05-14 07:09 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 20:08 - 2013-03-25 17:32 - 00000000 ____D C:\Users\Filip\Desktop\Údržba systému
2013-07-15 20:08 - 2013-03-25 17:13 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForFilip
2013-07-15 20:08 - 2013-03-23 11:15 - 00000000 ____D C:\Program Files\trend micro
2013-07-15 19:58 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 19:58 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 19:51 - 2013-03-23 12:23 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-15 19:49 - 2010-01-18 19:19 - 00000000 ___RD C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-15 09:48 - 2013-05-15 19:33 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3699565631-1233754026-3347145664-1000Core.job
2013-07-15 09:38 - 2013-07-15 09:38 - 00000162 _____ C:\ProgramData\wavav0bdtzbtb43b.reg
2013-07-15 09:38 - 2013-07-15 09:38 - 00000067 _____ C:\ProgramData\wavav0bdtzbtb43b.bat
2013-07-14 18:27 - 2012-08-05 12:13 - 00000000 ____D C:\Users\Filip\AppData\Roaming\.minecraft
2013-07-14 18:26 - 2013-07-14 18:26 - 00694784 _____ (AnjoCaido) C:\Users\Filip\Downloads\MinecraftSP (1).exe
2013-07-14 17:28 - 2013-03-29 19:55 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-13 09:43 - 2010-03-05 21:02 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3699565631-1233754026-3347145664-1000UA
2013-07-13 09:43 - 2010-03-05 21:02 - 00003536 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3699565631-1233754026-3347145664-1000Core
2013-07-13 09:23 - 2011-06-03 12:39 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 09:23 - 2011-06-03 12:39 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 23:41 - 2010-01-25 17:43 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Skype
2013-07-12 07:50 - 2009-07-25 08:11 - 00000000 ____D C:\Windows\Panther
2013-07-12 07:49 - 2009-07-14 06:45 - 00510096 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 07:48 - 2012-05-21 13:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:48 - 2012-05-21 13:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 00:27 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 00:27 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-11 10:15 - 2010-01-18 17:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-11 10:05 - 2010-01-26 22:23 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-09 11:39 - 2013-07-09 11:31 - 00001949 _____ C:\Users\Filip\Downloads\LoL Skin Installer.settings
2013-07-09 11:38 - 2013-07-09 11:38 - 00000000 ____D C:\Users\Filip\Downloads\backup
2013-07-09 11:38 - 2013-07-09 11:30 - 00000000 ____D C:\Users\Filip\Downloads\fsb
2013-07-09 11:36 - 2013-07-09 11:37 - 12902397 _____ C:\Users\Filip\Downloads\allfiles.ini
2013-07-09 11:36 - 2013-07-09 11:36 - 15884631 _____ C:\Users\Filip\Downloads\Pulsefire Ezreal.zip
2013-07-09 11:36 - 2013-07-09 11:36 - 00000000 ____D C:\Users\Filip\Downloads\skins
2013-07-09 11:36 - 2013-07-09 11:36 - 00000000 ____D C:\Users\Filip\Downloads\icons
2013-07-09 11:36 - 2013-07-09 11:31 - 00002048 _____ C:\Users\Filip\Downloads\skins.db
2013-07-09 11:34 - 2013-07-09 11:33 - 18357281 _____ C:\Users\Filip\Downloads\6819 (2).zip
2013-07-09 11:30 - 2013-07-09 11:29 - 06709836 _____ C:\Users\Filip\Downloads\SIU 3.335-Lite (1).zip
2013-07-02 08:54 - 2013-07-02 08:54 - 00036079 _____ (Beepa Pty Ltd) C:\Users\Filip\Documents\uninstall.exe
2013-07-02 08:54 - 2013-07-02 08:54 - 00000750 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-07-02 08:54 - 2013-07-02 08:54 - 00000000 ____D C:\Users\Filip\Documents\HELP
2013-07-02 08:54 - 2013-07-02 08:53 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Filip\Downloads\setup.exe
2013-07-02 08:50 - 2013-07-02 08:50 - 00000000 ____D C:\Program Files (x86)\Fraps 3.4.7 - Pln verze
2013-07-02 08:49 - 2013-07-02 08:49 - 06129949 _____ ( ) C:\Users\Filip\Downloads\Fraps-3.4.7---Pln-verze.exe
2013-06-30 19:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-29 14:47 - 2012-04-21 17:06 - 00000000 ____D C:\Users\Filip\Documents\TrackMania
2013-06-28 16:38 - 2013-06-28 16:38 - 00000000 _____ C:\Windows\setuperr.log
2013-06-28 16:35 - 2010-03-11 14:37 - 00000000 ____D C:\Users\Filip\AppData\Roaming\DAEMON Tools Lite
2013-06-28 16:33 - 2013-03-23 18:58 - 00000000 ____D C:\Program Files\CCleaner
2013-06-28 16:25 - 2013-06-28 16:25 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-06-28 16:25 - 2013-06-28 16:25 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-06-28 16:25 - 2013-06-28 16:25 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-06-28 16:25 - 2013-03-23 12:23 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-06-28 16:25 - 2013-03-23 12:23 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-06-28 16:25 - 2013-03-23 12:23 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-06-28 16:25 - 2013-03-23 12:23 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-06-26 16:30 - 2013-05-08 17:45 - 00001031 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2013-06-26 16:30 - 2013-05-08 17:45 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-26 16:29 - 2010-01-18 17:26 - 00000000 ____D C:\Users\Filip
2013-06-25 19:11 - 2013-06-25 19:10 - 00694784 _____ (AnjoCaido) C:\Users\Filip\Downloads\MinecraftSP.exe
2013-06-24 18:41 - 2013-06-24 18:41 - 00001966 _____ C:\Users\Public\Desktop\AION Free-to-Play.lnk

Files to move or delete:
====================
C:\Users\Filip\sa-mp-0.3x-R1-2-install.exe
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
extendedinput Yes
default {current}
resumeobject {f04f848d-78e1-11de-b692-abbf25df600e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {8e58457e-9158-11de-9af0-e3c5e7dcf342}

Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {572bcd60-ffa7-11d9-aae0-0007e994107d}
device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description Microsoft Windows PE 2.0
osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
ems Yes

Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {8e58457e-9158-11de-9af0-e3c5e7dcf342}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{8e58457f-9158-11de-9af0-e3c5e7dcf342}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{8e58457f-9158-11de-9af0-e3c5e7dcf342}
systemroot \windows
nx OptIn
winpe Yes

Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {8e58457e-9158-11de-9af0-e3c5e7dcf342}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {f04f848d-78e1-11de-b692-abbf25df600e}
nx OptIn

Obnovenˇ z hibernace
---------------------
identifik tor {f04f848d-78e1-11de-b692-abbf25df600e}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

Nastavenˇ slu§by EMS
------------
identifik tor {emssettings}
bootems Yes

Nastavenˇ ladicˇho programu
-----------------
identifik tor {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Chyby pamŘti RAM
-----------
identifik tor {badmemory}

Glob lnˇ nastavenˇ
---------------
identifik tor {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Nastavenˇ hypervisoru
-------------------
identifik tor {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {resumeloadersettings}
inherit {globalsettings}

Parametry zaýˇzenˇ
--------------
identifik tor {8e58457f-9158-11de-9af0-e3c5e7dcf342}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi

Parametry instalaźnˇho disku RAM
---------------------
identifik tor {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi



LastRegBack: 2013-07-14 13:00

==================== End Of Log ============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - vir Policie ČR

#4 Příspěvek od vyosek »

:arrow: Pokud funguje aspon nejaky rezim, tak to pres mobil delat nemusite

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    HKLM-x32\...\Winlogon: [Shell] C:\PROGRA~3\wavav0bdtzbtb43b.bat [x ] () <=== ATTENTION
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] ()
HKCU\...\Run: [Google Update] - "C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe" /c [135664 2010-03-05] (Google Inc.)
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
SearchScopes: HKCU - {894DF7BE-FD83-442F-B1CF-7A6F697A2682} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=9B37C233-3778-4162-A1B6-EA01E07FE7D6&apn_sauid=1918D39F-A366-44D5-B149-AC7646337544
CHR DefaultSearchURL: (Ask) - http://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
CHR DefaultSuggestURL: (Ask) - http://ss.websearch.ask.com/query?qsrc= ... =prefix&q={searchTerms}
2013-07-15 09:38 - 2013-07-15 09:38 - 00000162 _____ C:\ProgramData\wavav0bdtzbtb43b.reg
2013-07-15 09:38 - 2013-07-15 09:38 - 00000067 _____ C:\ProgramData\wavav0bdtzbtb43b.bat
C:\Windows\inf\ntvdm.vbe
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny log na flashku k FRST
:arrow: Spustte znovu FRST.exe na tom poskozenem PC
  • Kliknete na Fix
  • Probehne oprava a na flash disku se vytvori log Fixlog.txt
:arrow: Pokuste se nastartovat do bezneho rezimu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#5 Příspěvek od Mikone »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2013
Ran by Filip at 2013-07-15 21:49:16 Run:1
Running from I:\download
Boot Mode: Safe Mode (minimal)
==============================================

HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value was restored successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{894DF7BE-FD83-442F-B1CF-7A6F697A2682} => Key deleted successfully.
HKCR\CLSID\{894DF7BE-FD83-442F-B1CF-7A6F697A2682} => Key not found.
CHR DefaultSearchURL: (Ask) - http://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Ask) - http://ss.websearch.ask.com/query?qsrc= ... =prefix&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
C:\ProgramData\wavav0bdtzbtb43b.reg => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.bat => Moved successfully.
C:\Windows\inf\ntvdm.vbe => Moved successfully.

==== End of Fixlog ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - vir Policie ČR

#6 Příspěvek od vyosek »

:arrow: Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe
  • Ulozte nejlepe na Plochu
  • U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
  • Kliknete na Scan
  • Po dokonceni skenu se objevi log FSS.txt ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Prohledat
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pockejte na dokonceni PreScanu
  • Zvolte moznost Prohledat (scan)
  • Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
  • Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#7 Příspěvek od Mikone »

Farbar Service Scanner Version: 13-07-2013
Ran by Filip (administrator) on 15-07-2013 at 22:00:34
Running from "C:\Users\Filip\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#8 Příspěvek od Mikone »

# AdwCleaner v2.305 - Log vytvooen 15/07/2013 v 22:02:22
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Filip - FILIP-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Filip\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\GadgetBox
Složka Nalezeno : C:\Program Files\Windows Sidebar\Shared Gadgets\gadgetbox.gadget
Složka Nalezeno : C:\ProgramData\GadgetBox
Složka Nalezeno : C:\Users\Filip\AppData\Roaming\registry mechanic

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\systweak
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klíe Nalezeno : HKLM\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\Software\systweak
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.41] : icon_url = "hxxp://www.ask.com/favicon.ico",
Nalezeno [l.44] : keyword = "ask.com",
Nalezeno [l.48] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=9B37C233-3778-4162-A1B6-EA01E07FE7D6&apn_ptnrs=U3&apn_sauid=1918D39F-A366-44D5-B149-AC7646337544&apn_dtid=OSJ000YYCZ&q={searchTerms}",
Nalezeno [l.49] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"

*************************

AdwCleaner[R1].txt - [2828 octets] - [15/07/2013 22:02:22]

########## EOF - C:\AdwCleaner[R1].txt - [2888 octets] ##########
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#9 Příspěvek od Mikone »

RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Filip [Práva správce]
Mód : Kontrola -- Datum : 07/15/2013 22:06:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 5 ¤¤¤
[V2][SUSP PATH] FRAPS : C:\Users\Filip\Documents\fraps.exe [x] -> NALEZENO
[V2][SUSP PATH] {1FF7FC61-3565-4449-9052-4A05E763D198} : "c:\users\filip\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/5.9.0.123/cs/abandoninstall?page=tsProgressBar [x][x] -> NALEZENO
[V2][SUSP PATH] {3FFAC14C-30D3-4C1B-BA21-54C8EEE47EEE} : "c:\users\filip\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/5.10.0.115/cs/abandoninstall?page=tsProgressBar [x][x] -> NALEZENO
[V2][SUSP PATH] {4620EA8C-42BE-40D4-8880-CCCBB78859E6} : "c:\users\filip\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/5.10.0.115/cs/abandoninstall?page=tsProgressBar [x][x] -> NALEZENO
[V2][SUSP PATH] {AFA50C73-26E6-4879-8818-B1BBD23E19AD} : "c:\users\filip\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/5.10.0.115/cs/abandoninstall?page=tsProgressBar [x][x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320423AS ATA Device +++++
--- User ---
[MBR] c21d6c30c4d3fffc24434e46c844953b
[BSP] 7acc52cea0aaff715b64792924727040 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 291862 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 598142976 | Size: 13182 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST9320423AS ATA Device +++++
--- User ---
[MBR] 25d6317796b4c46d07c24561ee86d732
[BSP] a88edabaff0b56dde355ea7209e0f971 : Empty MBR Code
Partition table:
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: ST9320423AS ATA Device +++++
--- User ---
[MBR] 9bc31f88dbf64c0e49ec5f591de42500
[BSP] c1d498debf80fdc67d225ee6fe492b69 : Empty MBR Code
Partition table:
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_07152013_220657.txt >>
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - vir Policie ČR

#10 Příspěvek od vyosek »

:arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Smazat
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#11 Příspěvek od Mikone »

RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Filip [Práva správce]
Mód : Odebrat -- Datum : 07/15/2013 22:17:13
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 5 ¤¤¤
[V2][SUSP PATH] FRAPS : C:\Users\Filip\Documents\fraps.exe [x] -> VYMAZÁNO
[V2][SUSP PATH] {1FF7FC61-3565-4449-9052-4A05E763D198} : "c:\users\filip\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/5.9.0.123/cs/abandoninstall?page=tsProgressBar [x][x] -> VYMAZÁNO
[V2][SUSP PATH] {3FFAC14C-30D3-4C1B-BA21-54C8EEE47EEE} : "c:\users\filip\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/5.10.0.115/cs/abandoninstall?page=tsProgressBar [x][x] -> VYMAZÁNO
[V2][SUSP PATH] {4620EA8C-42BE-40D4-8880-CCCBB78859E6} : "c:\users\filip\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/5.10.0.115/cs/abandoninstall?page=tsProgressBar [x][x] -> VYMAZÁNO
[V2][SUSP PATH] {AFA50C73-26E6-4879-8818-B1BBD23E19AD} : "c:\users\filip\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/5.10.0.115/cs/abandoninstall?page=tsProgressBar [x][x] -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320423AS ATA Device +++++
--- User ---
[MBR] c21d6c30c4d3fffc24434e46c844953b
[BSP] 7acc52cea0aaff715b64792924727040 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 291862 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 598142976 | Size: 13182 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST9320423AS ATA Device +++++
--- User ---
[MBR] 25d6317796b4c46d07c24561ee86d732
[BSP] a88edabaff0b56dde355ea7209e0f971 : Empty MBR Code
Partition table:
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: ST9320423AS ATA Device +++++
--- User ---
[MBR] 9bc31f88dbf64c0e49ec5f591de42500
[BSP] c1d498debf80fdc67d225ee6fe492b69 : Empty MBR Code
Partition table:
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_07152013_221713.txt >>
RKreport[0]_S_07152013_220657.txt;RKreport[0]_S_07152013_221651.txt
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#12 Příspěvek od Mikone »

RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Filip [Práva správce]
Mód : Oprava HOSTS -- Datum : 07/15/2013 22:19:43
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_07152013_221943.txt >>
RKreport[0]_D_07152013_221713.txt;RKreport[0]_S_07152013_220657.txt;RKreport[0]_S_07152013_221651.txt
RKreport[0]_S_07152013_221939.txt
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#13 Příspěvek od Mikone »

# AdwCleaner v2.305 - Log vytvooen 15/07/2013 v 22:21:03
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Filip - FILIP-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Filip\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\GadgetBox
Složka Vymazáno : C:\Program Files\Windows Sidebar\Shared Gadgets\gadgetbox.gadget
Složka Vymazáno : C:\ProgramData\GadgetBox
Složka Vymazáno : C:\Users\Filip\AppData\Roaming\registry mechanic

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\systweak
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klíe Vymazáno : HKLM\Software\ICQ\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\Software\systweak
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.41] : icon_url = "hxxp://www.ask.com/favicon.ico",
Vymazáno [l.44] : keyword = "ask.com",
Vymazáno [l.48] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=9B[...]
Vymazáno [l.49] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

*************************

AdwCleaner[R1].txt - [2951 octets] - [15/07/2013 22:02:22]
AdwCleaner[S1].txt - [2762 octets] - [15/07/2013 22:21:03]

########## EOF - C:\AdwCleaner[S1].txt - [2822 octets] ##########
Nahoru
Mikone
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 07 srp 2007 20:57
Bydliště: Jeseník

Re: Prosím o kontrolu logu - vir Policie ČR

#14 Příspěvek od Mikone »

vyosek píše::arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Smazat
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Provedeno.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - vir Policie ČR

#15 Příspěvek od vyosek »

Mikone píše: Provedeno.
Ano ja vidim, nebo jste me jen prisel popohanet :?: My jsme tu zdarma a ve svem volnem case, zaplatte si draheho technika a muzete si jej popohanet co pet minut...

:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
  • Provedte aktualizaci
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“