Zdravím, před pár dny jsem chytil Vir Policie ČR, PC občas na pár vteřin zamrzne, když ho nechám jít do úsporného réžimu tak monitor zhasne PC stále běží a následně nejde nastarto jedině až restartem a když PC vypínám a nechám aktualizovat win tak po aktualizaci by se měl vypnout ale vypne se jenom monitor PC běží dál a musím ho restartovat a znovu vypnou. Přikládám log z RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by vitek at 2013-11-06 16:26:50
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 56 GB (12%) free of 477 GB
Total RAM: 4058 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:27:23, on 6.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\B - Games\Games\Total War Rome II\Steam.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\vitek.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\B - Games\Games\Total War Rome II\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-424216138-2398977927-332361869-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-424216138-2398977927-332361869-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10462 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\B - Games\Games\Total War Rome II\Steam.exe" -silent
"C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "758449022-13832182015453049051356238385-18278703131257888689-505540835-1503743187
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe"
taskeng.exe {8830561C-C023-4452-9714-954D4C9A8A37}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\vitek\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe" -Embedding
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll [2013-08-30 1142944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-10-18 1567016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 6718864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 4220304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-10-18 606544]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-10-18 1567016]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll [2013-08-30 1142944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-10-18 606544]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
{30F9B915-B755-4826-820B-08FBA6BD249D}
{7c5c0f58-e061-457d-9033-77307f5ed00c}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll [2013-08-30 1423520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-10-18 1028384]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-10-18 1063200]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files (x86)\ICQ6.5\ICQ.exe silent []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"OEXPRESS"= []
"WEBTRAN"= []
"Steam"=C:\B - Games\Games\Total War Rome II\Steam.exe [2013-10-30 1820584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-10-18 3567800]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 6718864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 4220304]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-11-06 16:26:50 ----D---- C:\rsit
2013-11-06 16:26:50 ----D---- C:\Program Files\trend micro
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-11-04 17:48:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvopencl.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvoglv64.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvinitx.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\NvIFR64.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\NvFBC64.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvcuvid.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvcuda.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\nvcompiler.dll
2013-11-04 17:48:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-30 19:15:38 ----A---- C:\Windows\system32\nvspcap64.dll
2013-10-30 19:15:37 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2013-10-30 19:11:09 ----A---- C:\Windows\system32\nvhdagenco64.dll
2013-10-30 19:11:08 ----A---- C:\Windows\system32\nvdispgenco6433165.dll
2013-10-30 19:11:08 ----A---- C:\Windows\system32\nvdispco6433165.dll
2013-10-30 18:00:02 ----D---- C:\ProgramData\Package Cache
2013-10-28 12:23:35 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-10-28 12:20:23 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-10-28 12:20:23 ----A---- C:\Windows\system32\nvhdap64.dll
2013-10-28 12:20:23 ----A---- C:\Windows\system32\nvdispgenco6433158.dll
2013-10-28 12:20:23 ----A---- C:\Windows\system32\nvdispco6433158.dll
2013-10-28 12:20:23 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-10-28 12:20:23 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-10-28 12:20:23 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-10-19 08:57:20 ----D---- C:\programy
2013-10-18 14:12:59 ----D---- C:\Users\vitek\AppData\Roaming\AVAST Software
2013-10-18 14:05:52 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-10-18 14:05:51 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-10-18 14:05:50 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-10-15 16:54:06 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2013-10-12 14:41:11 ----D---- C:\Program Files\McAfee Security Scan
2013-10-10 20:04:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-10 20:04:48 ----A---- C:\Windows\system32\ieui.dll
2013-10-10 20:04:47 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-10 20:04:47 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-10 20:04:47 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-10 20:04:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-10 20:04:47 ----A---- C:\Windows\system32\iesetup.dll
2013-10-10 20:04:47 ----A---- C:\Windows\system32\iernonce.dll
2013-10-10 20:04:47 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-10 20:04:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-10 20:04:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 20:04:46 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-10 20:04:46 ----A---- C:\Windows\system32\iertutil.dll
2013-10-10 20:04:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-10 20:04:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-10 20:04:44 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-10 20:04:44 ----A---- C:\Windows\system32\jscript.dll
2013-10-10 20:04:43 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-10 20:04:43 ----A---- C:\Windows\system32\jscript9.dll
2013-10-10 20:04:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-10 20:04:42 ----A---- C:\Windows\system32\urlmon.dll
2013-10-10 20:04:41 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-10 20:04:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-10 20:04:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-10 20:04:40 ----A---- C:\Windows\system32\wininet.dll
2013-10-10 20:04:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-10 20:04:38 ----A---- C:\Windows\system32\ieframe.dll
2013-10-10 20:04:36 ----A---- C:\Windows\system32\mshtml.dll
2013-10-10 20:04:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-10 11:18:52 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 11:18:52 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 11:18:51 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 11:18:51 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 11:18:51 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 11:18:50 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 11:18:50 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 11:18:50 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 11:18:50 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 11:18:50 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 11:18:50 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 11:18:50 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 11:18:50 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 11:18:49 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-10 11:18:49 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 11:18:49 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 11:18:49 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 11:18:48 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-10 11:18:48 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-10 11:18:48 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-10 11:18:48 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-10 11:18:48 ----A---- C:\Windows\system32\davclnt.dll
2013-10-10 11:18:47 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-10 11:18:47 ----A---- C:\Windows\system32\mswsock.dll
2013-10-10 11:18:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-10 11:18:47 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-10 11:18:46 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 11:18:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-10 11:18:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-10 11:18:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-10 11:18:43 ----A---- C:\Windows\system32\tdh.dll
2013-10-10 11:18:43 ----A---- C:\Windows\system32\advapi32.dll
2013-10-10 11:18:42 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-10 11:18:42 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-10 11:18:42 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-10 11:18:42 ----A---- C:\Windows\system32\ntdll.dll
2013-10-10 11:18:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-10 11:18:41 ----A---- C:\Windows\system32\wow64.dll
2013-10-10 11:18:40 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-10 11:18:40 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-10 11:18:40 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-10 11:18:40 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-10 11:18:30 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:18:30 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:18:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 11:18:29 ----A---- C:\Windows\system32\scavengeui.dll
======List of files/folders modified in the last 1 months======
2013-11-06 16:27:15 ----D---- C:\Windows\Temp
2013-11-06 16:27:02 ----D---- C:\Windows\Prefetch
2013-11-06 16:26:50 ----RD---- C:\Program Files
2013-11-06 16:04:52 ----D---- C:\Windows\system32\config
2013-11-06 15:56:59 ----D---- C:\Windows\tracing
2013-11-06 15:50:31 ----D---- C:\ProgramData\NVIDIA
2013-11-05 21:03:04 ----SHD---- C:\System Volume Information
2013-11-05 10:52:31 ----D---- C:\Windows\System32
2013-11-05 10:52:31 ----D---- C:\Windows\inf
2013-11-05 10:52:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-05 08:39:39 ----D---- C:\Windows
2013-11-05 08:38:20 ----D---- C:\Windows\SysWOW64
2013-11-04 17:52:01 ----D---- C:\Windows\system32\drivers
2013-11-04 17:51:36 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-11-04 17:51:27 ----D---- C:\Windows\system32\DriverStore
2013-11-04 17:51:27 ----D---- C:\Windows\system32\catroot
2013-11-04 17:49:47 ----D---- C:\Windows\system32\catroot2
2013-11-04 17:02:43 ----RD---- C:\Program Files (x86)
2013-11-03 23:15:58 ----D---- C:\Users\vitek\AppData\Roaming\Skype
2013-11-03 13:23:23 ----SHD---- C:\Windows\Installer
2013-11-03 13:23:23 ----HD---- C:\ProgramData
2013-11-03 13:23:22 ----D---- C:\Program Files (x86)\SweetIM
2013-11-01 14:47:53 ----D---- C:\Windows\Minidump
2013-10-31 15:58:18 ----D---- C:\ProgramData\NVIDIA Corporation
2013-10-30 19:15:37 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-30 19:15:32 ----RSD---- C:\Windows\assembly
2013-10-29 13:17:03 ----D---- C:\D - Filmy
2013-10-28 12:22:27 ----RD---- C:\Users
2013-10-18 14:10:37 ----D---- C:\Windows\winsxs
2013-10-18 14:10:33 ----A---- C:\Windows\system32\aswBoot.exe
2013-10-18 14:06:04 ----D---- C:\ProgramData\AVAST Software
2013-10-18 14:05:51 ----D---- C:\Windows\system32\Tasks
2013-10-16 01:48:05 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-10-16 01:48:05 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-10-16 01:48:05 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-10-16 01:48:05 ----A---- C:\Windows\system32\nvapi64.dll
2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvsvc64.dll
2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvcpl.dll
2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvvsvc.exe
2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvshext.dll
2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvmctray.dll
2013-10-14 11:27:36 ----D---- C:\Windows\rescache
2013-10-11 16:32:46 ----D---- C:\Windows\Microsoft.NET
2013-10-11 12:52:40 ----D---- C:\Program Files\Internet Explorer
2013-10-11 12:52:40 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-11 12:52:38 ----D---- C:\Windows\AppPatch
2013-10-10 20:04:03 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-10 20:00:37 ----D---- C:\Windows\system32\MRT
2013-10-10 19:58:55 ----A---- C:\Windows\system32\MRT.exe
2013-10-10 19:54:48 ----D---- C:\Windows\system32\cs-CZ
2013-10-09 14:30:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-18 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-10-18 205320]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-03 834544]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-18 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-10-18 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-10-18 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-10-18 65264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-10-18 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-10-18 84328]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
S3 aqgaku1m;aqgaku1m; C:\Windows\system32\drivers\aqgaku1m.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-18 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-09-19 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-15 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-18 1914656]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-27 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-15 414496]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe [2013-08-30 240288]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.exe [2013-08-30 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-12-28 51727736]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-04 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vir Policie ČR log
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Vir Policie ČR log
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Vir Policie ČR log
zde je log z AdwCleaner, nevím jestli to bude mět na něco vliv ale rači to sem napíšu, v programu jse dal dle pokynu Scan následně Clean po té si program udělal restart PC ale ten nenaběhnul zamrzl na černé obrazovce tak že jsem dal tvrdý restart PC poté naběhnul normálně a vyskočil i log AdwCleaner jak bylo psáno v návodu. Rači jsem to napsal jen pro jistotu
# AdwCleaner v3.011 - Report created 06/11/2013 at 19:33:13
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : vitek - VITEK-PC
# Running from : C:\Users\vitek\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\BS_Player
Folder Deleted : C:\Program Files (x86)\TorrentMan
Folder Deleted : C:\Users\vitek\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\vitek\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\vitek\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\vitek\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\vitek\AppData\LocalLow\TorrentMan
Folder Deleted : C:\Users\vitek\AppData\Roaming\Babylon
Folder Deleted : C:\Users\vitek\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\vitek\AppData\Roaming\Systweak
Folder Deleted : C:\Users\vitek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\vitek\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default\searchplugins\Babylon.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C5C0F58-E061-457D-9033-77307F5ED00C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKCU\Software\AppDataLow\Software\TorrentMan
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\Software\TorrentMan
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TorrentMan Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v24.0 (cs)
[ File : C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\vitek\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
*************************
AdwCleaner[R0].txt - [7586 octets] - [06/11/2013 19:29:01]
AdwCleaner[S0].txt - [6463 octets] - [06/11/2013 19:33:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6523 octets] ##########
# AdwCleaner v3.011 - Report created 06/11/2013 at 19:33:13
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : vitek - VITEK-PC
# Running from : C:\Users\vitek\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\BS_Player
Folder Deleted : C:\Program Files (x86)\TorrentMan
Folder Deleted : C:\Users\vitek\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\vitek\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\vitek\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\vitek\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\vitek\AppData\LocalLow\TorrentMan
Folder Deleted : C:\Users\vitek\AppData\Roaming\Babylon
Folder Deleted : C:\Users\vitek\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\vitek\AppData\Roaming\Systweak
Folder Deleted : C:\Users\vitek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\vitek\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default\searchplugins\Babylon.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C5C0F58-E061-457D-9033-77307F5ED00C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKCU\Software\AppDataLow\Software\TorrentMan
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\Software\TorrentMan
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TorrentMan Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v24.0 (cs)
[ File : C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\vitek\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
*************************
AdwCleaner[R0].txt - [7586 octets] - [06/11/2013 19:29:01]
AdwCleaner[S0].txt - [6463 octets] - [06/11/2013 19:33:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6523 octets] ##########
Re: Vir Policie ČR log
A log z Malwarebytes Anti-Malware
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.11.06.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
vitek :: VITEK-PC [administrátor]
Ochrana: Povolena
6.11.2013 19:53:53
MBAM-log-2013-11-06 (20-56-50).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 421636
Uplynulý čas: 55 minut, 10 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {65AC731B-6709-11E2-9DB7-5404A60BEFB4} -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 12
C:\AdwCleaner\Quarantine\C\Users\vitek\AppData\Local\Temp\OCS\ocs_v6y.exe.vir (PUP.Optional.DownloadSponsor.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Users\vitek\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\38a9a2bd481c318de68b1ad291d5302f\swe-et-imBundle.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VO4VTKY\rcpsetup17970[1].exe (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W6L4H47\DeltaTB[1].exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\MLco0R5M.exe.part (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\Shortcut_swe-et-imBundle.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\2827278562\chromeupdaterfull.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\Desktop\vitek\winamp5623_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.11.06.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
vitek :: VITEK-PC [administrátor]
Ochrana: Povolena
6.11.2013 19:53:53
MBAM-log-2013-11-06 (20-56-50).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 421636
Uplynulý čas: 55 minut, 10 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {65AC731B-6709-11E2-9DB7-5404A60BEFB4} -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 12
C:\AdwCleaner\Quarantine\C\Users\vitek\AppData\Local\Temp\OCS\ocs_v6y.exe.vir (PUP.Optional.DownloadSponsor.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Users\vitek\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\38a9a2bd481c318de68b1ad291d5302f\swe-et-imBundle.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VO4VTKY\rcpsetup17970[1].exe (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W6L4H47\DeltaTB[1].exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\MLco0R5M.exe.part (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\Shortcut_swe-et-imBundle.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\2827278562\chromeupdaterfull.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\vitek\Desktop\vitek\winamp5623_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
(konec)
Re: Vir Policie ČR log
Nalezy smazte, objevi se log, ten rad uvidim..."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vir Policie ČR log
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.11.06.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
vitek :: VITEK-PC [administrátor]
Ochrana: Povolena
6.11.2013 19:53:53
mbam-log-2013-11-06 (19-53-53).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 421636
Uplynulý čas: 55 minut, 10 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {65AC731B-6709-11E2-9DB7-5404A60BEFB4} -> Přesun do karantény a smazání se zdařilo.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 12
C:\AdwCleaner\Quarantine\C\Users\vitek\AppData\Local\Temp\OCS\ocs_v6y.exe.vir (PUP.Optional.DownloadSponsor.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Users\vitek\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\38a9a2bd481c318de68b1ad291d5302f\swe-et-imBundle.exe.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VO4VTKY\rcpsetup17970[1].exe (PUP.Optional.RegCleanerPro) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W6L4H47\DeltaTB[1].exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\MLco0R5M.exe.part (PUP.Optional.OneClickDownloader.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\Shortcut_swe-et-imBundle.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\2827278562\chromeupdaterfull.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\Desktop\vitek\winamp5623_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
(konec)
www.malwarebytes.org
Verze: v2013.11.06.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
vitek :: VITEK-PC [administrátor]
Ochrana: Povolena
6.11.2013 19:53:53
mbam-log-2013-11-06 (19-53-53).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 421636
Uplynulý čas: 55 minut, 10 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {65AC731B-6709-11E2-9DB7-5404A60BEFB4} -> Přesun do karantény a smazání se zdařilo.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 12
C:\AdwCleaner\Quarantine\C\Users\vitek\AppData\Local\Temp\OCS\ocs_v6y.exe.vir (PUP.Optional.DownloadSponsor.A) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Users\vitek\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\38a9a2bd481c318de68b1ad291d5302f\swe-et-imBundle.exe.vir (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VO4VTKY\rcpsetup17970[1].exe (PUP.Optional.RegCleanerPro) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W6L4H47\DeltaTB[1].exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\MLco0R5M.exe.part (PUP.Optional.OneClickDownloader.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\Shortcut_swe-et-imBundle.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\2827278562\chromeupdaterfull.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\AppData\Local\Temp\B6A84C4D-BAB0-7891-B655-990C38ACB757\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\vitek\Desktop\vitek\winamp5623_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
(konec)
Re: Vir Policie ČR log
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vir Policie ČR log
Přidávám požadovaný log, ještě chci dodat že v čera po smazání souboru z Malwarebytes Anti-Malware, následně proběhnul restartu PC dle doporučení programu vše naběhlo v pohodě, tak jsem spustil internet šel na facebook chtěl se podívat na fotku a v tom zamrzl PC a musel jsem dát tvrdý restart pak už to bylo v pohodě. Píšu to jen pro info jak se PC chová, jen pro sychr.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by vitek (administrator) on VITEK-PC on 07-11-2013 13:27:36
Running from C:\Users\vitek\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Valve Corporation) C:\B - Games\Games\Total War Rome II\Steam.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
(forum.viry.cz) C:\Users\vitek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKCU\...\Run: [OEXPRESS] - [x]
HKCU\...\Run: [WEBTRAN] - [x]
HKCU\...\Run: [Steam] - C:\B - Games\Games\Total War Rome II\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-18] (AVAST Software)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms ... earch_6826
SearchScopes: HKCU - {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKCU - {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKCU - {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: No Name - C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\vitek\AppData\Local\Google\Chrome\Application\15.0.874.102\gcswf32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\vitek\AppData\Local\Google\Chrome\Application\15.0.874.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\vitek\AppData\Local\Google\Chrome\Application\15.0.874.102\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (avast! Online Security) - C:\Users\vitek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-18] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-09-19] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-11-27] ()
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-18] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-12-03] ()
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
U3 anayc1h2; C:\Windows\System32\Drivers\anayc1h2.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-07 13:26 - 2013-11-07 13:26 - 00000000 ____D C:\FRST
2013-11-07 13:24 - 2013-11-07 13:24 - 00112128 _____ (forum.viry.cz) C:\Users\vitek\Desktop\FRSTLauncher.exe
2013-11-07 13:23 - 2013-11-07 13:23 - 01957098 _____ (Farbar) C:\Users\vitek\Desktop\FRST64.exe
2013-11-06 19:50 - 2013-11-06 19:50 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\Users\vitek\AppData\Roaming\Malwarebytes
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-06 19:50 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-06 19:49 - 2013-11-06 19:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\vitek\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-06 19:28 - 2013-11-06 19:33 - 00000000 ____D C:\AdwCleaner
2013-11-06 18:41 - 2013-11-06 18:41 - 01073262 _____ C:\Users\vitek\Desktop\adwcleaner.exe
2013-11-06 17:28 - 2013-11-05 23:11 - 00033715 _____ C:\Users\vitek\Desktop\how.i.met.your.mother.s09e08.hdtv.x264-2hd.srt
2013-11-06 17:18 - 2013-11-06 17:28 - 249836627 _____ C:\Users\vitek\Desktop\Marvels.Agents.of.S.H.I.E.L.D.S01E06.HDTV.x264-2HD.mp4
2013-11-06 16:39 - 2013-11-06 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 16:26 - 2013-11-06 16:27 - 00000000 ____D C:\rsit
2013-11-06 16:26 - 2013-11-06 16:27 - 00000000 ____D C:\Program Files\trend micro
2013-11-06 16:25 - 2013-11-06 16:25 - 00832273 _____ C:\Users\vitek\Desktop\RSITx64.exe
2013-11-05 17:56 - 2013-11-05 18:48 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part09.rar
2013-11-05 17:16 - 2013-11-05 17:52 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part08.rar
2013-11-05 16:25 - 2013-11-05 17:01 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part07.rar
2013-11-05 15:44 - 2013-11-05 16:23 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part06.rar
2013-11-05 14:47 - 2013-11-05 15:19 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part05.rar
2013-11-05 14:10 - 2013-11-05 14:46 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part04.rar
2013-11-05 13:19 - 2013-11-05 14:02 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part03.rar
2013-11-05 12:32 - 2013-11-05 13:18 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part02.rar
2013-11-05 11:55 - 2013-11-05 12:29 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part01.rar
2013-11-05 11:24 - 2013-11-05 11:28 - 195060766 _____ C:\Users\vitek\Desktop\How.I.Met.Your.Mother.S09E08.HDTV.x264-2HD.mp4
2013-11-04 19:02 - 2013-11-02 17:03 - 00051122 _____ C:\Users\vitek\Desktop\s27e07_2hd.srt
2013-11-04 19:01 - 2013-10-31 07:19 - 369233915 _____ C:\Users\vitek\Desktop\survivor.s27e07.hdtv.x264-2hd.mp4
2013-11-04 17:48 - 2013-10-16 01:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-04 17:48 - 2013-10-16 01:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-11-03 17:37 - 2013-11-01 15:26 - 288110414 _____ C:\Users\vitek\Desktop\Revolution.2012.S02E06.HDTV.x264-LOL.mp4
2013-11-03 17:37 - 2013-11-01 10:14 - 00030269 _____ C:\Users\vitek\Desktop\Revolution.2012.S02E06.HDTV.x264-LOL.srt
2013-11-03 16:50 - 2013-11-02 18:11 - 00044243 _____ C:\Users\vitek\Desktop\grimm.302.hdtv-lol.srt
2013-11-03 16:44 - 2013-11-01 20:13 - 364371944 _____ C:\Users\vitek\Desktop\Grimm.S03E02.HDTV.XviD-FUM.avi
2013-11-03 14:54 - 2013-11-03 15:09 - 312958111 _____ C:\Users\vitek\Desktop\atlantis.2013.s01e06.hdtv.x264-tla.mp4
2013-11-03 13:44 - 2013-11-02 18:21 - 937060216 _____ C:\Users\vitek\Desktop\wtm.avi
2013-11-03 13:44 - 2013-11-02 17:55 - 00145455 _____ C:\Users\vitek\Desktop\wtm.srt
2013-11-03 12:59 - 2013-11-02 17:00 - 00000000 ____D C:\Users\vitek\Desktop\FTX Operation Snake II 1-2.11.13
2013-11-01 14:47 - 2013-11-01 14:47 - 00311696 _____ C:\Windows\Minidump\110113-18267-01.dmp
2013-10-30 19:15 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-30 19:15 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-30 19:11 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-30 19:11 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-30 19:11 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-10-30 18:01 - 2013-10-30 18:02 - 00000000 ____D C:\Users\vitek\Documents\Battlefield 4
2013-10-30 18:00 - 2013-10-30 18:00 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-28 12:30 - 2013-10-28 12:30 - 00000000 ____D C:\Users\vitek\AppData\Local\NVIDIA
2013-10-28 12:23 - 2013-10-28 12:23 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-28 12:22 - 2013-10-28 12:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Šablony
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Soubory cookie
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Poslední
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní tiskárny
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní síť
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Nabídka Start
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Dokumenty
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Obrázky
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Hudba
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Filmy
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Data aplikací
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Data aplikací
2013-10-28 12:22 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-28 12:22 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-28 12:20 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-28 12:20 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-28 12:20 - 2013-08-20 14:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-28 12:20 - 2013-08-20 14:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-28 12:20 - 2013-08-20 14:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-28 12:20 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-28 12:20 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-23 17:50 - 2013-10-23 17:50 - 01526272 _____ C:\Users\vitek\Desktop\Akce KAM W42 2013.xls
2013-10-19 08:57 - 2013-10-19 08:57 - 00000000 ____D C:\programy
2013-10-18 18:57 - 2013-10-18 18:57 - 00291728 _____ C:\Windows\Minidump\101813-16224-01.dmp
2013-10-18 14:12 - 2013-10-18 14:12 - 00000000 ____D C:\Users\vitek\AppData\Roaming\AVAST Software
2013-10-18 14:05 - 2013-11-06 15:53 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-18 14:05 - 2013-10-18 14:10 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-18 14:05 - 2013-10-18 14:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-18 14:05 - 2013-10-18 14:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-15 16:54 - 2013-10-15 16:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-13 16:52 - 2013-11-05 11:14 - 00000000 ____D C:\Users\vitek\Desktop\FTX Operation Snake
2013-10-12 14:41 - 2013-10-12 14:41 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-10 20:04 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 20:04 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 20:04 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 20:04 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 20:04 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 20:04 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 20:04 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 20:04 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 20:04 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 20:04 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 11:18 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 11:18 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 11:18 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 11:18 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 11:18 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 11:18 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 11:18 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 11:18 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 11:18 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 11:18 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 11:18 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 11:18 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 11:18 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 11:18 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 11:18 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 11:18 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 11:18 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 11:18 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 11:18 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 11:18 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 11:18 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 11:18 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 11:18 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:18 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:18 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 11:18 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 11:18 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 11:18 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 11:18 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 11:18 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 11:18 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 11:18 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 11:18 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 11:18 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 11:18 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 11:18 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 11:18 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 11:18 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 11:18 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 11:18 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 11:18 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 11:18 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 11:18 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 11:18 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 11:18 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 11:18 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
==================== One Month Modified Files and Folders =======
2013-11-07 13:26 - 2013-11-07 13:26 - 00000000 ____D C:\FRST
2013-11-07 13:26 - 2012-04-03 08:23 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-07 13:24 - 2013-11-07 13:24 - 00112128 _____ (forum.viry.cz) C:\Users\vitek\Desktop\FRSTLauncher.exe
2013-11-07 13:23 - 2013-11-07 13:23 - 01957098 _____ (Farbar) C:\Users\vitek\Desktop\FRST64.exe
2013-11-07 13:18 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-07 13:18 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-07 13:15 - 2011-12-02 16:55 - 01514578 _____ C:\Windows\WindowsUpdate.log
2013-11-07 13:11 - 2011-12-03 12:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-07 13:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-07 13:11 - 2009-07-14 05:51 - 00117788 _____ C:\Windows\setupact.log
2013-11-06 21:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-11-06 21:32 - 2010-11-21 04:47 - 00064254 _____ C:\Windows\PFRO.log
2013-11-06 21:31 - 2012-04-28 14:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-06 21:27 - 2011-12-03 09:36 - 00000000 ___RD C:\Users\vitek\Desktop\vitek
2013-11-06 21:13 - 2011-04-12 09:34 - 00666406 _____ C:\Windows\system32\perfh005.dat
2013-11-06 21:13 - 2011-04-12 09:34 - 00140102 _____ C:\Windows\system32\perfc005.dat
2013-11-06 21:13 - 2009-07-14 06:13 - 01577410 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-06 19:50 - 2013-11-06 19:50 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\Users\vitek\AppData\Roaming\Malwarebytes
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-06 19:49 - 2013-11-06 19:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\vitek\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-06 19:33 - 2013-11-06 19:28 - 00000000 ____D C:\AdwCleaner
2013-11-06 19:33 - 2011-12-02 21:14 - 00000000 ____D C:\ProgramData\ICQ
2013-11-06 18:41 - 2013-11-06 18:41 - 01073262 _____ C:\Users\vitek\Desktop\adwcleaner.exe
2013-11-06 17:28 - 2013-11-06 17:18 - 249836627 _____ C:\Users\vitek\Desktop\Marvels.Agents.of.S.H.I.E.L.D.S01E06.HDTV.x264-2HD.mp4
2013-11-06 17:28 - 2013-08-23 16:29 - 00950272 ___SH C:\Users\vitek\Desktop\Thumbs.db
2013-11-06 16:39 - 2013-11-06 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 16:27 - 2013-11-06 16:26 - 00000000 ____D C:\rsit
2013-11-06 16:27 - 2013-11-06 16:26 - 00000000 ____D C:\Program Files\trend micro
2013-11-06 16:25 - 2013-11-06 16:25 - 00832273 _____ C:\Users\vitek\Desktop\RSITx64.exe
2013-11-06 15:53 - 2013-10-18 14:05 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-05 23:11 - 2013-11-06 17:28 - 00033715 _____ C:\Users\vitek\Desktop\how.i.met.your.mother.s09e08.hdtv.x264-2hd.srt
2013-11-05 18:48 - 2013-11-05 17:56 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part09.rar
2013-11-05 17:52 - 2013-11-05 17:16 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part08.rar
2013-11-05 17:01 - 2013-11-05 16:25 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part07.rar
2013-11-05 16:23 - 2013-11-05 15:44 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part06.rar
2013-11-05 15:19 - 2013-11-05 14:47 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part05.rar
2013-11-05 14:46 - 2013-11-05 14:10 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part04.rar
2013-11-05 14:02 - 2013-11-05 13:19 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part03.rar
2013-11-05 13:18 - 2013-11-05 12:32 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part02.rar
2013-11-05 12:29 - 2013-11-05 11:55 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part01.rar
2013-11-05 11:28 - 2013-11-05 11:24 - 195060766 _____ C:\Users\vitek\Desktop\How.I.Met.Your.Mother.S09E08.HDTV.x264-2HD.mp4
2013-11-05 11:14 - 2013-10-13 16:52 - 00000000 ____D C:\Users\vitek\Desktop\FTX Operation Snake
2013-11-05 11:14 - 2012-12-07 19:17 - 00000000 ____D C:\Users\vitek\Desktop\10ODA
2013-11-05 11:13 - 2013-05-29 13:05 - 00000080 _____ C:\Users\vitek\Desktop\Nový textový dokument.txt
2013-11-05 10:47 - 2013-10-04 13:45 - 00000000 ___RD C:\Users\vitek\Desktop\ŠKOLA
2013-11-05 10:46 - 2011-12-05 15:05 - 00000000 ___RD C:\Users\vitek\Desktop\Staniček
2013-11-04 17:51 - 2011-12-03 12:30 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-03 23:15 - 2013-07-21 22:16 - 00000000 ____D C:\Users\vitek\AppData\Roaming\Skype
2013-11-03 15:09 - 2013-11-03 14:54 - 312958111 _____ C:\Users\vitek\Desktop\atlantis.2013.s01e06.hdtv.x264-tla.mp4
2013-11-03 12:59 - 2012-11-04 19:35 - 00000000 ____D C:\Users\vitek\Desktop\maminka
2013-11-03 12:59 - 2012-10-16 14:30 - 00000000 ____D C:\Users\vitek\Desktop\Práce
2013-11-02 18:21 - 2013-11-03 13:44 - 937060216 _____ C:\Users\vitek\Desktop\wtm.avi
2013-11-02 18:11 - 2013-11-03 16:50 - 00044243 _____ C:\Users\vitek\Desktop\grimm.302.hdtv-lol.srt
2013-11-02 17:55 - 2013-11-03 13:44 - 00145455 _____ C:\Users\vitek\Desktop\wtm.srt
2013-11-02 17:03 - 2013-11-04 19:02 - 00051122 _____ C:\Users\vitek\Desktop\s27e07_2hd.srt
2013-11-02 17:00 - 2013-11-03 12:59 - 00000000 ____D C:\Users\vitek\Desktop\FTX Operation Snake II 1-2.11.13
2013-11-01 20:13 - 2013-11-03 16:44 - 364371944 _____ C:\Users\vitek\Desktop\Grimm.S03E02.HDTV.XviD-FUM.avi
2013-11-01 15:26 - 2013-11-03 17:37 - 288110414 _____ C:\Users\vitek\Desktop\Revolution.2012.S02E06.HDTV.x264-LOL.mp4
2013-11-01 14:47 - 2013-11-01 14:47 - 00311696 _____ C:\Windows\Minidump\110113-18267-01.dmp
2013-11-01 14:47 - 2012-01-14 12:17 - 00000000 ____D C:\Windows\Minidump
2013-11-01 10:14 - 2013-11-03 17:37 - 00030269 _____ C:\Users\vitek\Desktop\Revolution.2012.S02E06.HDTV.x264-LOL.srt
2013-10-31 15:58 - 2011-12-03 12:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-31 07:19 - 2013-11-04 19:01 - 369233915 _____ C:\Users\vitek\Desktop\survivor.s27e07.hdtv.x264-2hd.mp4
2013-10-30 19:15 - 2011-12-03 12:28 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-30 18:02 - 2013-10-30 18:01 - 00000000 ____D C:\Users\vitek\Documents\Battlefield 4
2013-10-30 18:00 - 2013-10-30 18:00 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-30 17:59 - 2011-12-03 11:59 - 00310091 _____ C:\Windows\DirectX.log
2013-10-30 14:38 - 2011-12-02 17:01 - 00000000 ____D C:\Users\vitek
2013-10-29 13:17 - 2011-12-03 10:25 - 00000000 ____D C:\D - Filmy
2013-10-28 12:30 - 2013-10-28 12:30 - 00000000 ____D C:\Users\vitek\AppData\Local\NVIDIA
2013-10-28 12:23 - 2013-10-28 12:23 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-28 12:22 - 2013-10-28 12:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Šablony
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Soubory cookie
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Poslední
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní tiskárny
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní síť
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Nabídka Start
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Dokumenty
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Obrázky
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Hudba
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Filmy
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Data aplikací
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Data aplikací
2013-10-23 17:50 - 2013-10-23 17:50 - 01526272 _____ C:\Users\vitek\Desktop\Akce KAM W42 2013.xls
2013-10-23 11:30 - 2013-10-30 19:11 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-30 19:11 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-20 14:31 - 2013-03-11 17:10 - 00005369 _____ C:\Users\vitek\Documents\TombRaider.log
2013-10-19 08:57 - 2013-10-19 08:57 - 00000000 ____D C:\programy
2013-10-18 18:57 - 2013-10-18 18:57 - 00291728 _____ C:\Windows\Minidump\101813-16224-01.dmp
2013-10-18 14:12 - 2013-10-18 14:12 - 00000000 ____D C:\Users\vitek\AppData\Roaming\AVAST Software
2013-10-18 14:10 - 2013-10-18 14:05 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-18 14:10 - 2013-10-18 14:05 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-18 14:10 - 2013-10-18 14:05 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-18 14:10 - 2011-12-02 18:46 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-18 14:10 - 2011-12-02 18:46 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-18 14:06 - 2011-12-02 18:46 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-18 14:05 - 2011-12-02 18:46 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-18 02:36 - 2013-10-30 19:15 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-30 19:15 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-16 01:48 - 2013-11-04 17:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-16 01:48 - 2013-10-28 12:20 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-28 12:20 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-15 22:47 - 2011-12-03 12:30 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-15 22:47 - 2011-12-03 12:30 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-15 22:47 - 2011-12-03 12:30 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-15 22:47 - 2011-12-03 12:30 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-15 22:47 - 2011-12-03 12:30 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-15 16:54 - 2013-10-15 16:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-14 11:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-12 14:41 - 2013-10-12 14:41 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-11 12:54 - 2009-07-14 05:45 - 00425720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 20:04 - 2012-03-15 15:18 - 01555696 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 20:00 - 2013-08-15 20:24 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 19:58 - 2012-01-14 12:24 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 14:30 - 2012-04-03 08:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 14:30 - 2012-04-03 08:23 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 14:30 - 2011-12-02 20:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 20:14 - 2012-05-15 19:15 - 03398914 _____ C:\Windows\system32\nvcoproc.bin
Some content of TEMP:
====================
C:\Users\vitek\AppData\Local\Temp\AskSLib.dll
C:\Users\vitek\AppData\Local\Temp\AutoRun.exe
C:\Users\vitek\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\vitek\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\vitek\AppData\Local\Temp\BitLord_1.01.exe
C:\Users\vitek\AppData\Local\Temp\eauninstall.exe
C:\Users\vitek\AppData\Local\Temp\GLF7766.tmp.ConduitEngineSetup.exe
C:\Users\vitek\AppData\Local\Temp\MassEffect2-1.02.exe
C:\Users\vitek\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\vitek\AppData\Local\Temp\nvStInst.exe
C:\Users\vitek\AppData\Local\Temp\ose00001.exe
C:\Users\vitek\AppData\Local\Temp\Quarantine.exe
C:\Users\vitek\AppData\Local\Temp\siinst.exe
C:\Users\vitek\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\vitek\AppData\Local\Temp\sonarinst.exe
C:\Users\vitek\AppData\Local\Temp\strings.dll
C:\Users\vitek\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\vitek\AppData\Local\Temp\TorrentManToolbar.exe
C:\Users\vitek\AppData\Local\Temp\UN32.EXE
C:\Users\vitek\AppData\Local\Temp\wmpfirefoxplugin.exe
C:\Users\vitek\AppData\Local\Temp\~545C.exe
C:\Users\vitek\AppData\Local\Temp\~7F9F.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-31 14:19
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:465.66 GB) (Free:55.74 GB) NTFS
Available physical RAM: 2551.32 MB
Total physical RAM: 4058.44 MB
Percentage of memory in use: 37%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 832AF44B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\vitek\Desktop" je 89068 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by vitek (administrator) on VITEK-PC on 07-11-2013 13:27:36
Running from C:\Users\vitek\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Valve Corporation) C:\B - Games\Games\Total War Rome II\Steam.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
(forum.viry.cz) C:\Users\vitek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKCU\...\Run: [OEXPRESS] - [x]
HKCU\...\Run: [WEBTRAN] - [x]
HKCU\...\Run: [Steam] - C:\B - Games\Games\Total War Rome II\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\avastui.exe [3567800 2013-10-18] (AVAST Software)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms ... earch_6826
SearchScopes: HKCU - {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKCU - {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKCU - {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: No Name - C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\z176gl4g.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\vitek\AppData\Local\Google\Chrome\Application\15.0.874.102\gcswf32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\vitek\AppData\Local\Google\Chrome\Application\15.0.874.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\vitek\AppData\Local\Google\Chrome\Application\15.0.874.102\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (avast! Online Security) - C:\Users\vitek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-18] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-09-19] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-11-27] ()
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-18] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-18] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-12-03] ()
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
U3 anayc1h2; C:\Windows\System32\Drivers\anayc1h2.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-07 13:26 - 2013-11-07 13:26 - 00000000 ____D C:\FRST
2013-11-07 13:24 - 2013-11-07 13:24 - 00112128 _____ (forum.viry.cz) C:\Users\vitek\Desktop\FRSTLauncher.exe
2013-11-07 13:23 - 2013-11-07 13:23 - 01957098 _____ (Farbar) C:\Users\vitek\Desktop\FRST64.exe
2013-11-06 19:50 - 2013-11-06 19:50 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\Users\vitek\AppData\Roaming\Malwarebytes
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-06 19:50 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-06 19:49 - 2013-11-06 19:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\vitek\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-06 19:28 - 2013-11-06 19:33 - 00000000 ____D C:\AdwCleaner
2013-11-06 18:41 - 2013-11-06 18:41 - 01073262 _____ C:\Users\vitek\Desktop\adwcleaner.exe
2013-11-06 17:28 - 2013-11-05 23:11 - 00033715 _____ C:\Users\vitek\Desktop\how.i.met.your.mother.s09e08.hdtv.x264-2hd.srt
2013-11-06 17:18 - 2013-11-06 17:28 - 249836627 _____ C:\Users\vitek\Desktop\Marvels.Agents.of.S.H.I.E.L.D.S01E06.HDTV.x264-2HD.mp4
2013-11-06 16:39 - 2013-11-06 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 16:26 - 2013-11-06 16:27 - 00000000 ____D C:\rsit
2013-11-06 16:26 - 2013-11-06 16:27 - 00000000 ____D C:\Program Files\trend micro
2013-11-06 16:25 - 2013-11-06 16:25 - 00832273 _____ C:\Users\vitek\Desktop\RSITx64.exe
2013-11-05 17:56 - 2013-11-05 18:48 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part09.rar
2013-11-05 17:16 - 2013-11-05 17:52 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part08.rar
2013-11-05 16:25 - 2013-11-05 17:01 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part07.rar
2013-11-05 15:44 - 2013-11-05 16:23 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part06.rar
2013-11-05 14:47 - 2013-11-05 15:19 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part05.rar
2013-11-05 14:10 - 2013-11-05 14:46 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part04.rar
2013-11-05 13:19 - 2013-11-05 14:02 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part03.rar
2013-11-05 12:32 - 2013-11-05 13:18 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part02.rar
2013-11-05 11:55 - 2013-11-05 12:29 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part01.rar
2013-11-05 11:24 - 2013-11-05 11:28 - 195060766 _____ C:\Users\vitek\Desktop\How.I.Met.Your.Mother.S09E08.HDTV.x264-2HD.mp4
2013-11-04 19:02 - 2013-11-02 17:03 - 00051122 _____ C:\Users\vitek\Desktop\s27e07_2hd.srt
2013-11-04 19:01 - 2013-10-31 07:19 - 369233915 _____ C:\Users\vitek\Desktop\survivor.s27e07.hdtv.x264-2hd.mp4
2013-11-04 17:48 - 2013-10-16 01:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-04 17:48 - 2013-10-16 01:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-11-04 17:48 - 2013-10-16 01:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-11-03 17:37 - 2013-11-01 15:26 - 288110414 _____ C:\Users\vitek\Desktop\Revolution.2012.S02E06.HDTV.x264-LOL.mp4
2013-11-03 17:37 - 2013-11-01 10:14 - 00030269 _____ C:\Users\vitek\Desktop\Revolution.2012.S02E06.HDTV.x264-LOL.srt
2013-11-03 16:50 - 2013-11-02 18:11 - 00044243 _____ C:\Users\vitek\Desktop\grimm.302.hdtv-lol.srt
2013-11-03 16:44 - 2013-11-01 20:13 - 364371944 _____ C:\Users\vitek\Desktop\Grimm.S03E02.HDTV.XviD-FUM.avi
2013-11-03 14:54 - 2013-11-03 15:09 - 312958111 _____ C:\Users\vitek\Desktop\atlantis.2013.s01e06.hdtv.x264-tla.mp4
2013-11-03 13:44 - 2013-11-02 18:21 - 937060216 _____ C:\Users\vitek\Desktop\wtm.avi
2013-11-03 13:44 - 2013-11-02 17:55 - 00145455 _____ C:\Users\vitek\Desktop\wtm.srt
2013-11-03 12:59 - 2013-11-02 17:00 - 00000000 ____D C:\Users\vitek\Desktop\FTX Operation Snake II 1-2.11.13
2013-11-01 14:47 - 2013-11-01 14:47 - 00311696 _____ C:\Windows\Minidump\110113-18267-01.dmp
2013-10-30 19:15 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-30 19:15 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-30 19:11 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-30 19:11 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-30 19:11 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-10-30 18:01 - 2013-10-30 18:02 - 00000000 ____D C:\Users\vitek\Documents\Battlefield 4
2013-10-30 18:00 - 2013-10-30 18:00 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-28 12:30 - 2013-10-28 12:30 - 00000000 ____D C:\Users\vitek\AppData\Local\NVIDIA
2013-10-28 12:23 - 2013-10-28 12:23 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-28 12:22 - 2013-10-28 12:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Šablony
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Soubory cookie
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Poslední
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní tiskárny
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní síť
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Nabídka Start
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Dokumenty
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Obrázky
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Hudba
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Filmy
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Data aplikací
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Data aplikací
2013-10-28 12:22 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-28 12:22 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-28 12:20 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-28 12:20 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-28 12:20 - 2013-08-20 14:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-28 12:20 - 2013-08-20 14:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-10-28 12:20 - 2013-08-20 14:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-28 12:20 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-28 12:20 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-23 17:50 - 2013-10-23 17:50 - 01526272 _____ C:\Users\vitek\Desktop\Akce KAM W42 2013.xls
2013-10-19 08:57 - 2013-10-19 08:57 - 00000000 ____D C:\programy
2013-10-18 18:57 - 2013-10-18 18:57 - 00291728 _____ C:\Windows\Minidump\101813-16224-01.dmp
2013-10-18 14:12 - 2013-10-18 14:12 - 00000000 ____D C:\Users\vitek\AppData\Roaming\AVAST Software
2013-10-18 14:05 - 2013-11-06 15:53 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-18 14:05 - 2013-10-18 14:10 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-18 14:05 - 2013-10-18 14:10 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-18 14:05 - 2013-10-18 14:10 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-15 16:54 - 2013-10-15 16:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-13 16:52 - 2013-11-05 11:14 - 00000000 ____D C:\Users\vitek\Desktop\FTX Operation Snake
2013-10-12 14:41 - 2013-10-12 14:41 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-10 20:04 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 20:04 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 20:04 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 20:04 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 20:04 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 20:04 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 20:04 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 20:04 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 20:04 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 20:04 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 20:04 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 20:04 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 11:18 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 11:18 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 11:18 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 11:18 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 11:18 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 11:18 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 11:18 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 11:18 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 11:18 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 11:18 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 11:18 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 11:18 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 11:18 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 11:18 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 11:18 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 11:18 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 11:18 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 11:18 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 11:18 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 11:18 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 11:18 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 11:18 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 11:18 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:18 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:18 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 11:18 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 11:18 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 11:18 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 11:18 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 11:18 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 11:18 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 11:18 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 11:18 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 11:18 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 11:18 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 11:18 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 11:18 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 11:18 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 11:18 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 11:18 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 11:18 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 11:18 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 11:18 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 11:18 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 11:18 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 11:18 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
==================== One Month Modified Files and Folders =======
2013-11-07 13:26 - 2013-11-07 13:26 - 00000000 ____D C:\FRST
2013-11-07 13:26 - 2012-04-03 08:23 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-07 13:24 - 2013-11-07 13:24 - 00112128 _____ (forum.viry.cz) C:\Users\vitek\Desktop\FRSTLauncher.exe
2013-11-07 13:23 - 2013-11-07 13:23 - 01957098 _____ (Farbar) C:\Users\vitek\Desktop\FRST64.exe
2013-11-07 13:18 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-07 13:18 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-07 13:15 - 2011-12-02 16:55 - 01514578 _____ C:\Windows\WindowsUpdate.log
2013-11-07 13:11 - 2011-12-03 12:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-07 13:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-07 13:11 - 2009-07-14 05:51 - 00117788 _____ C:\Windows\setupact.log
2013-11-06 21:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-11-06 21:32 - 2010-11-21 04:47 - 00064254 _____ C:\Windows\PFRO.log
2013-11-06 21:31 - 2012-04-28 14:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-06 21:27 - 2011-12-03 09:36 - 00000000 ___RD C:\Users\vitek\Desktop\vitek
2013-11-06 21:13 - 2011-04-12 09:34 - 00666406 _____ C:\Windows\system32\perfh005.dat
2013-11-06 21:13 - 2011-04-12 09:34 - 00140102 _____ C:\Windows\system32\perfc005.dat
2013-11-06 21:13 - 2009-07-14 06:13 - 01577410 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-06 19:50 - 2013-11-06 19:50 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\Users\vitek\AppData\Roaming\Malwarebytes
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-06 19:50 - 2013-11-06 19:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-06 19:49 - 2013-11-06 19:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\vitek\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-06 19:33 - 2013-11-06 19:28 - 00000000 ____D C:\AdwCleaner
2013-11-06 19:33 - 2011-12-02 21:14 - 00000000 ____D C:\ProgramData\ICQ
2013-11-06 18:41 - 2013-11-06 18:41 - 01073262 _____ C:\Users\vitek\Desktop\adwcleaner.exe
2013-11-06 17:28 - 2013-11-06 17:18 - 249836627 _____ C:\Users\vitek\Desktop\Marvels.Agents.of.S.H.I.E.L.D.S01E06.HDTV.x264-2HD.mp4
2013-11-06 17:28 - 2013-08-23 16:29 - 00950272 ___SH C:\Users\vitek\Desktop\Thumbs.db
2013-11-06 16:39 - 2013-11-06 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 16:27 - 2013-11-06 16:26 - 00000000 ____D C:\rsit
2013-11-06 16:27 - 2013-11-06 16:26 - 00000000 ____D C:\Program Files\trend micro
2013-11-06 16:25 - 2013-11-06 16:25 - 00832273 _____ C:\Users\vitek\Desktop\RSITx64.exe
2013-11-06 15:53 - 2013-10-18 14:05 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-05 23:11 - 2013-11-06 17:28 - 00033715 _____ C:\Users\vitek\Desktop\how.i.met.your.mother.s09e08.hdtv.x264-2hd.srt
2013-11-05 18:48 - 2013-11-05 17:56 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part09.rar
2013-11-05 17:52 - 2013-11-05 17:16 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part08.rar
2013-11-05 17:01 - 2013-11-05 16:25 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part07.rar
2013-11-05 16:23 - 2013-11-05 15:44 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part06.rar
2013-11-05 15:19 - 2013-11-05 14:47 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part05.rar
2013-11-05 14:46 - 2013-11-05 14:10 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part04.rar
2013-11-05 14:02 - 2013-11-05 13:19 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part03.rar
2013-11-05 13:18 - 2013-11-05 12:32 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part02.rar
2013-11-05 12:29 - 2013-11-05 11:55 - 2076180480 _____ C:\Users\vitek\Desktop\rld-caofdugh.part01.rar
2013-11-05 11:28 - 2013-11-05 11:24 - 195060766 _____ C:\Users\vitek\Desktop\How.I.Met.Your.Mother.S09E08.HDTV.x264-2HD.mp4
2013-11-05 11:14 - 2013-10-13 16:52 - 00000000 ____D C:\Users\vitek\Desktop\FTX Operation Snake
2013-11-05 11:14 - 2012-12-07 19:17 - 00000000 ____D C:\Users\vitek\Desktop\10ODA
2013-11-05 11:13 - 2013-05-29 13:05 - 00000080 _____ C:\Users\vitek\Desktop\Nový textový dokument.txt
2013-11-05 10:47 - 2013-10-04 13:45 - 00000000 ___RD C:\Users\vitek\Desktop\ŠKOLA
2013-11-05 10:46 - 2011-12-05 15:05 - 00000000 ___RD C:\Users\vitek\Desktop\Staniček
2013-11-04 17:51 - 2011-12-03 12:30 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-03 23:15 - 2013-07-21 22:16 - 00000000 ____D C:\Users\vitek\AppData\Roaming\Skype
2013-11-03 15:09 - 2013-11-03 14:54 - 312958111 _____ C:\Users\vitek\Desktop\atlantis.2013.s01e06.hdtv.x264-tla.mp4
2013-11-03 12:59 - 2012-11-04 19:35 - 00000000 ____D C:\Users\vitek\Desktop\maminka
2013-11-03 12:59 - 2012-10-16 14:30 - 00000000 ____D C:\Users\vitek\Desktop\Práce
2013-11-02 18:21 - 2013-11-03 13:44 - 937060216 _____ C:\Users\vitek\Desktop\wtm.avi
2013-11-02 18:11 - 2013-11-03 16:50 - 00044243 _____ C:\Users\vitek\Desktop\grimm.302.hdtv-lol.srt
2013-11-02 17:55 - 2013-11-03 13:44 - 00145455 _____ C:\Users\vitek\Desktop\wtm.srt
2013-11-02 17:03 - 2013-11-04 19:02 - 00051122 _____ C:\Users\vitek\Desktop\s27e07_2hd.srt
2013-11-02 17:00 - 2013-11-03 12:59 - 00000000 ____D C:\Users\vitek\Desktop\FTX Operation Snake II 1-2.11.13
2013-11-01 20:13 - 2013-11-03 16:44 - 364371944 _____ C:\Users\vitek\Desktop\Grimm.S03E02.HDTV.XviD-FUM.avi
2013-11-01 15:26 - 2013-11-03 17:37 - 288110414 _____ C:\Users\vitek\Desktop\Revolution.2012.S02E06.HDTV.x264-LOL.mp4
2013-11-01 14:47 - 2013-11-01 14:47 - 00311696 _____ C:\Windows\Minidump\110113-18267-01.dmp
2013-11-01 14:47 - 2012-01-14 12:17 - 00000000 ____D C:\Windows\Minidump
2013-11-01 10:14 - 2013-11-03 17:37 - 00030269 _____ C:\Users\vitek\Desktop\Revolution.2012.S02E06.HDTV.x264-LOL.srt
2013-10-31 15:58 - 2011-12-03 12:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-31 07:19 - 2013-11-04 19:01 - 369233915 _____ C:\Users\vitek\Desktop\survivor.s27e07.hdtv.x264-2hd.mp4
2013-10-30 19:15 - 2011-12-03 12:28 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-30 18:02 - 2013-10-30 18:01 - 00000000 ____D C:\Users\vitek\Documents\Battlefield 4
2013-10-30 18:00 - 2013-10-30 18:00 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-30 17:59 - 2011-12-03 11:59 - 00310091 _____ C:\Windows\DirectX.log
2013-10-30 14:38 - 2011-12-02 17:01 - 00000000 ____D C:\Users\vitek
2013-10-29 13:17 - 2011-12-03 10:25 - 00000000 ____D C:\D - Filmy
2013-10-28 12:30 - 2013-10-28 12:30 - 00000000 ____D C:\Users\vitek\AppData\Local\NVIDIA
2013-10-28 12:23 - 2013-10-28 12:23 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-28 12:22 - 2013-10-28 12:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Šablony
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Soubory cookie
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Poslední
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní tiskárny
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní síť
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Nabídka Start
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Dokumenty
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Obrázky
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Hudba
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Filmy
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Data aplikací
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-28 12:22 - 2013-10-28 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Data aplikací
2013-10-23 17:50 - 2013-10-23 17:50 - 01526272 _____ C:\Users\vitek\Desktop\Akce KAM W42 2013.xls
2013-10-23 11:30 - 2013-10-30 19:11 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-30 19:11 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-20 14:31 - 2013-03-11 17:10 - 00005369 _____ C:\Users\vitek\Documents\TombRaider.log
2013-10-19 08:57 - 2013-10-19 08:57 - 00000000 ____D C:\programy
2013-10-18 18:57 - 2013-10-18 18:57 - 00291728 _____ C:\Windows\Minidump\101813-16224-01.dmp
2013-10-18 14:12 - 2013-10-18 14:12 - 00000000 ____D C:\Users\vitek\AppData\Roaming\AVAST Software
2013-10-18 14:10 - 2013-10-18 14:05 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-18 14:10 - 2013-10-18 14:05 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-18 14:10 - 2013-10-18 14:05 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-18 14:10 - 2011-12-02 18:46 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-18 14:10 - 2011-12-02 18:46 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-18 14:10 - 2011-12-02 18:46 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-18 14:06 - 2011-12-02 18:46 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-18 14:05 - 2011-12-02 18:46 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-18 02:36 - 2013-10-30 19:15 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-30 19:15 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-16 01:48 - 2013-11-04 17:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-16 01:48 - 2013-11-04 17:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-16 01:48 - 2013-10-28 12:20 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-28 12:20 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-16 01:48 - 2011-12-03 12:30 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-15 22:47 - 2011-12-03 12:30 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-15 22:47 - 2011-12-03 12:30 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-15 22:47 - 2011-12-03 12:30 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-15 22:47 - 2011-12-03 12:30 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-15 22:47 - 2011-12-03 12:30 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-15 16:54 - 2013-10-15 16:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-14 11:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-12 14:41 - 2013-10-12 14:41 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-11 12:54 - 2009-07-14 05:45 - 00425720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 20:04 - 2012-03-15 15:18 - 01555696 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 20:00 - 2013-08-15 20:24 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 19:58 - 2012-01-14 12:24 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 14:30 - 2012-04-03 08:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 14:30 - 2012-04-03 08:23 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 14:30 - 2011-12-02 20:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 20:14 - 2012-05-15 19:15 - 03398914 _____ C:\Windows\system32\nvcoproc.bin
Some content of TEMP:
====================
C:\Users\vitek\AppData\Local\Temp\AskSLib.dll
C:\Users\vitek\AppData\Local\Temp\AutoRun.exe
C:\Users\vitek\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\vitek\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\vitek\AppData\Local\Temp\BitLord_1.01.exe
C:\Users\vitek\AppData\Local\Temp\eauninstall.exe
C:\Users\vitek\AppData\Local\Temp\GLF7766.tmp.ConduitEngineSetup.exe
C:\Users\vitek\AppData\Local\Temp\MassEffect2-1.02.exe
C:\Users\vitek\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\vitek\AppData\Local\Temp\nvStInst.exe
C:\Users\vitek\AppData\Local\Temp\ose00001.exe
C:\Users\vitek\AppData\Local\Temp\Quarantine.exe
C:\Users\vitek\AppData\Local\Temp\siinst.exe
C:\Users\vitek\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\vitek\AppData\Local\Temp\sonarinst.exe
C:\Users\vitek\AppData\Local\Temp\strings.dll
C:\Users\vitek\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\vitek\AppData\Local\Temp\TorrentManToolbar.exe
C:\Users\vitek\AppData\Local\Temp\UN32.EXE
C:\Users\vitek\AppData\Local\Temp\wmpfirefoxplugin.exe
C:\Users\vitek\AppData\Local\Temp\~545C.exe
C:\Users\vitek\AppData\Local\Temp\~7F9F.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-31 14:19
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:465.66 GB) (Free:55.74 GB) NTFS
Available physical RAM: 2551.32 MB
Total physical RAM: 4058.44 MB
Percentage of memory in use: 37%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 832AF44B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\vitek\Desktop" je 89068 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (4.39 KiB) Staženo 43 x
Re: Vir Policie ČR log
Odinstalujte McAfee Security Scan Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKCU\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd) HKCU\...\Run: [OEXPRESS] - [x] HKCU\...\Run: [WEBTRAN] - [x] HKCU\...\Run: [Steam] - C:\B - Games\Games\Total War Rome II\Steam.exe [1820584 2013-10-30] (Valve Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=quicksearch_6826 CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR Plugin: (Default Plug-in) - default_plugin No File C:\Users\vitek\AppData\Local\Temp\AskSLib.dll C:\Users\vitek\AppData\Local\Temp\AutoRun.exe C:\Users\vitek\AppData\Local\Temp\AutoRunGUI.dll C:\Users\vitek\AppData\Local\Temp\BingBarSetup-Partner.exe C:\Users\vitek\AppData\Local\Temp\BitLord_1.01.exe C:\Users\vitek\AppData\Local\Temp\eauninstall.exe C:\Users\vitek\AppData\Local\Temp\GLF7766.tmp.ConduitEngineSetup.exe C:\Users\vitek\AppData\Local\Temp\MassEffect2-1.02.exe C:\Users\vitek\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\vitek\AppData\Local\Temp\nvSCPAPI.dll C:\Users\vitek\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\vitek\AppData\Local\Temp\nvStereoApiI.dll C:\Users\vitek\AppData\Local\Temp\nvStereoApiI64.dll C:\Users\vitek\AppData\Local\Temp\nvStInst.exe C:\Users\vitek\AppData\Local\Temp\ose00001.exe C:\Users\vitek\AppData\Local\Temp\Quarantine.exe C:\Users\vitek\AppData\Local\Temp\siinst.exe C:\Users\vitek\AppData\Local\Temp\SIMEEIInstaller.exe C:\Users\vitek\AppData\Local\Temp\sonarinst.exe C:\Users\vitek\AppData\Local\Temp\strings.dll C:\Users\vitek\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe C:\Users\vitek\AppData\Local\Temp\TorrentManToolbar.exe C:\Users\vitek\AppData\Local\Temp\UN32.EXE C:\Users\vitek\AppData\Local\Temp\wmpfirefoxplugin.exe C:\Users\vitek\AppData\Local\Temp\~545C.exe C:\Users\vitek\AppData\Local\Temp\~7F9F.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Hosts: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vir Policie ČR log
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
Ran by vitek at 2013-11-07 13:50:34 Run:1
Running from C:\Users\vitek\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKCU\...\Run: [OEXPRESS] - [x]
HKCU\...\Run: [WEBTRAN] - [x]
HKCU\...\Run: [Steam] - C:\B - Games\Games\Total War Rome II\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms ... earch_6826
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Plugin: (Default Plug-in) - default_plugin No File
C:\Users\vitek\AppData\Local\Temp\AskSLib.dll
C:\Users\vitek\AppData\Local\Temp\AutoRun.exe
C:\Users\vitek\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\vitek\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\vitek\AppData\Local\Temp\BitLord_1.01.exe
C:\Users\vitek\AppData\Local\Temp\eauninstall.exe
C:\Users\vitek\AppData\Local\Temp\GLF7766.tmp.ConduitEngineSetup.exe
C:\Users\vitek\AppData\Local\Temp\MassEffect2-1.02.exe
C:\Users\vitek\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\vitek\AppData\Local\Temp\nvStInst.exe
C:\Users\vitek\AppData\Local\Temp\ose00001.exe
C:\Users\vitek\AppData\Local\Temp\Quarantine.exe
C:\Users\vitek\AppData\Local\Temp\siinst.exe
C:\Users\vitek\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\vitek\AppData\Local\Temp\sonarinst.exe
C:\Users\vitek\AppData\Local\Temp\strings.dll
C:\Users\vitek\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\vitek\AppData\Local\Temp\TorrentManToolbar.exe
C:\Users\vitek\AppData\Local\Temp\UN32.EXE
C:\Users\vitek\AppData\Local\Temp\wmpfirefoxplugin.exe
C:\Users\vitek\AppData\Local\Temp\~545C.exe
C:\Users\vitek\AppData\Local\Temp\~7F9F.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ShadowPlay => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Users\vitek\AppData\Local\Temp\AskSLib.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\AutoRun.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\AutoRunGUI.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\BingBarSetup-Partner.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\BitLord_1.01.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\eauninstall.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\GLF7766.tmp.ConduitEngineSetup.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\MassEffect2-1.02.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nv3DVStreaming.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI64.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI64.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\ose00001.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\siinst.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\SIMEEIInstaller.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\sonarinst.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\strings.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\TorrentManToolbar.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\UN32.EXE => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\wmpfirefoxplugin.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\~545C.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\~7F9F.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
Ran by vitek at 2013-11-07 13:50:34 Run:1
Running from C:\Users\vitek\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKCU\...\Run: [OEXPRESS] - [x]
HKCU\...\Run: [WEBTRAN] - [x]
HKCU\...\Run: [Steam] - C:\B - Games\Games\Total War Rome II\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?q={searchTerms ... earch_6826
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Plugin: (Default Plug-in) - default_plugin No File
C:\Users\vitek\AppData\Local\Temp\AskSLib.dll
C:\Users\vitek\AppData\Local\Temp\AutoRun.exe
C:\Users\vitek\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\vitek\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\vitek\AppData\Local\Temp\BitLord_1.01.exe
C:\Users\vitek\AppData\Local\Temp\eauninstall.exe
C:\Users\vitek\AppData\Local\Temp\GLF7766.tmp.ConduitEngineSetup.exe
C:\Users\vitek\AppData\Local\Temp\MassEffect2-1.02.exe
C:\Users\vitek\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\vitek\AppData\Local\Temp\nvStInst.exe
C:\Users\vitek\AppData\Local\Temp\ose00001.exe
C:\Users\vitek\AppData\Local\Temp\Quarantine.exe
C:\Users\vitek\AppData\Local\Temp\siinst.exe
C:\Users\vitek\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\vitek\AppData\Local\Temp\sonarinst.exe
C:\Users\vitek\AppData\Local\Temp\strings.dll
C:\Users\vitek\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\vitek\AppData\Local\Temp\TorrentManToolbar.exe
C:\Users\vitek\AppData\Local\Temp\UN32.EXE
C:\Users\vitek\AppData\Local\Temp\wmpfirefoxplugin.exe
C:\Users\vitek\AppData\Local\Temp\~545C.exe
C:\Users\vitek\AppData\Local\Temp\~7F9F.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ShadowPlay => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Users\vitek\AppData\Local\Temp\AskSLib.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\AutoRun.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\AutoRunGUI.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\BingBarSetup-Partner.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\BitLord_1.01.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\eauninstall.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\GLF7766.tmp.ConduitEngineSetup.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\MassEffect2-1.02.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nv3DVStreaming.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvSCPAPI64.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvStereoApiI64.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\ose00001.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\siinst.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\SIMEEIInstaller.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\sonarinst.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\strings.dll => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\TorrentManToolbar.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\UN32.EXE => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\wmpfirefoxplugin.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\~545C.exe => Moved successfully.
C:\Users\vitek\AppData\Local\Temp\~7F9F.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
==== End of Fixlog ====
Re: Vir Policie ČR log
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Vir Policie ČR log
Já moc děkuju za pomoc 
Re: Vir Policie ČR log
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?