spúšťanie podozrivých procesov

Zpráva

zeroboyko · #1 Příspěvek od **zeroboyko** » 26 led 2014 23:58

Zdravím začalo mi púšťať z ničoho nič podozrivé procesy z adresáru windows a to konkrétne cpu1.exe cuda.exe, core.exe ... tak som ich odstránil

snad som nič nedobabral...preventívne posielam log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by D at 2014-01-26 23:58:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 9 GB (2%) free of 432 GB
Total RAM: 7924 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:58:24, on 26. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\D\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\D\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Program Files\trend micro\D.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: IEPwdBankBHO - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [VitaKeyTSR] "C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe"
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5963F01D-9B9E-4B77-AE89-4A971BF73738}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C26ACB0-91ED-4EBD-AFDA-33CFE4CABD59}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{B5C40EA5-E4FE-4067-8CF9-E8F4C8E933AD}: NameServer = 192.168.14.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB9632EB-7C7B-4B79-A6FA-2B59999C21AA}: NameServer = 85.237.225.250 213.151.200.30
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Data Security Service - Egis Technology Inc. - C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
O23 - Service: EgisTec Service - Egis Technology Inc. - C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
O23 - Service: EgisTec Service Help - Egis Technology Inc. - C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\windows\system32\srvany.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtLedService Installer (RtLedService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtLED\RtLEDService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17220 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe"
"C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe"
"ConnectifyD.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
\??\C:\windows\system32\conhost.exe "-1341092607-818327593-1701577874887540987133407967473121955414902368221530131538
C:\windows\SysWOW64\srvany.exe
C:\windows\KMService.exe
\??\C:\windows\system32\conhost.exe "16770543931398880576-4620040871507914000-1760126919958368013-248089273-558485077
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
"C:\Program Files\Realtek\RtLED\RtLEDService.exe"
"C:\windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Realtek\RtLED\RtLED.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3052
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007b8
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
C:\windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "464297341-32315822318088530941403872061790320597-10656594521319038676-1900688513
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files (x86)\Connectify\Connectify.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe"
taskeng.exe {F779AAF3-AE13-4A5C-988E-182636C4E9E3}
C:\Users\D\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
"C:\Users\D\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Users\D\AppData\Local\Temp\[CzT]Mortal_Kombat_Komplete_Edition_EN_2013_.torrent"
"ConnectifyNetServices.exe" -v -i C:\ProgramData\Connectify\cache\ConnectifyNetServices.ini -s C:\ProgramData\Connectify\cache\ConnectifyNetServices.state -l C:\ProgramData\Connectify\logs
\??\C:\windows\system32\conhost.exe "-21031374221003804888-1735008278-1629519641647275317-1519414212-2875012551376385027
"taskhost.exe"
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/570"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
taskeng.exe {66186BC0-B4AE-46CF-AC5F-10756BA2B1C8}
"C:\windows\system32\taskmgr.exe" /4
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6108.2b8c0900.1360498899 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6108 "\\.\pipe\gecko-crash-server-pipe.6108" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe" --proxy-stub-channel=Flash4236.5588B990.1568 --host-broker-channel=Flash4236.5588B990.25731 --host-pid=4236 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe" --channel=9848.0017F8DC.1968535342 --proxy-stub-channel=Flash4236.5588B990.1568 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" --host-npapi-version=27 --type=renderer
"C:\Users\D\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\nvcbyn8d.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-02-07 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56CBB761-DA41-4E31-B270-B13B4B0A61D0}]
IEPwdBankBHO Class - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll [2010-05-28 53616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-02 10821224]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-03-29 2598280]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-04-12 4462496]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-18 7056800]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-01-10 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-01-10 392984]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-01-10 417560]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-14 1028384]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2013-12-10 1100248]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-11-06 845168]
"Connectify"=C:\Program Files (x86)\Connectify\Connectify.exe [2012-08-09 3985768]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-11-06 1564528]
"KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2009-09-30 111640]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2010-01-15 536576]
"VitaKeyTSR"=C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [2010-05-28 376176]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"YouCam Mirror Tray icon"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-03-02 171104]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-10 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-10 201584]
"PLTSR"=C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [2010-09-11 364400]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-18 684600]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-30 1263512]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-09-17 295512]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-11-06 311152]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2013-12-16 174648]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-01-10 390656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
EgisPwdFilter
EgisDSPwdFilter
EgisPLPwdFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-26 21:46:09 ----D---- C:\Users\D\AppData\Roaming\MKKE
2014-01-26 21:14:49 ----D---- C:\Program Files (x86)\Mortal Kombat-Komplete Edition
2014-01-26 12:37:05 ----D---- C:\Users\D\AppData\Roaming\Injustice
2014-01-26 12:25:40 ----D---- C:\Program Files (x86)\Injustice Gods Among Us Ultimate Edition (v1.0.2746 - Update3 + All DLC) - Repack by Danik1B9
2014-01-24 09:30:58 ----D---- C:\Users\D\AppData\Roaming\NationRed
2014-01-24 09:26:11 ----D---- C:\Program Files (x86)\Nation Red
2014-01-23 18:10:58 ----D---- C:\Users\D\AppData\Roaming\Warner Bros. Interactive Entertainment
2014-01-23 15:40:52 ----D---- C:\Program Files (x86)\OpenAL
2014-01-23 15:40:52 ----A---- C:\windows\SYSWOW64\wrap_oal.dll
2014-01-23 15:40:52 ----A---- C:\windows\SYSWOW64\OpenAL32.dll
2014-01-23 15:40:52 ----A---- C:\windows\system32\wrap_oal.dll
2014-01-23 15:40:52 ----A---- C:\windows\system32\OpenAL32.dll
2014-01-23 15:40:27 ----A---- C:\windows\SYSWOW64\vb40032.dll
2014-01-23 15:40:27 ----A---- C:\windows\SYSWOW64\msvcrt10.dll
2014-01-23 15:40:27 ----A---- C:\windows\SYSWOW64\msvcr70.dll
2014-01-23 15:40:27 ----A---- C:\windows\SYSWOW64\msvcp70.dll
2014-01-23 15:40:27 ----A---- C:\windows\SYSWOW64\msvci70.dll
2014-01-23 15:40:27 ----A---- C:\windows\SYSWOW64\msvbvm50.dll
2014-01-23 15:40:27 ----A---- C:\windows\SYSWOW64\msstkprp.dll
2014-01-23 15:40:27 ----A---- C:\windows\SYSWOW64\msstdfmt.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71u.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71kor.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71jpn.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71ita.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71cht.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71chs.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71fra.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71esp.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71enu.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc71deu.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70u.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70kor.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70jpn.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70ita.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70cht.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70chs.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70fra.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70esp.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70enu.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70deu.dll
2014-01-23 15:40:26 ----A---- C:\windows\SYSWOW64\mfc70.dll
2014-01-23 15:40:25 ----A---- C:\windows\SYSWOW64\atl71.dll
2014-01-23 15:40:25 ----A---- C:\windows\SYSWOW64\atl70.dll
2014-01-23 10:05:19 ----D---- C:\Program Files (x86)\7-Zip
2014-01-23 09:47:50 ----D---- C:\Program Files (x86)\The Saboteur + DLC CZ v1.03. by Danik1B9
2014-01-15 09:55:40 ----A---- C:\windows\system32\win32k.sys
2014-01-15 09:55:40 ----A---- C:\windows\system32\drivers\usbuhci.sys
2014-01-15 09:55:40 ----A---- C:\windows\system32\drivers\usbport.sys
2014-01-15 09:55:40 ----A---- C:\windows\system32\drivers\usbohci.sys
2014-01-15 09:55:40 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-01-15 09:55:40 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-01-15 09:55:40 ----A---- C:\windows\system32\drivers\usbd.sys
2014-01-15 09:55:40 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-01-15 09:55:39 ----A---- C:\windows\system32\drivers\netio.sys
2014-01-09 14:35:10 ----D---- C:\Users\D\AppData\Roaming\Spotify
2014-01-08 16:19:20 ----A---- C:\windows\SYSWOW64\nvaudcap32v.dll
2014-01-08 16:19:20 ----A---- C:\windows\system32\drivers\nvvad64v.sys
2014-01-03 15:08:02 ----A---- C:\windows\core.exe
2014-01-03 09:31:56 ----A---- C:\windows\start.exe
2014-01-02 11:50:20 ----A---- C:\windows\SYSWOW64\nvspcap.dll
2014-01-02 11:50:20 ----A---- C:\windows\system32\nvspcap64.dll
2014-01-02 11:49:30 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-01-02 11:48:09 ----D---- C:\windows\SYSWOW64\NV
2014-01-02 11:48:09 ----D---- C:\windows\system32\NV
2014-01-02 11:41:57 ----A---- C:\windows\system32\nvaudcap64v.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\nvd3dum.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2014-01-02 11:41:55 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvwgf2umx.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvopencl.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvoglv64.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvoglshim64.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\NvIFR64.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\NvFBC64.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvdispgenco6433182.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvdispco6433182.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvd3dumx.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvcuvid.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvcuvenc.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\nvcuda.dll
2014-01-02 11:41:55 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2014-01-02 11:41:55 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2014-01-02 11:41:54 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2014-01-02 11:41:54 ----A---- C:\windows\system32\nvcompiler.dll
2013-12-31 13:16:11 ----SHD---- C:\ProgramData\SecuROM

======List of files/folders modified in the last 1 month======

2014-01-26 23:58:20 ----D---- C:\windows\Temp
2014-01-26 23:58:17 ----D---- C:\Program Files\trend micro
2014-01-26 23:57:15 ----D---- C:\Users\D\AppData\Roaming\uTorrent
2014-01-26 23:54:08 ----D---- C:\Windows
2014-01-26 22:07:14 ----D---- C:\Program Files (x86)\Steam
2014-01-26 21:25:59 ----SHD---- C:\System Volume Information
2014-01-26 21:14:49 ----RD---- C:\Program Files (x86)
2014-01-26 21:14:30 ----D---- C:\Users\D\AppData\Roaming\DAEMON Tools Lite
2014-01-26 20:18:25 ----D---- C:\Users\D\AppData\Roaming\vlc
2014-01-26 18:47:20 ----D---- C:\windows\system32\Tasks
2014-01-26 18:39:21 ----D---- C:\windows\system32\config
2014-01-26 18:27:10 ----D---- C:\windows\Prefetch
2014-01-26 18:25:37 ----D---- C:\windows\system32\catroot2
2014-01-26 18:24:12 ----A---- C:\windows\SYSWOW64\log.txt
2014-01-26 18:23:59 ----D---- C:\ProgramData\NVIDIA
2014-01-26 12:36:07 ----D---- C:\windows\SysWOW64
2014-01-26 12:36:07 ----D---- C:\windows\System32
2014-01-26 12:35:57 ----D---- C:\windows\SYSWOW64\directx
2014-01-26 12:35:57 ----D---- C:\windows\Logs
2014-01-26 01:00:01 ----D---- C:\windows\inf
2014-01-25 14:34:15 ----SHD---- C:\windows\Installer
2014-01-25 14:34:10 ----D---- C:\ProgramData\Avira
2014-01-25 14:34:10 ----D---- C:\Program Files (x86)\Avira
2014-01-25 14:33:58 ----D---- C:\ProgramData\Package Cache
2014-01-25 14:28:49 ----D---- C:\GAMES
2014-01-25 13:22:35 ----D---- C:\Program Files (x86)\uTorrent
2014-01-25 12:05:04 ----D---- C:\Users\D\AppData\Roaming\AIMP3
2014-01-24 15:22:51 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-24 10:25:44 ----D---- C:\GOG Games
2014-01-24 09:40:12 ----RD---- C:\Program Files
2014-01-24 09:15:21 ----D---- C:\windows\debug
2014-01-23 18:09:02 ----HD---- C:\windows\msdownld.tmp
2014-01-23 17:28:43 ----D---- C:\windows\Microsoft.NET
2014-01-23 17:20:00 ----RSD---- C:\windows\assembly
2014-01-23 15:34:23 ----D---- C:\windows\winsxs
2014-01-23 15:34:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-01-23 09:47:11 ----D---- C:\Hry
2014-01-18 23:05:31 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-01-15 13:24:21 ----D---- C:\windows\system32\drivers
2014-01-15 13:24:20 ----D---- C:\windows\system32\DriverStore
2014-01-15 10:25:09 ----D---- C:\windows\system32\MRT
2014-01-15 10:18:07 ----A---- C:\windows\system32\MRT.exe
2014-01-15 09:55:34 ----D---- C:\windows\system32\catroot
2014-01-11 01:43:59 ----D---- C:\Users\D\AppData\Roaming\Skype
2014-01-08 22:18:12 ----D---- C:\ProgramData\Skype
2014-01-08 22:18:06 ----RD---- C:\Program Files (x86)\Skype
2014-01-08 16:21:07 ----D---- C:\ProgramData\NVIDIA Corporation
2014-01-08 16:19:45 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-08 16:19:45 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-01-08 16:19:31 ----RD---- C:\Users
2013-12-31 13:16:11 ----HD---- C:\ProgramData
2013-12-31 11:58:46 ----SHD---- C:\windows\SYSWOW64\AI_RecycleBin
2013-12-31 11:56:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-31 11:56:08 ----D---- C:\Program Files (x86)\Ubisoft
2013-12-31 11:55:48 ----D---- C:\ProgramData\Electronic Arts
2013-12-31 01:47:24 ----D---- C:\AdwCleaner
2013-12-31 01:39:37 ----D---- C:\Program Files (x86)\Connectify
2013-12-31 01:38:54 ----D---- C:\windows\Panther
2013-12-31 01:38:11 ----SD---- C:\Users\D\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-11-14 32544]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2013-12-18 131576]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-11-25 28600]
R1 cnnctfy2;Connectify LightWeight Filter; C:\windows\system32\DRIVERS\cnnctfy2.sys [2013-03-18 31344]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-26 283200]
R1 EgisTecFF;EgisTecFF; C:\windows\system32\DRIVERS\EgisTecFF.sys [2011-11-23 55880]
R1 mwlPSDFilter;mwlPSDFilter; C:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-11-23 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-11-23 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-11-23 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2013-07-08 314016]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2013-12-18 108440]
R2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys); C:\windows\System32\Drivers\FPSensor.sys [2011-11-23 35888]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2013-07-08 43680]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-03-26 162304]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2013-02-21 86016]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-06-02 2392296]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2010-12-13 228736]
R3 vmuvcflt;Vimicro USB Camera Filter; C:\windows\System32\Drivers\vmuvcflt.sys [2010-08-16 8320]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 bpenum;bpenum; C:\windows\system32\DRIVERS\bpenum.sys [2009-12-22 71168]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-08-21 103576]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2013-02-21 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2013-02-21 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\windows\system32\DRIVERS\ewusbwwan.sys [2013-02-21 421376]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2013-07-13 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2013-07-13 27760]
S3 GTNDIS62;GT62 UHS IP NDIS; C:\windows\system32\DRIVERS\gtuhs62.sys [2010-04-13 190976]
S3 GTUHSBUS;GT UHS BUS; C:\windows\system32\DRIVERS\gtuhsbus.sys [2010-03-12 184832]
S3 GTUHSSER;GT UHS SER; C:\windows\system32\DRIVERS\gtuhsser.sys [2010-02-25 10624]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2013-02-21 222464]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-03-24 243744]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-08-21 204568]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-25 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-18 440376]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2013-12-16 103480]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-04-20 903456]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-08-09 65536]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 EgisTec Data Security Service;EgisTec Data Security Service; C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe [2010-05-28 314736]
R2 EgisTec Service Help;EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-09-11 327024]
R2 EgisTec Service;EgisTec Service; C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe [2010-05-28 709488]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 KMService;KMService; C:\windows\syswow64\srvany.exe [2003-04-18 8192]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 268824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-11-11 922912]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-01-18 76888]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 RtLedService;RtLedService Installer; C:\Program Files\Realtek\RtLED\RtLEDService.exe [2010-02-05 311296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-23 136176]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-02-21 246112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-23 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-21 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 27 led 2014 00:20

Zdravim

Odmazani OK

Poprosim o log z FRSTLauncheru

zeroboyko · #3 Příspěvek od **zeroboyko** » 27 led 2014 00:39

Tak to som rád

prikladám log aj súbor

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 02
Ran by D (administrator) on DUSKO-PC on 27-01-2014 00:36:19
Running from C:\Users\D\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLEDService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLED.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Facebook Inc.) C:\Users\D\AppData\Local\Facebook\Update\FacebookUpdate.exe
(BitTorrent Inc.) C:\Users\D\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(forum.viry.cz) C:\Users\D\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10821224 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [2598280 2010-03-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-09-30] ()
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [VitaKeyTSR] - C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [376176 2010-05-28] (Egis Technology Inc. )
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [171104 2010-03-02] (CyberLink Corp.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [PLTSR] - C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [364400 2010-09-11] (Egis Technology Inc. )
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [174648 2013-12-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [Connectify] - C:\Program Files (x86)\Connectify\Connectify.exe [3985768 2012-08-09] (Connectify)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MountPoints2: {5a8490d6-1f53-11e2-bda6-74de2be586f8} - G:\setup.exe
MountPoints2: {bb5a00c5-7c5e-11e2-bea4-74de2be586f8} - E:\AutoRun.exe
MountPoints2: {bb5a00d5-7c5e-11e2-bea4-74de2be586f8} - E:\AutoRun.exe
MountPoints2: {edac0ba5-ebfe-11e2-832f-101f74f24ed5} - E:\Startme.exe
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7LENN
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IEPwdBankBHO Class - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll (Egis Technology Inc. )
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 updates.connectify.me
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5963F01D-9B9E-4B77-AE89-4A971BF73738}: [NameServer]160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{9C26ACB0-91ED-4EBD-AFDA-33CFE4CABD59}: [NameServer]160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{B5C40EA5-E4FE-4067-8CF9-E8F4C8E933AD}: [NameServer]192.168.14.1
Tcpip\..\Interfaces\{DB9632EB-7C7B-4B79-A6FA-2B59999C21AA}: [NameServer]85.237.225.250 213.151.200.30

FireFox:
========
FF ProfilePath: C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\nvcbyn8d.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\D\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\D\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Customizable Shortcuts - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\nvcbyn8d.default\Extensions\customizable-shortcuts@timtaubert.de.xpi [2013-10-31]
FF Extension: F.B. Purity - Cleans Up Facebook - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\nvcbyn8d.default\Extensions\fbp@fbpurity.com.xpi [2014-01-25]
FF Extension: SocialReviver - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\nvcbyn8d.default\Extensions\fbsidebardisabler@vittgam.net.xpi [2014-01-24]
FF Extension: Gmail Notifier (restartless) - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\nvcbyn8d.default\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2013-10-31]
FF Extension: Adblock Plus - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\nvcbyn8d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-14]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [103480 2013-12-16] (Avira Operations GmbH & Co. KG)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [65536 2012-08-09] ()
R2 EgisTec Data Security Service; C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe [314736 2010-05-28] (Egis Technology Inc. )
R2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-09-11] (Egis Technology Inc. )
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2013-02-21] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-01-18] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RtLedService; C:\Program Files\Realtek\RtLED\RtLEDService.exe [311296 2010-02-05] (Realtek Semiconductor Corp.)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-07-08] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2013-03-18] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-26] (DT Soft Ltd)
S3 GTNDIS62; C:\Windows\System32\DRIVERS\gtuhs62.sys [190976 2010-04-13] (Option N.V.)
S3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [184832 2010-03-12] (Option N.V.)
S3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [10624 2010-02-25] (Option N.V.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-07-08] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228736 2010-12-13] (Vimicro Corporation)
R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-27 00:36 - 2014-01-27 00:37 - 00024166 _____ C:\Users\D\Desktop\FRST.txt
2014-01-27 00:36 - 2014-01-27 00:36 - 00000000 ____D C:\FRST
2014-01-27 00:34 - 2014-01-27 00:34 - 00112640 _____ (forum.viry.cz) C:\Users\D\Desktop\FRSTLauncher.exe
2014-01-27 00:33 - 2014-01-27 00:34 - 02078208 _____ (Farbar) C:\Users\D\Desktop\FRST64.exe
2014-01-27 00:33 - 2014-01-27 00:33 - 00112640 _____ (forum.viry.cz) C:\Users\D\Downloads\FRSTLauncher.exe
2014-01-26 23:57 - 2014-01-26 23:57 - 00935175 _____ C:\Users\D\Downloads\RSITx64.exe
2014-01-26 21:46 - 2014-01-26 21:46 - 00000000 ____D C:\Users\D\AppData\Roaming\MKKE
2014-01-26 21:32 - 2014-01-26 21:32 - 00001303 _____ C:\Users\D\Desktop\Mortal Kombat-Komplete Edition.lnk
2014-01-26 21:14 - 2014-01-26 21:32 - 00000000 ____D C:\Program Files (x86)\Mortal Kombat-Komplete Edition
2014-01-26 12:37 - 2014-01-26 12:37 - 00000000 ____D C:\Users\D\AppData\Roaming\Injustice
2014-01-26 12:36 - 2014-01-26 12:36 - 00001651 _____ C:\Users\D\Desktop\InjusticeLauncher - odkaz.lnk
2014-01-26 12:25 - 2014-01-26 12:35 - 00000000 ____D C:\Program Files (x86)\Injustice Gods Among Us Ultimate Edition (v1.0.2746 - Update3 + All DLC) - Repack by Danik1B9
2014-01-26 10:01 - 2014-01-26 18:23 - 00000724 _____ C:\windows\PFRO.log
2014-01-25 23:38 - 2014-01-25 23:38 - 00003404 _____ C:\windows\System32\Tasks\UpCH
2014-01-25 15:38 - 2014-01-26 18:24 - 00000426 _____ C:\windows\setupact.log
2014-01-25 15:38 - 2014-01-25 15:38 - 00000000 _____ C:\windows\setuperr.log
2014-01-25 14:33 - 2014-01-25 14:33 - 03974840 _____ (Avira Operations GmbH & Co. KG) C:\Users\D\Downloads\avira_oe_client_antivirus_en.exe
2014-01-25 13:22 - 2014-01-25 13:22 - 00000847 _____ C:\Users\D\Desktop\µTorrent.lnk
2014-01-25 13:22 - 2014-01-25 13:22 - 00000827 _____ C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-01-24 10:26 - 2014-01-24 10:26 - 00001618 _____ C:\Users\Public\Desktop\Teslagrad.lnk
2014-01-24 10:06 - 2014-01-24 10:14 - 00000000 ____D C:\Users\D\Documents\YoungJustice
2014-01-24 09:30 - 2014-01-24 09:36 - 00000000 ____D C:\Users\D\AppData\Roaming\NationRed
2014-01-24 09:27 - 2014-01-24 09:27 - 00001041 _____ C:\Users\D\Desktop\Nation Red (English).lnk
2014-01-24 09:26 - 2014-01-24 09:27 - 00000000 ____D C:\Program Files (x86)\Nation Red
2014-01-23 20:33 - 2014-01-23 20:33 - 00001786 _____ C:\Users\D\Desktop\Saboteur - odkaz.lnk
2014-01-23 18:10 - 2014-01-23 18:10 - 00000000 ____D C:\Users\D\AppData\Roaming\Warner Bros. Interactive Entertainment
2014-01-23 16:56 - 2014-01-23 16:56 - 00000000 ____D C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-01-23 15:40 - 2014-01-26 12:36 - 00466456 _____ (Creative Labs) C:\windows\system32\wrap_oal.dll
2014-01-23 15:40 - 2014-01-26 12:36 - 00444952 _____ (Creative Labs) C:\windows\SysWOW64\wrap_oal.dll
2014-01-23 15:40 - 2014-01-26 12:36 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\system32\OpenAL32.dll
2014-01-23 15:40 - 2014-01-26 12:36 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\SysWOW64\OpenAL32.dll
2014-01-23 15:40 - 2014-01-23 15:40 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-23 15:40 - 2011-01-12 13:36 - 01054208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71u.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71deu.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71ita.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71fra.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71esp.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71enu.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71kor.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71jpn.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00045056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71cht.dll
2014-01-23 15:40 - 2011-01-12 13:25 - 00040960 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71chs.dll
2014-01-23 15:40 - 2011-01-12 12:53 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl71.dll
2014-01-23 15:40 - 2010-02-16 14:22 - 00659264 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscomct2.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00443488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshflxgd.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00415552 _____ (Microsoft Corporation ) C:\windows\SysWOW64\comct332.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00278352 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdatgrd.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00258880 _____ (Microsoft Corporation) C:\windows\SysWOW64\msflxgrd.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00252240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdatlst.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00222528 _____ (Microsoft Corporation) C:\windows\SysWOW64\dblist32.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00218432 _____ (Microsoft Corporation) C:\windows\SysWOW64\richtx32.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00215880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mci32.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00178512 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmask32.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00170080 _____ (Microsoft Corporation) C:\windows\SysWOW64\comct232.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00136008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinet.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00129872 _____ (Microsoft Corporation) C:\windows\SysWOW64\msstdfmt.dll
2014-01-23 15:40 - 2010-02-16 14:22 - 00119616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscomm32.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00107840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msstkprp.dll
2014-01-23 15:40 - 2010-02-16 14:22 - 00100160 _____ (Microsoft Corporation) C:\windows\SysWOW64\picclp32.ocx
2014-01-23 15:40 - 2010-02-16 14:22 - 00080208 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysinfo.ocx
2014-01-23 15:40 - 2007-01-30 22:04 - 00339968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr70.dll
2014-01-23 15:40 - 2006-08-26 00:28 - 01017344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70u.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70ita.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70fra.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70esp.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70deu.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70enu.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70kor.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70jpn.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00045056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70cht.dll
2014-01-23 15:40 - 2006-08-26 00:15 - 00040960 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70chs.dll
2014-01-23 15:40 - 2006-08-26 00:07 - 01024000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc70.dll
2014-01-23 15:40 - 2006-08-25 23:17 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\atl70.dll
2014-01-23 15:40 - 2006-04-10 13:41 - 01066176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscomctl32.ocx
2014-01-23 15:40 - 2005-01-20 19:25 - 00054784 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvci70.dll
2014-01-23 15:40 - 2002-01-05 05:40 - 00487424 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp70.dll
2014-01-23 15:40 - 2001-08-23 00:00 - 01355776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvbvm50.dll
2014-01-23 15:40 - 1996-01-12 03:00 - 00722192 _____ (Microsoft Corporation) C:\windows\SysWOW64\vb40032.dll
2014-01-23 15:40 - 1993-07-23 19:31 - 00210944 _____ C:\windows\SysWOW64\msvcrt10.dll
2014-01-23 10:05 - 2014-01-23 10:05 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-23 09:47 - 2014-01-23 15:30 - 00000000 ____D C:\Program Files (x86)\The Saboteur + DLC CZ v1.03. by Danik1B9
2014-01-19 12:30 - 2014-01-26 18:47 - 00003190 _____ C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2088330564-4132129674-32578375-1001
2014-01-15 13:31 - 2014-01-26 18:47 - 00003332 _____ C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2088330564-4132129674-32578375-1001
2014-01-15 09:55 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 09:55 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 09:55 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 09:55 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 09:55 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 09:55 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 09:55 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 09:55 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 09:55 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-09 14:35 - 2014-01-26 22:21 - 00000000 ____D C:\Users\D\AppData\Roaming\Spotify
2014-01-09 14:35 - 2014-01-21 22:46 - 00000000 ____D C:\Users\D\AppData\Local\Spotify
2014-01-09 14:35 - 2014-01-09 14:35 - 00001785 _____ C:\Users\D\Desktop\Spotify.lnk
2014-01-09 14:35 - 2014-01-09 14:35 - 00001771 _____ C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-08 16:20 - 2014-01-08 16:21 - 00000000 ____D C:\Users\D\AppData\Local\NVIDIA Corporation
2014-01-08 16:19 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-01-08 16:19 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-01-07 00:40 - 2014-01-07 00:40 - 00000000 ____D C:\Users\D\Downloads\nepi_jano_0.9.5.crx(1)
2014-01-06 00:30 - 2014-01-06 00:30 - 00070111 _____ C:\Users\D\Downloads\[CzT]Milenium_Trilogie_2009_.torrent
2014-01-03 15:08 - 2014-01-03 15:08 - 01050112 _____ C:\windows\core.exe
2014-01-03 09:31 - 2014-01-03 09:31 - 00368161 _____ C:\windows\start.exe
2014-01-03 08:59 - 2014-01-03 08:59 - 00000194 _____ C:\windows\litecoin.conf
2014-01-02 20:32 - 2014-01-02 20:32 - 00019722 _____ C:\Users\D\Downloads\[CzT]Zlo_mezi_nami_Ondskan_2003_CZ_.torrent
2014-01-02 11:58 - 2014-01-03 11:29 - 00003247 _____ C:\Users\D\Desktop\LaunchGTAIV - odkaz.lnk
2014-01-02 11:50 - 2013-12-10 03:13 - 01100248 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-01-02 11:50 - 2013-12-10 03:13 - 00982232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-01-02 11:49 - 2014-01-02 11:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-02 11:48 - 2014-01-02 11:48 - 00000000 ____D C:\windows\SysWOW64\NV
2014-01-02 11:48 - 2014-01-02 11:48 - 00000000 ____D C:\windows\system32\NV
2014-01-02 11:41 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 30361888 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 25257248 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 22951200 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 18293608 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 18208624 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 15862272 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 15218504 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 12613408 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-01-02 11:41 - 2013-11-14 12:58 - 11600432 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 11514624 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 09691888 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 09619872 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 03132704 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 03125024 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 02947872 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 02747680 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 01884448 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6433182.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 01511712 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6433182.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 00707360 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 00657184 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 00609568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 00562464 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 00317472 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 00266984 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2014-01-02 11:41 - 2013-11-14 12:58 - 00032544 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-01-02 11:28 - 2014-01-02 11:28 - 00000000 ____D C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-01-02 11:26 - 2014-01-02 11:26 - 05653390 _____ C:\Users\D\Downloads\EFLC Cesitna-CSP-Gta-cz.rar
2013-12-31 19:07 - 2013-12-31 19:11 - 109388720 _____ C:\Users\D\Downloads\title_update_7_EN.zip
2013-12-31 13:34 - 2013-12-31 13:34 - 00000000 ____D C:\Users\D\Documents\Rockstar Games
2013-12-31 13:16 - 2013-12-31 13:16 - 00000000 __SHD C:\ProgramData\SecuROM
2013-12-31 13:11 - 2013-12-31 13:13 - 00000000 ____D C:\Users\D\AppData\Local\Rockstar Games
2013-12-31 11:22 - 2013-12-31 11:22 - 00000222 _____ C:\Users\D\Desktop\Poker Night 2.url
2013-12-31 01:45 - 2013-12-31 01:45 - 01233962 _____ C:\Users\D\Desktop\adwcleaner.exe

==================== One Month Modified Files and Folders =======

2014-01-27 00:37 - 2014-01-27 00:36 - 00024166 _____ C:\Users\D\Desktop\FRST.txt
2014-01-27 00:37 - 2012-10-18 07:25 - 00000000 ____D C:\Users\D\AppData\Roaming\uTorrent
2014-01-27 00:36 - 2014-01-27 00:36 - 00000000 ____D C:\FRST
2014-01-27 00:34 - 2014-01-27 00:34 - 00112640 _____ (forum.viry.cz) C:\Users\D\Desktop\FRSTLauncher.exe
2014-01-27 00:34 - 2014-01-27 00:33 - 02078208 _____ (Farbar) C:\Users\D\Desktop\FRST64.exe
2014-01-27 00:33 - 2014-01-27 00:33 - 00112640 _____ (forum.viry.cz) C:\Users\D\Downloads\FRSTLauncher.exe
2014-01-27 00:33 - 2013-10-09 16:22 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-27 00:03 - 2012-11-15 10:54 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-26 23:58 - 2012-10-18 11:07 - 00000000 ____D C:\Program Files\trend micro
2014-01-26 23:57 - 2014-01-26 23:57 - 00935175 _____ C:\Users\D\Downloads\RSITx64.exe
2014-01-26 23:24 - 2013-10-03 11:12 - 01756497 _____ C:\windows\WindowsUpdate.log
2014-01-26 22:21 - 2014-01-09 14:35 - 00000000 ____D C:\Users\D\AppData\Roaming\Spotify
2014-01-26 22:07 - 2012-11-29 21:37 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-26 21:46 - 2014-01-26 21:46 - 00000000 ____D C:\Users\D\AppData\Roaming\MKKE
2014-01-26 21:46 - 2012-10-26 12:39 - 00000000 ____D C:\Users\D\AppData\Local\SKIDROW
2014-01-26 21:32 - 2014-01-26 21:32 - 00001303 _____ C:\Users\D\Desktop\Mortal Kombat-Komplete Edition.lnk
2014-01-26 21:32 - 2014-01-26 21:14 - 00000000 ____D C:\Program Files (x86)\Mortal Kombat-Komplete Edition
2014-01-26 21:14 - 2012-10-26 11:00 - 00000000 ____D C:\Users\D\AppData\Roaming\DAEMON Tools Lite
2014-01-26 20:18 - 2012-10-13 11:32 - 00000000 ____D C:\Users\D\AppData\Roaming\vlc
2014-01-26 18:47 - 2014-01-19 12:30 - 00003190 _____ C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2088330564-4132129674-32578375-1001
2014-01-26 18:47 - 2014-01-15 13:31 - 00003332 _____ C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2088330564-4132129674-32578375-1001
2014-01-26 18:47 - 2013-10-09 16:22 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-26 18:47 - 2013-07-13 23:58 - 00041763 _____ C:\autoupdate.log
2014-01-26 18:32 - 2009-07-14 05:45 - 00021296 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-26 18:32 - 2009-07-14 05:45 - 00021296 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-26 18:24 - 2014-01-25 15:38 - 00000426 _____ C:\windows\setupact.log
2014-01-26 18:24 - 2009-07-14 06:08 - 00032564 _____ C:\windows\Tasks\SCHEDLGU.TXT
2014-01-26 18:24 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-26 18:23 - 2014-01-26 10:01 - 00000724 _____ C:\windows\PFRO.log
2014-01-26 18:23 - 2011-11-23 05:46 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-26 12:37 - 2014-01-26 12:37 - 00000000 ____D C:\Users\D\AppData\Roaming\Injustice
2014-01-26 12:36 - 2014-01-26 12:36 - 00001651 _____ C:\Users\D\Desktop\InjusticeLauncher - odkaz.lnk
2014-01-26 12:36 - 2014-01-23 15:40 - 00466456 _____ (Creative Labs) C:\windows\system32\wrap_oal.dll
2014-01-26 12:36 - 2014-01-23 15:40 - 00444952 _____ (Creative Labs) C:\windows\SysWOW64\wrap_oal.dll
2014-01-26 12:36 - 2014-01-23 15:40 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\system32\OpenAL32.dll
2014-01-26 12:36 - 2014-01-23 15:40 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\SysWOW64\OpenAL32.dll
2014-01-26 12:35 - 2014-01-26 12:25 - 00000000 ____D C:\Program Files (x86)\Injustice Gods Among Us Ultimate Edition (v1.0.2746 - Update3 + All DLC) - Repack by Danik1B9
2014-01-26 12:35 - 2012-11-17 20:53 - 00000000 ____D C:\windows\SysWOW64\directx
2014-01-26 12:04 - 2013-05-20 08:02 - 00000000 ____D C:\Users\D\Downloads\Nový priečinok
2014-01-25 23:38 - 2014-01-25 23:38 - 00003404 _____ C:\windows\System32\Tasks\UpCH
2014-01-25 15:38 - 2014-01-25 15:38 - 00000000 _____ C:\windows\setuperr.log
2014-01-25 14:34 - 2012-10-04 11:59 - 00000000 ____D C:\ProgramData\Avira
2014-01-25 14:34 - 2012-10-04 11:59 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-25 14:33 - 2014-01-25 14:33 - 03974840 _____ (Avira Operations GmbH & Co. KG) C:\Users\D\Downloads\avira_oe_client_antivirus_en.exe
2014-01-25 14:33 - 2013-01-18 18:02 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-25 14:28 - 2012-10-27 15:05 - 00000000 ____D C:\GAMES
2014-01-25 13:22 - 2014-01-25 13:22 - 00000847 _____ C:\Users\D\Desktop\µTorrent.lnk
2014-01-25 13:22 - 2014-01-25 13:22 - 00000827 _____ C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-01-25 13:22 - 2012-10-18 07:26 - 00000000 ____D C:\Program Files (x86)\uTorrent
2014-01-25 12:05 - 2012-10-04 12:10 - 00000000 ____D C:\Users\D\AppData\Roaming\AIMP3
2014-01-24 15:22 - 2009-07-14 06:13 - 00006416 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-24 10:26 - 2014-01-24 10:26 - 00001618 _____ C:\Users\Public\Desktop\Teslagrad.lnk
2014-01-24 10:25 - 2013-04-25 19:57 - 00000000 ____D C:\GOG Games
2014-01-24 10:14 - 2014-01-24 10:06 - 00000000 ____D C:\Users\D\Documents\YoungJustice
2014-01-24 09:36 - 2014-01-24 09:30 - 00000000 ____D C:\Users\D\AppData\Roaming\NationRed
2014-01-24 09:27 - 2014-01-24 09:27 - 00001041 _____ C:\Users\D\Desktop\Nation Red (English).lnk
2014-01-24 09:27 - 2014-01-24 09:26 - 00000000 ____D C:\Program Files (x86)\Nation Red
2014-01-23 20:33 - 2014-01-23 20:33 - 00001786 _____ C:\Users\D\Desktop\Saboteur - odkaz.lnk
2014-01-23 18:10 - 2014-01-23 18:10 - 00000000 ____D C:\Users\D\AppData\Roaming\Warner Bros. Interactive Entertainment
2014-01-23 18:09 - 2013-10-04 13:06 - 00000000 ___HD C:\windows\msdownld.tmp
2014-01-23 16:56 - 2014-01-23 16:56 - 00000000 ____D C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-01-23 15:44 - 2012-10-27 18:58 - 00000000 ____D C:\Users\D\Documents\My Games
2014-01-23 15:42 - 2012-10-03 20:05 - 00000000 ____D C:\Users\D\AppData\Local\VirtualStore
2014-01-23 15:40 - 2014-01-23 15:40 - 00000000 ____D C:\Program Files (x86)\OpenAL
2014-01-23 15:34 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-23 15:30 - 2014-01-23 09:47 - 00000000 ____D C:\Program Files (x86)\The Saboteur + DLC CZ v1.03. by Danik1B9
2014-01-23 15:18 - 2013-10-08 12:38 - 00000000 ____D C:\Users\D\Documents\450 Songs
2014-01-23 15:18 - 2013-04-28 22:21 - 00000000 ____D C:\Users\D\Documents\Amnesia
2014-01-23 10:05 - 2014-01-23 10:05 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-23 09:47 - 2013-10-04 12:40 - 00000000 ____D C:\Hry
2014-01-21 22:46 - 2014-01-09 14:35 - 00000000 ____D C:\Users\D\AppData\Local\Spotify
2014-01-18 23:13 - 2012-10-14 12:56 - 00000000 ____D C:\Users\D\AppData\Local\Adobe
2014-01-18 23:05 - 2012-11-15 10:54 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 23:05 - 2012-11-15 10:54 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 23:05 - 2012-11-15 10:54 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-01-15 13:26 - 2009-07-14 05:45 - 00433064 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-15 10:25 - 2013-08-15 14:53 - 00000000 ____D C:\windows\system32\MRT
2014-01-15 10:18 - 2012-10-04 12:25 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-11 01:43 - 2012-12-06 17:55 - 00000000 ____D C:\Users\D\AppData\Roaming\Skype
2014-01-09 14:35 - 2014-01-09 14:35 - 00001785 _____ C:\Users\D\Desktop\Spotify.lnk
2014-01-09 14:35 - 2014-01-09 14:35 - 00001771 _____ C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-08 22:18 - 2012-12-06 17:54 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-08 22:18 - 2012-12-06 17:54 - 00000000 ____D C:\ProgramData\Skype
2014-01-08 16:21 - 2014-01-08 16:20 - 00000000 ____D C:\Users\D\AppData\Local\NVIDIA Corporation
2014-01-08 16:21 - 2013-05-31 06:40 - 00000000 ____D C:\Users\D\AppData\Local\NVIDIA
2014-01-08 16:21 - 2011-11-23 05:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-08 16:19 - 2011-11-23 05:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-08 16:19 - 2011-11-23 05:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-07 00:40 - 2014-01-07 00:40 - 00000000 ____D C:\Users\D\Downloads\nepi_jano_0.9.5.crx(1)
2014-01-06 00:30 - 2014-01-06 00:30 - 00070111 _____ C:\Users\D\Downloads\[CzT]Milenium_Trilogie_2009_.torrent
2014-01-03 15:08 - 2014-01-03 15:08 - 01050112 _____ C:\windows\core.exe
2014-01-03 11:29 - 2014-01-02 11:58 - 00003247 _____ C:\Users\D\Desktop\LaunchGTAIV - odkaz.lnk
2014-01-03 09:31 - 2014-01-03 09:31 - 00368161 _____ C:\windows\start.exe
2014-01-03 08:59 - 2014-01-03 08:59 - 00000194 _____ C:\windows\litecoin.conf
2014-01-02 20:32 - 2014-01-02 20:32 - 00019722 _____ C:\Users\D\Downloads\[CzT]Zlo_mezi_nami_Ondskan_2003_CZ_.torrent
2014-01-02 13:26 - 2013-09-05 09:48 - 00000000 ____D C:\Users\D\AppData\Local\HP
2014-01-02 11:49 - 2014-01-02 11:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-02 11:48 - 2014-01-02 11:48 - 00000000 ____D C:\windows\SysWOW64\NV
2014-01-02 11:48 - 2014-01-02 11:48 - 00000000 ____D C:\windows\system32\NV
2014-01-02 11:28 - 2014-01-02 11:28 - 00000000 ____D C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-01-02 11:26 - 2014-01-02 11:26 - 05653390 _____ C:\Users\D\Downloads\EFLC Cesitna-CSP-Gta-cz.rar
2013-12-31 19:11 - 2013-12-31 19:07 - 109388720 _____ C:\Users\D\Downloads\title_update_7_EN.zip
2013-12-31 13:34 - 2013-12-31 13:34 - 00000000 ____D C:\Users\D\Documents\Rockstar Games
2013-12-31 13:16 - 2013-12-31 13:16 - 00000000 __SHD C:\ProgramData\SecuROM
2013-12-31 13:13 - 2013-12-31 13:11 - 00000000 ____D C:\Users\D\AppData\Local\Rockstar Games
2013-12-31 11:58 - 2013-12-24 12:30 - 00000000 __SHD C:\windows\SysWOW64\AI_RecycleBin
2013-12-31 11:58 - 2013-01-12 23:56 - 00000000 ____D C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-31 11:56 - 2012-11-16 12:53 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-31 11:56 - 2011-11-23 05:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-31 11:55 - 2012-12-18 23:08 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-12-31 11:39 - 2013-11-01 15:43 - 00000000 ____D C:\Users\D\Documents\Telltale Games
2013-12-31 11:22 - 2013-12-31 11:22 - 00000222 _____ C:\Users\D\Desktop\Poker Night 2.url
2013-12-31 01:47 - 2013-10-03 11:15 - 00000000 ____D C:\AdwCleaner
2013-12-31 01:45 - 2013-12-31 01:45 - 01233962 _____ C:\Users\D\Desktop\adwcleaner.exe
2013-12-31 01:39 - 2013-09-29 11:53 - 00000000 ____D C:\Program Files (x86)\Connectify
2013-12-31 01:38 - 2011-02-22 12:19 - 00000000 ____D C:\windows\Panther

Files to move or delete:
====================
C:\ProgramData\hash.dat

Some content of TEMP:
====================
C:\Users\D\AppData\Local\Temp\avgnt.exe
C:\Users\D\AppData\Local\Temp\Uninstall.exe
C:\Users\D\AppData\Local\Temp\uttA98C.tmp.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\D\Desktop" je 8978 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#4 Příspěvek od **vyosek** » 27 led 2014 06:38

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [Connectify] - C:\Program Files (x86)\Connectify\Connectify.exe [3985768 2012-08-09] (Connectify)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MountPoints2: {5a8490d6-1f53-11e2-bda6-74de2be586f8} - G:\setup.exe
MountPoints2: {bb5a00c5-7c5e-11e2-bea4-74de2be586f8} - E:\AutoRun.exe
MountPoints2: {bb5a00d5-7c5e-11e2-bea4-74de2be586f8} - E:\AutoRun.exe
MountPoints2: {edac0ba5-ebfe-11e2-832f-101f74f24ed5} - E:\Startme.exe

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2003-04-18] ()

2014-01-27 00:34 - 2014-01-27 00:34 - 00112640 _____ (forum.viry.cz) C:\Users\D\Desktop\FRSTLauncher.exe
2014-01-27 00:33 - 2014-01-27 00:33 - 00112640 _____ (forum.viry.cz) C:\Users\D\Downloads\FRSTLauncher.exe
2014-01-26 23:57 - 2014-01-26 23:57 - 00935175 _____ C:\Users\D\Downloads\RSITx64.exe
2014-01-03 15:08 - 2014-01-03 15:08 - 01050112 _____ C:\windows\core.exe
2014-01-03 09:31 - 2014-01-03 09:31 - 00368161 _____ C:\windows\start.exe
2014-01-03 08:59 - 2014-01-03 08:59 - 00000194 _____ C:\windows\litecoin.conf
2013-12-31 01:45 - 2013-12-31 01:45 - 01233962 _____ C:\Users\D\Desktop\adwcleaner.exe
C:\ProgramData\hash.dat
C:\Users\D\AppData\Local\Temp\avgnt.exe
C:\Users\D\AppData\Local\Temp\Uninstall.exe
C:\Users\D\AppData\Local\Temp\uttA98C.tmp.exe
C:\Windows\KMService.exe
C:\Windows\SysWOW64\srvany.exe

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

zeroboyko · #5 Příspěvek od **zeroboyko** » 27 led 2014 10:40

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-01-2014 02
Ran by D at 2014-01-27 10:35:51 Run:2
Running from C:\Users\D\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [Connectify] - C:\Program Files (x86)\Connectify\Connectify.exe [3985768 2012-08-09] (Connectify)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MountPoints2: {5a8490d6-1f53-11e2-bda6-74de2be586f8} - G:\setup.exe
MountPoints2: {bb5a00c5-7c5e-11e2-bea4-74de2be586f8} - E:\AutoRun.exe
MountPoints2: {bb5a00d5-7c5e-11e2-bea4-74de2be586f8} - E:\AutoRun.exe
MountPoints2: {edac0ba5-ebfe-11e2-832f-101f74f24ed5} - E:\Startme.exe

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7LENN
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2003-04-18] ()

2014-01-27 00:34 - 2014-01-27 00:34 - 00112640 _____ (forum.viry.cz) C:\Users\D\Desktop\FRSTLauncher.exe
2014-01-27 00:33 - 2014-01-27 00:33 - 00112640 _____ (forum.viry.cz) C:\Users\D\Downloads\FRSTLauncher.exe
2014-01-26 23:57 - 2014-01-26 23:57 - 00935175 _____ C:\Users\D\Downloads\RSITx64.exe
2014-01-03 15:08 - 2014-01-03 15:08 - 01050112 _____ C:\windows\core.exe
2014-01-03 09:31 - 2014-01-03 09:31 - 00368161 _____ C:\windows\start.exe
2014-01-03 08:59 - 2014-01-03 08:59 - 00000194 _____ C:\windows\litecoin.conf
2013-12-31 01:45 - 2013-12-31 01:45 - 01233962 _____ C:\Users\D\Desktop\adwcleaner.exe
C:\ProgramData\hash.dat
C:\Users\D\AppData\Local\Temp\avgnt.exe
C:\Users\D\AppData\Local\Temp\Uninstall.exe
C:\Users\D\AppData\Local\Temp\uttA98C.tmp.exe
C:\Windows\KMService.exe
C:\Windows\SysWOW64\srvany.exe

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UpdatePRCShortCut => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EgisTecPMMUpdate => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EgisUpdate => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdatePRCShortCut => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Connectify => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage => Value not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a8490d6-1f53-11e2-bda6-74de2be586f8} => Key not found.
HKCR\CLSID\{5a8490d6-1f53-11e2-bda6-74de2be586f8} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb5a00c5-7c5e-11e2-bea4-74de2be586f8} => Key not found.
HKCR\CLSID\{bb5a00c5-7c5e-11e2-bea4-74de2be586f8} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb5a00d5-7c5e-11e2-bea4-74de2be586f8} => Key not found.
HKCR\CLSID\{bb5a00d5-7c5e-11e2-bea4-74de2be586f8} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{edac0ba5-ebfe-11e2-832f-101f74f24ed5} => Key not found.
HKCR\CLSID\{edac0ba5-ebfe-11e2-832f-101f74f24ed5} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
KMService => Service not found.
"C:\Users\D\Desktop\FRSTLauncher.exe" => File/Directory not found.
"C:\Users\D\Downloads\FRSTLauncher.exe" => File/Directory not found.
"C:\Users\D\Downloads\RSITx64.exe" => File/Directory not found.
"C:\windows\core.exe" => File/Directory not found.
"C:\windows\start.exe" => File/Directory not found.
"C:\windows\litecoin.conf" => File/Directory not found.
"C:\Users\D\Desktop\adwcleaner.exe" => File/Directory not found.
"C:\ProgramData\hash.dat" => File/Directory not found.
"C:\Users\D\AppData\Local\Temp\avgnt.exe" => File/Directory not found.
"C:\Users\D\AppData\Local\Temp\Uninstall.exe" => File/Directory not found.
"C:\Users\D\AppData\Local\Temp\uttA98C.tmp.exe" => File/Directory not found.
"C:\Windows\KMService.exe" => File/Directory not found.
"C:\Windows\SysWOW64\srvany.exe" => File/Directory not found.
C:\windows\Tasks\Adobe Flash Player Updater.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.

==== End of Fixlog ====

Nastal jeden problém... zamrzol mi program tak som to pustil ešte raz.... tým pádom všade napísalo not found ale pred tým tam bolo deleted alebo moved sucessfull....akurát pri tej hosts bolo to čo je aj teraz

#6 Příspěvek od **vyosek** » 27 led 2014 20:09

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

zeroboyko · #7 Příspěvek od **zeroboyko** » 28 led 2014 21:58

Všetko zatiaľ šľape...dakujem veľmi pekne

#8 Příspěvek od **vyosek** » 28 led 2014 22:22

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

spúšťanie podozrivých procesov

spúšťanie podozrivých procesov

Re: spúšťanie podozrivých procesov

Re: spúšťanie podozrivých procesov

Re: spúšťanie podozrivých procesov

Re: spúšťanie podozrivých procesov

Re: spúšťanie podozrivých procesov

Re: spúšťanie podozrivých procesov

Re: spúšťanie podozrivých procesov