extrémne zavírený windows

Zpráva

sabrina.sms · #1 Příspěvek od **sabrina.sms** » 01 kvě 2014 21:07

Dobrý večer, dneska ráno som hladala keygen k hre , a stiahla som jeden ktorý mi zavíril počitač spomalil sa mi pc o 70% sekajú mi všetky prehliadače a aj tento príspevok píšem cez núdzový režim windowsu lebo tu ide ako tak. zmenilo mi to aj domovskú stránku vo všetkých prehliadačoch nejde nič spustiť ani správca úloh a myslela som si že keď tam nainštalujem 4 spyware tak sa to vyrieši ale ešte sa to zhoršilo. Ďakujem za skorú odpoveď.

tu prikladám log z rsitu:

Logfile of random's system information tool 1.09 (written by random/random)
Run by sabina at 2014-05-01 21:55:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 742 GB (78%) free of 954 GB
Total RAM: 8183 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:01, on 1. 5. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\sabina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 4359243592
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 4359243592
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 4359243592
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 4359243592
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10293 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_97/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --channel="1732.2.1105577526\2104033168" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\sabina\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\avast! Emergency Update.job
C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 70b506f8-304b-42d1-92d2-0bbd232302c5.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 86ee4828-a015-444d-accd-1d2bc06bdc8b.job

=========Mozilla firefox=========

ProfilePath - C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\aod6gtn6.default-1398860206467

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-04-11 513648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2014-02-25 1821888]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-07-10 5661056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-04 630912]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-05-01 21:55:59 ----D---- C:\rsit
2014-05-01 21:53:31 ----A---- C:\Windows\ntbtlog.txt
2014-05-01 15:37:20 ----A---- C:\Users\sabina\AppData\Roaming\LiveSupport.exe_log.txt
2014-05-01 15:37:17 ----D---- C:\ProgramData\WPM
2014-05-01 14:46:05 ----D---- C:\Users\sabina\AppData\Roaming\SUPERAntiSpyware.com
2014-05-01 14:42:52 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-05-01 14:42:52 ----D---- C:\Program Files\SUPERAntiSpyware
2014-05-01 14:42:00 ----D---- C:\ProgramData\SUPERSetup
2014-05-01 14:07:40 ----A---- C:\Windows\system32\sdnclean64.exe
2014-05-01 14:07:38 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-01 14:07:32 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-01 00:38:33 ----D---- C:\Program Files\PCDApp
2014-05-01 00:38:20 ----D---- C:\Users\sabina\AppData\Roaming\SupTab
2014-05-01 00:37:35 ----D---- C:\Users\sabina\AppData\Roaming\webssearches
2014-04-30 16:39:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-30 14:24:23 ----A---- C:\autoexec.bat
2014-04-30 14:23:51 ----D---- C:\sh4ldr
2014-04-30 14:23:51 ----D---- C:\Program Files\Enigma Software Group
2014-04-30 14:23:08 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-04-30 13:49:04 ----D---- C:\ProgramData\IePluginService
2014-04-30 13:49:04 ----D---- C:\Program Files (x86)\SupTab
2014-04-30 13:46:50 ----D---- C:\Program Files (x86)\WebSpades
2014-04-30 13:45:40 ----D---- C:\Program Files (x86)\Torntv V9.0
2014-04-15 13:11:02 ----D---- C:\ProgramData\Blizzard Entertainment
2014-04-15 13:09:40 ----D---- C:\ProgramData\Battle.net
2014-04-13 20:00:53 ----D---- C:\Users\sabina\AppData\Roaming\dvdcss
2014-04-11 02:09:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-11 02:09:21 ----A---- C:\Windows\system32\ieui.dll
2014-04-11 02:09:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-11 02:09:19 ----A---- C:\Windows\system32\vbscript.dll
2014-04-11 02:09:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 02:09:12 ----A---- C:\Windows\system32\iernonce.dll
2014-04-11 02:09:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 02:09:12 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-11 02:09:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-11 02:09:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-11 02:09:10 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-11 02:09:10 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-11 02:09:10 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-11 02:09:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-11 02:09:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-11 02:09:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-11 02:09:09 ----A---- C:\Windows\system32\msrating.dll
2014-04-11 02:09:09 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-11 02:09:09 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-11 02:09:08 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-11 02:09:08 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-11 02:09:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-11 02:09:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-11 02:09:08 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-11 02:09:08 ----A---- C:\Windows\system32\iesetup.dll
2014-04-11 02:09:07 ----A---- C:\Windows\system32\mshtml.dll
2014-04-11 02:09:05 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-11 02:09:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-11 02:09:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-11 02:09:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-11 02:09:01 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-11 02:09:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 02:09:00 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-11 02:08:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-11 02:08:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-11 02:08:59 ----A---- C:\Windows\system32\iertutil.dll
2014-04-11 02:08:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-11 02:08:58 ----A---- C:\Windows\system32\wininet.dll
2014-04-11 02:08:58 ----A---- C:\Windows\system32\urlmon.dll
2014-04-11 02:08:57 ----A---- C:\Windows\system32\ieframe.dll
2014-04-11 02:08:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-11 02:08:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-11 02:08:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-11 02:08:54 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 13:03:48 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 13:03:48 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 13:03:48 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 13:03:48 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 13:03:48 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 13:03:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 13:03:46 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 13:03:46 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 13:03:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 13:03:45 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 13:03:45 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 13:03:45 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 13:03:45 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 13:03:45 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 13:03:45 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 13:03:45 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 13:03:44 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-05 17:28:18 ----D---- C:\Program Files (x86)\Steam
2014-03-21 15:53:45 ----D---- C:\Program Files (x86)\Creative
2014-03-21 15:53:45 ----A---- C:\Windows\SYSWOW64\eax.dll
2014-03-21 15:53:42 ----A---- C:\Windows\IsUninst.exe
2014-03-21 15:48:23 ----D---- C:\Program Files\Mafia
2014-03-14 13:20:54 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-14 13:20:53 ----A---- C:\Windows\system32\win32k.sys
2014-03-14 13:20:51 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-14 13:20:51 ----A---- C:\Windows\system32\wer.dll
2014-03-14 13:20:08 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-14 13:20:08 ----A---- C:\Windows\system32\qedit.dll
2014-03-14 13:20:07 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-14 13:20:07 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-10 12:52:24 ----D---- C:\Program Files (x86)\MSECache
2014-02-26 02:34:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-26 02:32:19 ----D---- C:\Windows\Migration
2014-02-14 00:12:35 ----D---- C:\ProgramData\Firefly Studios
2014-02-12 15:21:34 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-12 15:21:34 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-12 15:21:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-12 15:21:34 ----A---- C:\Windows\system32\msxml3.dll
2014-02-12 15:21:28 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-12 15:21:28 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-12 15:21:28 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-12 15:21:27 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-12 15:21:27 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-12 15:21:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-12 15:21:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-12 15:21:27 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-12 15:21:27 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-12 15:21:27 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-12 15:21:27 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-12 15:21:27 ----A---- C:\Windows\system32\secproc.dll
2014-02-12 15:21:27 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 15:21:27 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 15:21:27 ----A---- C:\Windows\system32\msdrm.dll
2014-02-12 15:21:26 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-12 15:21:26 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-12 15:21:26 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 15:21:23 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-12 15:21:23 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-12 15:21:23 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-12 15:21:23 ----A---- C:\Windows\system32\d2d1.dll
2014-02-03 23:33:45 ----D---- C:\Program Files\Defraggler

======List of files/folders modified in the last 3 months======

2014-05-01 21:56:00 ----D---- C:\Program Files\trend micro
2014-05-01 21:55:49 ----D---- C:\Windows\Temp
2014-05-01 21:53:31 ----D---- C:\Windows
2014-05-01 21:50:57 ----D---- C:\ProgramData\NVIDIA
2014-05-01 15:37:17 ----HD---- C:\ProgramData
2014-05-01 14:51:24 ----D---- C:\Users\sabina\AppData\Roaming\Winamp
2014-05-01 14:46:50 ----D---- C:\Windows\Tasks
2014-05-01 14:42:52 ----RD---- C:\Program Files
2014-05-01 14:16:26 ----D---- C:\Windows\system32\config
2014-05-01 14:12:29 ----AD---- C:\ProgramData\TEMP
2014-05-01 14:07:45 ----SD---- C:\ProgramData\Microsoft
2014-05-01 14:07:40 ----D---- C:\Windows\System32
2014-05-01 14:07:32 ----RD---- C:\Program Files (x86)
2014-05-01 14:06:48 ----D---- C:\Windows\inf
2014-05-01 14:06:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-01 01:13:03 ----D---- C:\Windows\system32\LogFiles
2014-05-01 01:11:59 ----D---- C:\Users\sabina\AppData\Roaming\uTorrent
2014-05-01 01:07:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-01 01:07:53 ----D---- C:\Windows\system32\drivers
2014-05-01 01:01:55 ----D---- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
2014-05-01 00:58:11 ----SHD---- C:\System Volume Information
2014-05-01 00:38:56 ----SHD---- C:\Windows\Installer
2014-05-01 00:38:53 ----D---- C:\Windows\SysWOW64
2014-04-30 16:39:40 ----D---- C:\Program Files (x86)\Google
2014-04-30 16:34:19 ----D---- C:\Windows\system32\wbem
2014-04-30 16:33:32 ----D---- C:\Windows\system32\wfp
2014-04-30 16:33:32 ----D---- C:\Windows\system32\DriverStore
2014-04-30 16:33:32 ----D---- C:\Windows\system32\drivers\etc
2014-04-30 16:33:32 ----D---- C:\Windows\system32\catroot2
2014-04-30 16:33:31 ----D---- C:\Windows\system32\CodeIntegrity
2014-04-30 16:33:24 ----D---- C:\ProgramData\PMB Files
2014-04-30 16:33:19 ----D---- C:\Windows\registration
2014-04-30 16:33:13 ----SD---- C:\Users\sabina\AppData\Roaming\Microsoft
2014-04-25 10:19:58 ----RSD---- C:\Windows\Fonts
2014-04-21 11:02:25 ----D---- C:\Users\sabina\AppData\Roaming\CoreFTP
2014-04-21 11:02:24 ----D---- C:\Windows\Logs
2014-04-20 21:48:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-19 18:23:55 ----D---- C:\Users\sabina\AppData\Roaming\vlc
2014-04-15 13:17:00 ----D---- C:\Program Files (x86)\Common Files
2014-04-11 14:56:01 ----D---- C:\Windows\winsxs
2014-04-11 14:55:20 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-04-11 14:55:20 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-11 14:55:20 ----D---- C:\Program Files\Internet Explorer
2014-04-11 14:55:19 ----D---- C:\Windows\system32\sk-SK
2014-04-11 14:55:19 ----D---- C:\Windows\system32\en-US
2014-04-11 14:55:19 ----D---- C:\Windows\PolicyDefinitions
2014-04-11 14:55:19 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-11 02:09:45 ----D---- C:\Windows\system32\catroot
2014-04-09 16:00:34 ----D---- C:\Windows\AppPatch
2014-04-09 14:07:32 ----D---- C:\ProgramData\Microsoft Help
2014-04-05 17:29:44 ----RSD---- C:\Windows\assembly
2014-03-31 09:35:08 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-27 09:56:22 ----D---- C:\Users\sabina\AppData\Roaming\Skype
2014-03-27 09:27:34 ----D---- C:\ProgramData\Skype
2014-03-27 09:27:31 ----RD---- C:\Program Files (x86)\Skype
2014-02-27 14:00:06 ----D---- C:\Windows\Microsoft.NET
2014-02-26 13:59:19 ----D---- C:\Program Files (x86)\Electronic Arts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-24 92544]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-17 283064]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-24 65776]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-24 207904]
S1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-24 1034464]
S1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-24 422216]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
S2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-11-13 55936]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-24 78648]
S3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-24 79672]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2012-10-23 77144]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-12 140672]
S2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-05-04 361984]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-24 50344]
S2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-10-23 580728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-30 116648]
S2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-04-11 705136]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-02 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-11-02 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-26 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 01 kvě 2014 21:18

Zdravim a pekny vecer preji

Cracky\keygeny jsou nejlepsi cesta k zavireni PC, nehlede na porusovani autorskeho zakona

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

sabrina.sms · #3 Příspěvek od **sabrina.sms** » 01 kvě 2014 22:01

ADWCLEANER

# AdwCleaner v3.205 - Report created 01/05/2014 at 22:53:00
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : sabina - SABINA-PC
# Running from : C:\Users\sabina\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginService

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\Torntv V9.0
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Program Files\PC Optimizer Pro
Folder Deleted : C:\Users\sabina\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\sabina\AppData\Roaming\SupTab
Folder Deleted : C:\Users\sabina\AppData\Roaming\webssearches
Folder Deleted : C:\Users\sabina\Documents\Optimizer Pro
Folder Deleted : C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default\Extensions\quick_start@gmail.com
File Deleted : C:\Users\sabina\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\sabina\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml
File Deleted : C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\aod6gtn6.default-1398860206467\user.js
File Deleted : C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\supTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\webssearchesSoftware
Key Deleted : HKLM\Software\Wpm

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v28.0 (sk)

[ File : C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\aod6gtn6.default-1398860206467\prefs.js ]

[ File : C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hppp&ts=1398898482&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S264359243592");

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=dspp&ts=1398973705&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S264359243592&q={searchTerms}
Deleted [Startup_urls] : hxxp://istart.webssearches.com/?type=hppp&ts=1398973705&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S264359243592
Deleted [Homepage] : hxxp://istart.webssearches.com/?type=hppp&ts=1398973705&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S264359243592

*************************

AdwCleaner[R0].txt - [6656 octets] - [01/05/2014 22:52:07]
AdwCleaner[S0].txt - [5102 octets] - [01/05/2014 22:53:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5162 octets] ##########

sabrina.sms · #4 Příspěvek od **sabrina.sms** » 01 kvě 2014 22:01

MBAR LOG

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.05.01.12

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.0.9600.17041
sabina :: SABINA-PC [administrator]

1. 5. 2014 22:37:43
mbar-log-2014-05-01 (22-37-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 283702
Time elapsed: 9 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23BCF74C-00C6-0328-CA15-C8711DCCB5A5}_is1 (Trojan.Agent.VBS) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\Windows\inf\msmgshfmj (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Program Files (x86)\winrar 4.11 full cz 32bit (Trojan.Agent.VBS) -> Delete on reboot.
C:\Windows\inf\mncpobor (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams (Trojan.Agent.BCM) -> Delete on reboot.

Files Detected: 47
C:\Windows\inf\msmgshfmj\diablo130302.cl (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\diakgcn121016.cl (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\libcurl.dll (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\libeay32.dll (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\libidn-11.dll (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\librtmp.dll (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\libssh2.dll (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\libusb-1.0.dll (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\msmgshfmj.exe (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\phatk121016.cl (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\poclbm130302.cl (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\scrypt130511.cl (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\ssleay32.dll (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\zlib1.dll (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams\ztex_ufm1_15b1.bit (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams\ztex_ufm1_15d1.bit (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams\ztex_ufm1_15d3.bit (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams\ztex_ufm1_15d4.bin (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams\ztex_ufm1_15d4.bit (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams\ztex_ufm1_15y1.bin (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\msmgshfmj\bitstreams\ztex_ufm1_15y1.bit (Trojan.BitCoinMiner) -> Delete on reboot.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Delete on reboot.
C:\Program Files (x86)\winrar 4.11 full cz 32bit\unins000.dat (Trojan.Agent.VBS) -> Delete on reboot.
C:\Program Files (x86)\winrar 4.11 full cz 32bit\unins000.exe (Trojan.Agent.VBS) -> Delete on reboot.
C:\Program Files (x86)\winrar 4.11 full cz 32bit\winrar 4.11 full cz 32bit.exe (Trojan.Agent.VBS) -> Delete on reboot.
C:\Windows\inf\mncpobor\diablo130302.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\diakgcn121016.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\libcurl.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\libeay32.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\libidn-11.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\librtmp.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\libssh2.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\libusb-1.0.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\phatk121016.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\poclbm130302.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\scrypt130511.cl (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\ssleay32.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\zlib1.dll (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams\ztex_ufm1_15b1.bit (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams\ztex_ufm1_15d1.bit (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams\ztex_ufm1_15d3.bit (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams\ztex_ufm1_15d4.bin (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams\ztex_ufm1_15d4.bit (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams\ztex_ufm1_15y1.bin (Trojan.Agent.BCM) -> Delete on reboot.
C:\Windows\inf\mncpobor\bitstreams\ztex_ufm1_15y1.bit (Trojan.Agent.BCM) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#5 Příspěvek od **vyosek** » 01 kvě 2014 22:06

Jeste poprosim o Zoek

sabrina.sms · #6 Příspěvek od **sabrina.sms** » 01 kvě 2014 22:30

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by sabina on çt 01. 05. 2014 at 23:03:08,56.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sabina\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1. 5. 2014 23:04:12 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\aod6gtn6.default-1398860206467\prefs.js:

Added to C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\aod6gtn6.default-1398860206467\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default\prefs.js:

Added to C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\aod6gtn6.default-1398860206467

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201401.05._2317_.backup

ProfilePath: C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs_201401.05._2317_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\IePluginService deleted
C:\PROGRA~3\WPM deleted
C:\Windows\wininit.ini deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{cb84136f-9c44-433a-9048-c5cd9df1dc16}"="C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox" [24. 01. 2014 18:39]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\aod6gtn6.default-1398860206467
2557FBC582910A71CDEB0F22886D118D - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash

Profilepath: C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default
2557FBC582910A71CDEB0F22886D118D - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll - Shockwave Flash

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[24. 01. 2014 18:30]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09. 10. 2013 10:59]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browser Defender_is1 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sabina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\sabina\AppData\Local\Mozilla\Firefox\Profiles\n04xg997.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=10 folders=5 1283240 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\sabina\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\sabina\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on çt 01. 05. 2014 at 23:27:57,46 ======================

#7 Příspěvek od **vyosek** » 01 kvě 2014 22:35

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

sabrina.sms · #8 Příspěvek od **sabrina.sms** » 01 kvě 2014 22:41

SUPERAntiSpyware Free Edition program mi nejde odijnstalovat

sabrina.sms · #9 Příspěvek od **sabrina.sms** » 01 kvě 2014 22:43

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 02
Ran by sabina (administrator) on SABINA-PC on 01-05-2014 23:40:21
Running from C:\Users\sabina\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-24] (AVAST Software)
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: H - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: {26bb5e3d-3722-11e3-90cf-d43d7e277f36} - F:\Setup.exe
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: {55e94e70-4dfe-11e3-8fe5-d43d7e277f36} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: {a4227617-7eab-11e3-bf9c-d43d7e277f36} - H:\HTC_Sync_Manager_PC.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x76E963A707A1CE01
URLSearchHook: HKCU - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-24]
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\
FF Extension: Browser Guard Toolbar - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ []

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-24]
CHR Extension: (Disk Google) - C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-24]
CHR Extension: (YouTube) - C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-24]
CHR Extension: (Hľadať v Google) - C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-24]
CHR Extension: (Peňaženka Google) - C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2011-08-12] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-24] (AVAST Software)
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [580728 2012-10-23] (Threat Expert Ltd.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-24] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-17] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [77144 2012-10-23] (PC Tools)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-01 23:40 - 2014-05-01 23:40 - 00011779 _____ () C:\Users\sabina\Downloads\FRST.txt
2014-05-01 23:39 - 2014-05-01 23:40 - 00000000 ____D () C:\FRST
2014-05-01 23:39 - 2014-05-01 23:39 - 02062336 _____ (Farbar) C:\Users\sabina\Downloads\FRST64.exe
2014-05-01 23:37 - 2014-05-01 23:37 - 00000056 _____ () C:\Windows\setupact.log
2014-05-01 23:37 - 2014-05-01 23:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-01 23:21 - 2014-05-01 23:03 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-01 23:00 - 2014-05-01 23:17 - 00000000 ____D () C:\zoek_backup
2014-05-01 22:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-01 22:51 - 2014-05-01 22:53 - 00000000 ____D () C:\AdwCleaner
2014-05-01 22:36 - 2014-05-01 22:36 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-01 21:55 - 2014-05-01 21:56 - 00000000 ____D () C:\rsit
2014-05-01 15:37 - 2014-05-01 15:12 - 00001325 _____ () C:\Quarantine.reg
2014-05-01 15:37 - 2014-05-01 15:12 - 00000057 _____ () C:\Quarantine.lst
2014-05-01 14:46 - 2014-05-01 14:46 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 86ee4828-a015-444d-accd-1d2bc06bdc8b.job
2014-05-01 14:46 - 2014-05-01 14:46 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 70b506f8-304b-42d1-92d2-0bbd232302c5.job
2014-05-01 14:46 - 2014-05-01 14:46 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\SUPERAntiSpyware.com
2014-05-01 14:42 - 2014-05-01 23:36 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-01 14:42 - 2014-05-01 14:45 - 00000000 ____D () C:\ProgramData\SUPERSetup
2014-05-01 14:42 - 2014-05-01 14:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-01 14:42 - 2014-05-01 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-01 14:07 - 2014-05-01 22:50 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-01 14:07 - 2014-05-01 22:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-01 00:38 - 2014-05-01 00:49 - 00000000 ____D () C:\Program Files\PCDApp
2014-05-01 00:35 - 2014-05-01 00:36 - 00340480 _____ () C:\Users\sabina\Downloads\GTA5KeyGeneratorV3.2Setup__6196_il18331.exe
2014-04-30 16:39 - 2014-05-01 00:44 - 00002267 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-30 16:39 - 2014-04-30 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-30 16:39 - 2014-04-30 16:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-30 16:38 - 2014-04-30 16:38 - 00884720 _____ (Google Inc.) C:\Users\sabina\Downloads\ChromeSetup(1).exe
2014-04-30 16:38 - 2014-04-30 16:38 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-30 14:24 - 2014-04-30 14:24 - 00000000 _____ () C:\autoexec.bat
2014-04-30 14:23 - 2014-04-30 14:23 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-04-30 14:23 - 2014-04-30 14:23 - 00000000 ____D () C:\sh4ldr
2014-04-30 14:23 - 2014-04-30 14:23 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-30 13:46 - 2014-04-30 16:33 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-04-26 16:32 - 2014-04-26 16:33 - 00000000 ____D () C:\Users\sabina\Desktop\Twilight sága - Kolekce
2014-04-25 10:18 - 2014-04-25 10:18 - 02012306 _____ () C:\Users\sabina\Desktop\menovka.psd
2014-04-25 10:18 - 2014-04-25 10:18 - 00627240 _____ () C:\Users\sabina\Desktop\BickhamScriptPro-Semibold.otf
2014-04-25 10:18 - 2014-04-25 10:18 - 00612936 _____ () C:\Users\sabina\Desktop\BickhamScriptPro-Bold.otf
2014-04-25 10:18 - 2014-04-25 10:18 - 00603684 _____ () C:\Users\sabina\Desktop\BickhamScriptPro-Regular.otf
2014-04-25 10:18 - 2014-04-25 10:18 - 00104465 _____ () C:\Users\sabina\Desktop\Bickham Script.ttf
2014-04-24 23:26 - 2014-04-24 23:27 - 00000000 ____D () C:\Users\sabina\Desktop\Horuce strely
2014-04-23 08:22 - 2014-04-23 18:36 - 00000000 ____D () C:\Users\sabina\Desktop\House
2014-04-22 23:25 - 2014-04-23 08:57 - 733508832 _____ () C:\Users\sabina\Desktop\VRAHOUNI.avi
2014-04-20 21:45 - 2014-04-20 21:55 - 00000000 ____D () C:\Users\sabina\Desktop\skola
2014-04-20 19:50 - 2014-04-20 19:52 - 00000000 ____D () C:\Users\sabina\Desktop\Slečna Drsňák
2014-04-15 13:40 - 2014-04-15 13:40 - 00000000 ____D () C:\Users\sabina\AppData\Local\Blizzard Entertainment
2014-04-15 13:11 - 2014-04-15 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-04-15 13:11 - 2014-04-15 13:17 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-04-15 13:09 - 2014-04-15 13:10 - 00000000 ____D () C:\ProgramData\Battle.net
2014-04-15 13:02 - 2014-04-15 13:03 - 10469888 _____ (Blizzard Entertainment) C:\Users\sabina\Desktop\Wow.exe
2014-04-15 00:33 - 2014-04-20 21:55 - 00000000 ____D () C:\Users\sabina\Desktop\Nový priečinok (2)
2014-04-13 20:00 - 2014-04-13 20:00 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\dvdcss
2014-04-13 00:57 - 2014-04-13 00:57 - 00000000 __SHD () C:\Users\sabina\AppData\Local\EmieUserList
2014-04-13 00:57 - 2014-04-13 00:57 - 00000000 __SHD () C:\Users\sabina\AppData\Local\EmieSiteList
2014-04-12 19:45 - 2014-04-12 19:45 - 00000000 ____D () C:\Users\sabina\Desktop\STUJ__NEBO_MAMINKA_VYSTRELI
2014-04-11 19:38 - 2014-04-11 20:03 - 00000000 ____D () C:\Users\sabina\Desktop\Plán útěku
2014-04-11 02:09 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-11 02:09 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-11 02:09 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 02:09 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-11 02:09 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-11 02:09 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-11 02:09 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-11 02:09 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-11 02:09 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-11 02:09 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-11 02:09 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-11 02:09 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-11 02:09 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-11 02:09 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 02:09 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-11 02:09 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 02:09 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-11 02:09 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-11 02:09 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-11 02:09 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 02:09 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-11 02:09 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-11 02:09 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-11 02:09 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-11 02:09 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-11 02:09 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-11 02:09 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-11 02:09 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-11 02:09 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-11 02:09 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-11 02:09 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-11 02:09 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-11 02:09 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-11 02:09 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-11 02:09 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-11 02:08 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-11 02:08 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-11 02:08 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-11 02:08 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-11 02:08 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-11 02:08 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-11 02:08 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-11 02:08 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-11 02:08 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-11 02:08 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-11 02:08 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-11 02:08 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-11 02:08 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 13:03 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 13:03 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 13:03 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 13:03 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 13:03 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 13:03 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 13:03 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 13:03 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 13:03 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 13:03 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 13:03 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 13:03 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 13:03 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 13:03 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 13:03 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 13:03 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 13:03 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-05 18:51 - 2014-04-05 18:51 - 00000000 ____D () C:\Users\sabina\AppData\Local\SKIDROW
2014-04-05 18:44 - 2014-04-05 18:48 - 00000000 ____D () C:\Users\sabina\Desktop\Saints Row The Third
2014-04-05 17:28 - 2014-05-01 23:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-05 17:28 - 2014-04-05 17:28 - 00000917 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-05 17:28 - 2014-04-05 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-05 17:21 - 2014-04-05 18:50 - 00000000 ____D () C:\Users\sabina\Desktop\Saints.Row.The.Third-SKIDROW

==================== One Month Modified Files and Folders =======

2014-05-01 23:40 - 2014-05-01 23:40 - 00011779 _____ () C:\Users\sabina\Downloads\FRST.txt
2014-05-01 23:40 - 2014-05-01 23:39 - 00000000 ____D () C:\FRST
2014-05-01 23:39 - 2014-05-01 23:39 - 02062336 _____ (Farbar) C:\Users\sabina\Downloads\FRST64.exe
2014-05-01 23:37 - 2014-05-01 23:37 - 00000056 _____ () C:\Windows\setupact.log
2014-05-01 23:37 - 2014-05-01 23:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-01 23:37 - 2013-08-24 22:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-01 23:36 - 2014-05-01 14:42 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-01 23:34 - 2013-11-14 18:50 - 01765676 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 23:34 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 23:34 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 23:32 - 2009-07-14 07:13 - 00782010 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 23:31 - 2014-04-05 17:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-01 23:31 - 2014-03-20 18:08 - 00000000 ____D () C:\Users\sabina\AppData\Local\CrashDumps
2014-05-01 23:31 - 2013-09-09 13:09 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\uTorrent
2014-05-01 23:31 - 2013-08-24 22:52 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\Winamp
2014-05-01 23:17 - 2014-05-01 23:00 - 00000000 ____D () C:\zoek_backup
2014-05-01 23:03 - 2014-05-01 23:21 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-01 22:53 - 2014-05-01 22:51 - 00000000 ____D () C:\AdwCleaner
2014-05-01 22:50 - 2014-05-01 14:07 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-01 22:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\TAPI
2014-05-01 22:36 - 2014-05-01 22:36 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-01 22:35 - 2014-05-01 14:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-01 21:56 - 2014-05-01 21:55 - 00000000 ____D () C:\rsit
2014-05-01 21:56 - 2014-01-25 20:28 - 00000000 ____D () C:\Program Files\trend micro
2014-05-01 15:12 - 2014-05-01 15:37 - 00001325 _____ () C:\Quarantine.reg
2014-05-01 15:12 - 2014-05-01 15:37 - 00000057 _____ () C:\Quarantine.lst
2014-05-01 14:46 - 2014-05-01 14:46 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 86ee4828-a015-444d-accd-1d2bc06bdc8b.job
2014-05-01 14:46 - 2014-05-01 14:46 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 70b506f8-304b-42d1-92d2-0bbd232302c5.job
2014-05-01 14:46 - 2014-05-01 14:46 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\SUPERAntiSpyware.com
2014-05-01 14:45 - 2014-05-01 14:42 - 00000000 ____D () C:\ProgramData\SUPERSetup
2014-05-01 14:42 - 2014-05-01 14:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-01 14:42 - 2014-05-01 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-01 01:07 - 2014-01-25 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-05-01 01:07 - 2014-01-25 22:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-01 01:01 - 2013-10-17 16:27 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
2014-05-01 00:49 - 2014-05-01 00:38 - 00000000 ____D () C:\Program Files\PCDApp
2014-05-01 00:49 - 2013-08-24 22:14 - 00001413 _____ () C:\Users\sabina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-01 00:44 - 2014-04-30 16:39 - 00002267 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-01 00:44 - 2013-11-04 15:30 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-01 00:44 - 2013-11-04 15:30 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-01 00:36 - 2014-05-01 00:35 - 00340480 _____ () C:\Users\sabina\Downloads\GTA5KeyGeneratorV3.2Setup__6196_il18331.exe
2014-04-30 16:39 - 2014-04-30 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-30 16:39 - 2014-04-30 16:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-30 16:39 - 2013-08-24 22:23 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-30 16:38 - 2014-04-30 16:38 - 00884720 _____ (Google Inc.) C:\Users\sabina\Downloads\ChromeSetup(1).exe
2014-04-30 16:38 - 2014-04-30 16:38 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-30 16:35 - 2014-01-24 18:31 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-30 16:35 - 2014-01-24 18:31 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job
2014-04-30 16:34 - 2013-08-24 22:14 - 00000000 ____D () C:\Users\sabina
2014-04-30 16:33 - 2014-04-30 13:46 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-04-30 16:33 - 2013-08-25 14:47 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-30 16:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-30 14:24 - 2014-04-30 14:24 - 00000000 _____ () C:\autoexec.bat
2014-04-30 14:23 - 2014-04-30 14:23 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-04-30 14:23 - 2014-04-30 14:23 - 00000000 ____D () C:\sh4ldr
2014-04-30 14:23 - 2014-04-30 14:23 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-30 01:16 - 2013-08-25 14:47 - 00000000 ____D () C:\Users\sabina\AppData\Local\PMB Files
2014-04-29 09:14 - 2014-03-10 09:36 - 00000000 ___RD () C:\Users\sabina\Desktop\BAKALARKA
2014-04-28 22:40 - 2013-08-24 22:03 - 00000000 ____D () C:\Users\sabina\Desktop\wow
2014-04-28 18:08 - 2014-03-14 01:02 - 00000000 ___RD () C:\Users\sabina\Desktop\Štátnice
2014-04-26 16:33 - 2014-04-26 16:32 - 00000000 ____D () C:\Users\sabina\Desktop\Twilight sága - Kolekce
2014-04-25 17:43 - 2009-07-14 06:45 - 03065304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-25 10:54 - 2013-08-24 22:35 - 00110880 _____ () C:\Users\sabina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-25 10:18 - 2014-04-25 10:18 - 02012306 _____ () C:\Users\sabina\Desktop\menovka.psd
2014-04-25 10:18 - 2014-04-25 10:18 - 00627240 _____ () C:\Users\sabina\Desktop\BickhamScriptPro-Semibold.otf
2014-04-25 10:18 - 2014-04-25 10:18 - 00612936 _____ () C:\Users\sabina\Desktop\BickhamScriptPro-Bold.otf
2014-04-25 10:18 - 2014-04-25 10:18 - 00603684 _____ () C:\Users\sabina\Desktop\BickhamScriptPro-Regular.otf
2014-04-25 10:18 - 2014-04-25 10:18 - 00104465 _____ () C:\Users\sabina\Desktop\Bickham Script.ttf
2014-04-24 23:27 - 2014-04-24 23:26 - 00000000 ____D () C:\Users\sabina\Desktop\Horuce strely
2014-04-23 18:36 - 2014-04-23 08:22 - 00000000 ____D () C:\Users\sabina\Desktop\House
2014-04-23 08:57 - 2014-04-22 23:25 - 733508832 _____ () C:\Users\sabina\Desktop\VRAHOUNI.avi
2014-04-21 11:02 - 2013-11-04 16:47 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\CoreFTP
2014-04-20 21:55 - 2014-04-20 21:45 - 00000000 ____D () C:\Users\sabina\Desktop\skola
2014-04-20 21:55 - 2014-04-15 00:33 - 00000000 ____D () C:\Users\sabina\Desktop\Nový priečinok (2)
2014-04-20 21:48 - 2013-08-24 22:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-20 21:48 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-20 19:52 - 2014-04-20 19:50 - 00000000 ____D () C:\Users\sabina\Desktop\Slečna Drsňák
2014-04-19 18:23 - 2013-10-20 16:03 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\vlc
2014-04-19 00:20 - 2014-01-27 15:59 - 00000256 _____ () C:\Users\sabina\Desktop\Nový textový dokument.txt
2014-04-15 13:40 - 2014-04-15 13:40 - 00000000 ____D () C:\Users\sabina\AppData\Local\Blizzard Entertainment
2014-04-15 13:17 - 2014-04-15 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-04-15 13:17 - 2014-04-15 13:11 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-04-15 13:10 - 2014-04-15 13:09 - 00000000 ____D () C:\ProgramData\Battle.net
2014-04-15 13:03 - 2014-04-15 13:02 - 10469888 _____ (Blizzard Entertainment) C:\Users\sabina\Desktop\Wow.exe
2014-04-13 20:00 - 2014-04-13 20:00 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\dvdcss
2014-04-13 00:57 - 2014-04-13 00:57 - 00000000 __SHD () C:\Users\sabina\AppData\Local\EmieUserList
2014-04-13 00:57 - 2014-04-13 00:57 - 00000000 __SHD () C:\Users\sabina\AppData\Local\EmieSiteList
2014-04-12 19:45 - 2014-04-12 19:45 - 00000000 ____D () C:\Users\sabina\Desktop\STUJ__NEBO_MAMINKA_VYSTRELI
2014-04-11 20:03 - 2014-04-11 19:38 - 00000000 ____D () C:\Users\sabina\Desktop\Plán útěku
2014-04-11 14:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-04-11 14:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-04-11 14:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-09 14:07 - 2013-10-17 16:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-05 18:51 - 2014-04-05 18:51 - 00000000 ____D () C:\Users\sabina\AppData\Local\SKIDROW
2014-04-05 18:50 - 2014-04-05 17:21 - 00000000 ____D () C:\Users\sabina\Desktop\Saints.Row.The.Third-SKIDROW
2014-04-05 18:48 - 2014-04-05 18:44 - 00000000 ____D () C:\Users\sabina\Desktop\Saints Row The Third
2014-04-05 17:28 - 2014-04-05 17:28 - 00000917 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-04-05 17:28 - 2014-04-05 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-02 14:10 - 2014-03-21 14:34 - 00000000 ____D () C:\Users\sabina\Desktop\MAFIA

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-01 14:42

==================== End Of Log ============================

sabrina.sms · #10 Příspěvek od **sabrina.sms** » 01 kvě 2014 22:44

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014 02
Ran by sabina at 2014-05-01 23:41:00
Running from C:\Users\sabina\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent CZ 1.8.3 (build 15638) (HKLM-x32\...\µTorrent CZ_is1) (Version: - emc)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 -

Igor Pavlov)
Adobe After Effects CS4 (HKLM-x32\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe

Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe

Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated)

Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1)

(Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe

Systems Incorporated)
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version:

11.0.06 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Age of Mythology Gold (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: 1.0 -

Microsoft)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-

0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: -

Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-

0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: -

Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-

0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: -

Microsoft)
Aktualizácie NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update)

(Version: 1.11.3 - NVIDIA Corporation)
AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version:

3.0.864.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0504.1554.26509 - Název společnosti:) Hidden
Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-

Converter.com)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 -

Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2011 - Avast Software)
Catalyst Control Center (x32 Version: 2012.0504.1554.26509 - Název společnosti:) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0504.1554.26509 - Advanced Micro Devices,

Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0504.1554.26509 - Advanced Micro

Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.)

Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.)

Hidden
CCC Help Italian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0504.1553.26509 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0504.1554.26509 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Driver San Francisco (HKLM-x32\...\Driver San Francisco) (Version: 1.4.0.0 - Ubisoft)
Driver San Francisco 1.01 (HKLM-x32\...\Driver San Francisco 1.01) (Version: - )
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
ESDX6000_CX5900 User's Guide (HKLM-x32\...\ESDX6000_CX5900 User's Guide) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HP Deskjet 2540 series Basic Device Software (HKLM\...\{BD1EFE20-246B-451F-B900-F1214324DF5F})

(Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version:

30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 -

Hewlett-Packard)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
lightshot-4.4.2.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.10 -

Skillbrains)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Malwarebytes Anti-Malware verzia 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1)

(Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version:

4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Filter Pack 2.0 (HKLM\...\{95140000-2000-0409-1000-0000000FF1CE}) (Version:

14.0.7015.1000 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-

473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}

_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft

Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office Groove MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office Outlook MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft

Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation)

Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2})

(Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d})

(Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc})

(Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028})

(Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-

913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-

B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-

BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9

-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-

6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-

8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MioMore Desktop 7.30 (HKLM-x32\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.30) (Version:

7.30.0016.40 - Mio Technology)
Mozilla Firefox 28.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 sk)) (Version: 28.0 -

Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version:

4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version:

4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft

Game Studios)
Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod 1.00 (HKLM-x32\...\Nod 32 v. 3.0.650 CZ

+ funkční crack do roku 2050 + návod 1.00) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.3 - Notepad++ Team)
NVIDIA 3D Vision radič ovládača 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA Grafický ovládač 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver)

(Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Ovládač 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver)

(Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA Softvér systému s podporou technológie PhysX 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-

BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Ovládací panel NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 -

Pando Networks Inc.)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PIF DESIGNER (HKLM-x32\...\{B90450DF-E781-46FD-B1F1-0C86DA40E443}) (Version: - )
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{2302D958-4F1E-469A-8A90-

15C321320C71}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple

Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476})

(Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})

(Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version:

1.00.0000 - Rockstar Games)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 -

Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype

Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve

Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 -

UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-

0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-

0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: -

Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-

0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: -

Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-

0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: -

Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-

0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: -

Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-

0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: -

Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-

001A-0405-0000-0000000FF1CE}_ENTERPRISE_{A030537D-0034-46AD-A730-B1119786F607}) (Version: -

Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030

-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: -

Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-

x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1})

(Version: - Microsoft)
uTorrent CZ 1.8.3 version for Windows (HKLM-x32\...\{B6775E22-DBCC-1BA2-0416-CACE257BE884}_is1)

(Version: for Windows - )
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Restore Points =========================

30-04-2014 22:57:59 twilight
01-05-2014 21:03:56 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-01 23:04 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {265E9527-14AB-464B-AA40-7F6A7FE124CB} - System32\Tasks\Adobe Flash Player Updater => C:

\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-20] (Adobe Systems

Incorporated)
Task: {26F280C1-F823-425F-B131-BD17F08F7517} - System32\Tasks\Microsoft\Microsoft Antimalware

\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {463B2CE5-3442-4A09-954E-83AC6F883A90} - System32\Tasks\Microsoft\Microsoft Antimalware

\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {5879B658-0DE0-4B0E-8C48-9EBC5DD1FF42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:

\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-30] (Google Inc.)
Task: {7CD598A2-E3E1-4D9E-8224-9F49DBA1D1C8} - System32\Tasks\CCleanerSkipUAC => C:\Program

Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {D4E91AEC-5F11-4E75-B096-FD99FA3A82A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:

\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-30] (Google Inc.)
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast

\AvastEmUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update

\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 70b506f8-304b-42d1-92d2-0bbd232302c5.job

=> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 86ee4828-a015-444d-accd-1d2bc06bdc8b.job

=> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2013-08-24 22:32 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation

\Display\NvSmartMax64.dll
2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet

Pass-Through\PassThruSvr.exe
2014-05-01 00:54 - 2014-04-30 21:31 - 02252800 _____ () C:\Program Files\AVAST Software\Avast

\defs\14043002\algo.dll
2014-01-24 18:30 - 2014-01-24 18:30 - 19336120 _____ () C:\Program Files\AVAST Software\Avast

\libcef.dll
2014-04-30 16:39 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome

\Application\34.0.1847.131\chrome_elf.dll
2014-04-30 16:39 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome

\Application\34.0.1847.131\libglesv2.dll
2014-04-30 16:39 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome

\Application\34.0.1847.131\libegl.dll
2014-04-30 16:39 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome

\Application\34.0.1847.131\pdf.dll
2014-04-30 16:39 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome

\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-30 16:39 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome

\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-30 16:39 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome

\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application

Support\APSDaemon.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers

installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a

new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be

resolved.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers

installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a

new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be

resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2014 11:32:53 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The

first DWORD in the Data section contains the Win32 error code.

Error: (05/01/2014 11:32:53 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The

first DWORD in the Data section contains the Win32 error code.

Error: (05/01/2014 11:00:15 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The

first DWORD in the Data section contains the Win32 error code.

Error: (05/01/2014 11:00:15 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The

first DWORD in the Data section contains the Win32 error code.

Error: (05/01/2014 09:57:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The

first DWORD in the Data section contains the Win32 error code.

Error: (05/01/2014 09:57:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The

first DWORD in the Data section contains the Win32 error code.

Error: (10/26/2013 00:52:51 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (10/26/2013 11:05:59 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/26/2013 11:05:01 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The

first DWORD in the Data section contains the Win32 error code.

Error: (10/26/2013 11:05:01 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The

first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (05/01/2014 10:50:27 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Windows Event Log, od ktorej závisí služba Plánovač úloh, zlyhalo

kvôli nasledujúcej chybe:
%%1058

Error: (05/01/2014 10:48:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Error: (05/01/2014 10:48:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Error: (05/01/2014 10:48:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Error: (05/01/2014 10:46:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Error: (05/01/2014 10:46:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Error: (05/01/2014 10:46:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Error: (05/01/2014 10:46:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Error: (05/01/2014 10:46:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Error: (05/01/2014 10:46:37 PM) (Source: Service Control Manager) (User: )
Description: Spustenie služby Server, od ktorej závisí služba Computer Browser, zlyhalo kvôli

nasledujúcej chybe:
%%1068

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 24%
Total physical RAM: 8182.69 MB
Available physical RAM: 6140.48 MB
Total Pagefile: 16363.56 MB
Available Pagefile: 13979.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:725.02 GB) NTFS ==>[Drive with boot components

(obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 26CA0C85)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#11 Příspěvek od **vyosek** » 02 kvě 2014 05:22

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: H - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: {26bb5e3d-3722-11e3-90cf-d43d7e277f36} - F:\Setup.exe
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: {55e94e70-4dfe-11e3-8fe5-d43d7e277f36} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3477457955-4250271348-77972968-1000\...\MountPoints2: {a4227617-7eab-11e3-bf9c-d43d7e277f36} - H:\HTC_Sync_Manager_PC.exe
CU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x76E963A707A1CE01
URLSearchHook: HKCU - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

FF Extension: Browser Guard Toolbar - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ []

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

2014-05-01 23:37 - 2014-05-01 23:37 - 00000056 _____ () C:\Windows\setupact.log
2014-05-01 23:37 - 2014-05-01 23:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-01 23:21 - 2014-05-01 23:03 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-01 23:00 - 2014-05-01 23:17 - 00000000 ____D () C:\zoek_backup
2014-05-01 15:37 - 2014-05-01 15:12 - 00001325 _____ () C:\Quarantine.reg
2014-05-01 15:37 - 2014-05-01 15:12 - 00000057 _____ () C:\Quarantine.lst
2014-05-01 14:46 - 2014-05-01 14:46 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 86ee4828-a015-444d-accd-1d2bc06bdc8b.job
2014-05-01 14:46 - 2014-05-01 14:46 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 70b506f8-304b-42d1-92d2-0bbd232302c5.job
2014-05-01 14:46 - 2014-05-01 14:46 - 00000000 ____D () C:\Users\sabina\AppData\Roaming\SUPERAntiSpyware.com
2014-05-01 14:42 - 2014-05-01 23:36 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-01 14:42 - 2014-05-01 14:45 - 00000000 ____D () C:\ProgramData\SUPERSetup
2014-05-01 14:42 - 2014-05-01 14:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-01 14:42 - 2014-05-01 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-01 14:07 - 2014-05-01 22:50 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-01 14:07 - 2014-05-01 22:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-01 00:35 - 2014-05-01 00:36 - 00340480 _____ () C:\Users\sabina\Downloads\GTA5KeyGeneratorV3.2Setup__6196_il18331.exe
2014-04-30 14:23 - 2014-04-30 14:23 - 00000000 ____D () C:\sh4ldr
2014-04-30 14:23 - 2014-04-30 14:23 - 00000000 ____D () C:\Program Files\Enigma Software Group
C:\Program Files\SUPERAntiSpyware

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

extrémne zavírený windows

extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows

Re: extrémne zavírený windows