Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Virus 100% vyuz. processora

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
DZIPAK
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 08 říj 2014 15:35

Virus 100% vyuz. processora

#1 Příspěvek od DZIPAK »

Zdravim potreboval by som pomoct zrejme ide o virus uz nejakty tyzden my seka pc pri spusteni prehliadacov internetu je to este horsie stale vyskakuju reklamne okna seka flash pri videach atd... a ked dam spravcu uloh processor je nonstop vyuzity na 100%... pridavam frst log a rsit log

FRST:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Dzipak (administrator) on DZUKELDOMKA-PC on 08-10-2014 16:46:56
Running from C:\Users\Dzipak\Desktop
Loaded Profiles: DzukelDomka & Dzipak (Available profiles: DzukelDomka & Dzipak)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\Zrychlenie PC\PCSUService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Windows\SysWOW64\nethtsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\PDApp\pcgen.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
() C:\Windows\SysWOW64\netupdsrv.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Users\Dzipak\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Windows\SysWOW64\lcpmncqtvey.exe
() C:\Windows\SysWOW64\lcpmncnaqa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\snipsmart\bin\tmp4992.tmp
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\snipsmart\updatesnipsmart.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\DownloadHelper.exe
() C:\Program Files (x86)\snipsmart\bin\snipsmart.PurBrowse64.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\DownloadHelper.exe
(OB) C:\Program Files (x86)\SavePass 1.1\58424070-d40e-4268-a04a-39d8220eb788.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\DownloadHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\snipsmart\bin\snipsmart.BrowserAdapter.exe
() C:\Program Files (x86)\snipsmart\bin\snipsmart.BrowserAdapter64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Dzipak\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2014-07-07] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [mncrnrmSrv] => C:\Windows\inf\mncrnrm.vbe [1338 2014-01-13] ()
HKLM-x32\...\Run: [mncqtveySrv] => C:\Windows\SysWOW64\mncqtvey.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2011-09-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mncnaqaSrv] => C:\Windows\SysWOW64\mncnaqa.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-09-28] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2014-08-25] (YTDownloader)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4993920 2014-09-07] (Exent Technologies Ltd.)
HKU\S-1-5-20\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4993920 2014-09-07] (Exent Technologies Ltd.)
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3770640 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [Facebook Update] => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe [215920 2014-07-22] (Facebook Inc.)
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-04-01] ()
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [DriverMax] => [X]
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [DriverMax_RESTART] => [X]
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [PCSpeedUp] => C:\Program Files (x86)\Zrychlenie PC\PCSUNotifier.exe [314664 2014-09-23] ()
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2014-08-25] (YTDownloader)
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4993920 2014-09-07] (Exent Technologies Ltd.)
HKU\S-1-5-21-714635507-2199221034-3097845752-1001\...\MountPoints2: {71b2edfe-42e6-11e4-b497-bcaec5e0aef6} - L:\Startme.exe
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [DriverMax] => [X]
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [DriverMax_RESTART] => [X]
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [PCSpeedUp] => C:\Program Files (x86)\Zrychlenie PC\PCSUNotifier.exe [314664 2014-09-23] ()
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2014-08-25] (YTDownloader)
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4993920 2014-09-07] (Exent Technologies Ltd.)
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Dzipak\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Dzipak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-18\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4993920 2014-09-07] (Exent Technologies Ltd.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-07-16] (Microsoft Corporation)
AlternateShell: 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x69D0DF2EC0E1CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk-SK
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1410831952&from=amt&uid=ST31000524AS_9VPCLXF3XXXX9VPCLXF3&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1410831952&from=amt&uid=ST31000524AS_9VPCLXF3XXXX9VPCLXF3&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {0DA293B7-8492-4A11-81B2-6D2A8D104178} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKCU - {183E3A49-8F31-4DA3-BCAD-BCCBDE913205} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKCU - {40845651-879A-4D18-B855-12119BF89B21} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKCU - {45ACAD63-3905-477C-931D-599058A672FB} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKCU - {497368C9-9865-4F08-B041-FB7824456B80} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKCU - {6761A146-F381-4D7E-8DAD-7093A840868E} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKCU - {682C2395-5334-4216-B5A6-C8CCF28F6A1D} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKCU - {EC38D709-D5F7-43F9-85E7-B8748520C23A} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKCU - {F4CEC16C-4D3F-4D55-9815-0E1AE3D932E1} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: www.exent.com/GameTreatWidget -> C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Seznam lištička - C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-10-07]
FF Extension: No Name - C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\extensions\VJKPXI46039420@JMZUIOB85844870.com [Not Found]
FF Extension: No Name - C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\extensions\warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com [Not Found]
FF Extension: No Name - C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [Not Found]
FF Extension: No Name - C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\extensions\BGKGT66124770@ZYFBNPM50498512.com [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-10-07]
CHR Extension: (Peňaženka Google) - C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PCSUService; C:\Program Files (x86)\Zrychlenie PC\PCSUService.exe [430888 2014-09-23] ()
S2 ProtectMonitor; C:\Program Files\PDApp\StartHelp.exe [512182 2014-09-30] () [File not signed] <==== ATTENTION
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-09-28] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
U0 asrngamn; C:\Windows\System32\drivers\foyhncjs.sys [79064 2014-10-08] (Malwarebytes Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-28] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-20] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-07-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2014-08-25] (YTDownloader)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-07-07] (Synaptics Incorporated)
R2 X5XSEx_Pr143; C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [56584 2013-07-18] (Exent Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 16:46 - 2014-10-08 16:47 - 00023553 _____ () C:\Users\Dzipak\Desktop\FRST.txt
2014-10-08 16:46 - 2014-10-08 16:47 - 00000000 ____D () C:\FRST
2014-10-08 16:42 - 2014-10-08 16:42 - 00112640 _____ (forum.viry.cz) C:\Users\Dzipak\Desktop\FRSTLauncher.exe
2014-10-08 16:41 - 2014-10-08 16:42 - 00112640 _____ (forum.viry.cz) C:\Users\Dzipak\Downloads\FRSTLauncher.exe
2014-10-08 16:41 - 2014-10-08 16:40 - 02109952 _____ (Farbar) C:\Users\Dzipak\Desktop\FRST64.exe
2014-10-08 16:40 - 2014-10-08 16:40 - 02109952 _____ (Farbar) C:\Users\Dzipak\Downloads\FRST64.exe
2014-10-08 16:40 - 2014-10-08 16:40 - 02109952 _____ (Farbar) C:\Users\Dzipak\Downloads\FRST64 (1).exe
2014-10-08 16:32 - 2014-10-08 16:32 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\foyhncjs.sys
2014-10-08 16:31 - 2014-10-08 16:31 - 00103140 _____ () C:\fbmptn.exe
2014-10-08 16:02 - 2014-10-08 16:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-08 16:02 - 2014-10-08 16:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-08 16:01 - 2014-10-08 16:01 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-08 16:01 - 2014-10-08 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-08 16:01 - 2014-10-08 16:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-08 16:01 - 2014-10-08 16:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-08 16:01 - 2014-09-26 21:01 - 00000000 ____D () C:\Users\Dzipak\Desktop\Malwarebytes Anti-Malware +key 2014
2014-10-08 16:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-08 16:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-08 16:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-07 20:20 - 2014-10-07 20:21 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (14).exe
2014-10-07 20:12 - 2014-10-07 20:14 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (13).exe
2014-10-07 19:56 - 2014-10-07 19:56 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (12).exe
2014-10-07 19:52 - 2014-10-07 19:52 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (11).exe
2014-10-07 19:49 - 2014-10-07 19:50 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (10).exe
2014-10-07 19:44 - 2014-10-07 19:44 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (9).exe
2014-10-07 19:41 - 2014-10-07 19:41 - 00480168 _____ () C:\Users\Dzipak\Downloads\FLVPlayer-Chrome (1).exe
2014-10-07 19:39 - 2014-10-07 19:40 - 00471976 _____ () C:\Users\Dzipak\Downloads\FLVPlayer-Chrome.exe
2014-10-07 19:39 - 2014-10-07 19:39 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (8).exe
2014-10-07 19:37 - 2014-10-07 19:37 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (7).exe
2014-10-07 18:55 - 2014-10-07 18:55 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (6).exe
2014-10-07 18:55 - 2014-10-07 18:55 - 00118149 _____ () C:\Users\Dzipak\Desktop\wmpChrome.crx
2014-10-07 18:52 - 2014-10-07 18:52 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\eCyber
2014-10-07 18:26 - 2014-10-07 18:26 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (5).exe
2014-10-07 18:17 - 2014-10-07 18:17 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (4).exe
2014-10-07 17:07 - 2014-10-07 17:07 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (3).exe
2014-10-07 16:13 - 2014-10-07 16:13 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (2).exe
2014-10-07 15:57 - 2014-10-07 15:57 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (1).exe
2014-10-07 15:40 - 2014-10-07 15:41 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh.exe
2014-10-07 15:08 - 2014-10-07 15:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Adobe
2014-10-07 14:45 - 2014-10-07 14:45 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Blizzard
2014-10-07 12:59 - 2014-10-07 12:59 - 00282909 _____ () C:\Users\Dzipak\Downloads\stiahnuť.htm
2014-10-07 12:47 - 2014-10-07 12:47 - 00000687 _____ () C:\awhC1D8.tmp
2014-10-07 09:29 - 2014-10-07 09:29 - 00000687 _____ () C:\awh3600.tmp
2014-10-07 06:27 - 2014-10-07 06:27 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Macromedia
2014-10-07 06:10 - 2014-10-07 06:10 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Mozilla
2014-10-07 06:10 - 2014-10-07 06:10 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Mozilla
2014-10-07 02:45 - 2014-10-07 02:45 - 00002137 _____ () C:\Users\DzukelDomka\Desktop\AppsHat.lnk
2014-10-07 02:45 - 2014-10-07 02:45 - 00002117 _____ () C:\Users\Dzipak\Desktop\AppsHat.lnk
2014-10-07 02:45 - 2014-10-07 02:45 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-07 02:45 - 2014-10-07 02:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-07 02:42 - 2014-10-07 02:42 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-10-07 02:41 - 2014-10-07 16:41 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Seznam.cz
2014-10-07 02:41 - 2014-10-07 02:41 - 00002166 _____ () C:\Users\DzukelDomka\Desktop\FLV Player.lnk
2014-10-07 02:41 - 2014-10-07 02:41 - 00002146 _____ () C:\Users\Dzipak\Desktop\FLV Player.lnk
2014-10-07 02:41 - 2014-10-07 02:41 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-10-07 02:41 - 2014-10-07 02:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-10-07 02:21 - 2014-10-07 02:21 - 00002093 _____ () C:\Users\Dzipak\Desktop\JDownloader 2.lnk
2014-10-07 02:21 - 2014-10-07 02:21 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-10-07 02:16 - 2014-10-07 02:36 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\JDownloader v2.0
2014-10-07 02:12 - 2014-10-07 02:46 - 00001117 _____ () C:\Users\Dzipak\Desktop\Play Jewel Quest 3.lnk
2014-10-07 02:12 - 2014-10-07 02:46 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
2014-10-07 02:12 - 2014-10-07 02:13 - 00000000 ____D () C:\Program Files (x86)\Free Ride Games
2014-10-07 02:12 - 2014-10-07 02:12 - 00246992 _____ () C:\Users\Dzipak\Downloads\installer_jdownloader_two.exe
2014-10-07 02:12 - 2014-10-07 02:12 - 00002063 _____ () C:\Users\Public\Desktop\Play Free Games.lnk
2014-10-07 02:12 - 2014-10-07 02:12 - 00002063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Free Ride Games.lnk
2014-10-07 02:12 - 2014-10-07 02:12 - 00001164 _____ () C:\Users\Public\Desktop\More FREE games.lnk
2014-10-07 02:12 - 2014-10-07 02:12 - 00000064 _____ () C:\Windows\GPlrLanc.dat
2014-10-07 02:12 - 2014-10-07 02:12 - 00000000 ____D () C:\ProgramData\Free Ride Games
2014-10-07 02:12 - 2013-07-14 09:58 - 00058264 ____N (Exent Technologies Ltd.) C:\Windows\ExentInfo.exe
2014-10-07 02:11 - 2014-10-07 02:11 - 00001342 _____ () C:\Users\Dzipak\Desktop\Continue JewelQuest.lnk
2014-10-07 02:09 - 2014-10-08 16:31 - 00000000 ____D () C:\Program Files (x86)\snipsmart
2014-10-07 02:09 - 2014-10-08 11:49 - 00001340 _____ () C:\Windows\Tasks\MSVGA.job
2014-10-07 02:09 - 2014-10-07 02:11 - 00004380 _____ () C:\Windows\System32\Tasks\MSVGA
2014-10-07 02:08 - 2014-10-08 10:15 - 00001690 _____ () C:\Windows\Tasks\LPHKLPNY.job
2014-10-07 02:08 - 2014-10-07 02:08 - 00004730 _____ () C:\Windows\System32\Tasks\LPHKLPNY
2014-10-07 02:06 - 2014-10-07 02:07 - 00003736 _____ () C:\Windows\System32\Tasks\SMupdate1
2014-10-07 02:06 - 2014-10-07 02:06 - 00003596 _____ () C:\Windows\System32\Tasks\YTDownloader
2014-10-07 02:06 - 2014-10-07 02:06 - 00003586 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-10-07 02:06 - 2014-10-07 02:06 - 00001949 _____ () C:\Users\Dzipak\Desktop\YTDownloader.lnk
2014-10-07 02:06 - 2014-10-07 02:06 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2014-10-07 02:06 - 2014-10-07 02:06 - 00000000 ____D () C:\Program Files (x86)\YTDownloader
2014-10-07 02:05 - 2014-10-08 16:31 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-10-07 02:05 - 2014-10-07 02:05 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-10-07 02:04 - 2014-10-07 02:04 - 00307192 _____ () C:\Users\Dzipak\Downloads\FLVPlayer_downloader-Nfj0Lh7XF.exe
2014-10-07 02:04 - 2014-10-07 02:04 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\CrashRpt
2014-10-07 02:02 - 2014-10-07 02:02 - 00002037 _____ () C:\Users\Dzipak\Desktop\JDownloader.lnk
2014-10-07 02:01 - 2014-10-08 16:31 - 00000000 ____D () C:\Program Files (x86)\SavePass 1.1
2014-10-07 02:01 - 2014-10-07 02:01 - 00002001 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-10-07 02:01 - 2014-10-07 02:01 - 00001945 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
2014-10-07 02:01 - 2014-10-07 02:01 - 00001924 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-10-07 02:00 - 2014-10-07 02:04 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-10-07 01:59 - 2014-10-08 16:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\8826
2014-10-07 01:58 - 2014-10-08 14:54 - 00001340 _____ () C:\Windows\Tasks\UPKIF.job
2014-10-07 01:58 - 2014-10-07 01:58 - 00234704 _____ () C:\Users\Dzipak\Downloads\installer_jdownloader_one.exe
2014-10-07 01:58 - 2014-10-07 01:58 - 00004380 _____ () C:\Windows\System32\Tasks\UPKIF
2014-10-07 01:57 - 2014-10-08 10:51 - 00001690 _____ () C:\Windows\Tasks\LLRKCYNS.job
2014-10-07 01:57 - 2014-10-07 01:58 - 00004730 _____ () C:\Windows\System32\Tasks\LLRKCYNS
2014-10-07 01:57 - 2014-10-07 01:57 - 00000000 ____D () C:\Users\Dzipak\Documents\PCSpeedUp
2014-10-07 01:57 - 2014-10-07 01:57 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\globalUpdate
2014-10-07 01:56 - 2014-10-07 12:42 - 00000000 ____D () C:\Program Files (x86)\Zrychlenie PC
2014-10-07 01:56 - 2014-10-07 12:41 - 00000350 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2014-10-07 01:56 - 2014-10-07 01:56 - 00043259 _____ () C:\Users\Dzipak\Downloads\JD2 DB 10-05-13.zip
2014-10-07 01:56 - 2014-10-07 01:56 - 00002730 _____ () C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator
2014-10-07 01:56 - 2014-10-07 01:56 - 00001062 _____ () C:\Users\Dzipak\Desktop\Zrychlenie PC.lnk
2014-10-07 01:56 - 2014-10-07 01:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychlenie PC
2014-10-07 01:56 - 2014-10-07 01:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-07 01:56 - 2014-10-07 01:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-07 01:55 - 2014-10-07 12:42 - 00000000 ____D () C:\Program Files\PDApp
2014-10-07 01:48 - 2014-10-07 01:48 - 02713191 _____ () C:\Users\Dzipak\Downloads\Uploaded.net downloader v10.6.rar
2014-10-07 01:48 - 2014-10-05 21:37 - 00000000 ____D () C:\Users\Dzipak\Desktop\Uploaded.net downloader v10.6
2014-10-07 01:24 - 2014-10-07 01:25 - 00956160 _____ (Slots Heaven) C:\Users\DzukelDomka\Downloads\SetupCasino_319d65_en.exe
2014-10-07 01:05 - 2014-10-07 01:05 - 00002024 _____ () C:\Users\DzukelDomka\Desktop\888casino.lnk
2014-10-07 01:05 - 2014-10-07 01:05 - 00002024 _____ () C:\Users\Dzipak\Desktop\888casino.lnk
2014-10-07 01:05 - 2014-10-07 01:05 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
2014-10-07 01:05 - 2014-10-07 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888casino
2014-10-07 01:04 - 2014-10-07 01:33 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\CasinoOnNet
2014-10-07 01:04 - 2014-10-07 01:05 - 00000000 ____D () C:\Program Files (x86)\CasinoOnNet
2014-10-06 08:26 - 2014-10-06 08:26 - 00180224 ____N () C:\Windows\SysWOW64\nethtsrv.exe
2014-10-06 08:25 - 2014-10-06 08:25 - 00246784 _____ () C:\Windows\SysWOW64\hfpapi.dll
2014-10-06 08:25 - 2014-10-06 08:25 - 00108544 ____N () C:\Windows\SysWOW64\hfnapi.dll
2014-10-05 12:28 - 2014-10-05 12:28 - 00000000 _____ () C:\Users\DzukelDomka\Desktop\Nový textový dokument (3).txt
2014-10-04 14:57 - 2014-10-04 14:57 - 00000000 _____ () C:\Users\DzukelDomka\Desktop\Nový textový dokument (2).txt
2014-10-01 19:47 - 2014-10-01 20:42 - 729675776 _____ () C:\Users\DzukelDomka\Downloads\Zbesily-utek.avi
2014-10-01 09:12 - 2014-10-01 09:12 - 00162816 ____N () C:\Windows\SysWOW64\netupdsrv.exe
2014-10-01 00:11 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 00:11 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 23:15 - 2014-09-30 23:15 - 00007514 _____ () C:\Users\DzukelDomka\Downloads\08-2014 (5).xlsx
2014-09-30 23:15 - 2014-09-30 23:15 - 00007514 _____ () C:\Users\DzukelDomka\Desktop\08-2014 (5).xlsx
2014-09-30 23:02 - 2014-09-30 23:02 - 00014882 _____ () C:\Users\DzukelDomka\Downloads\08-2014 (4).xlsx
2014-09-30 23:02 - 2014-09-30 23:02 - 00014882 _____ () C:\Users\DzukelDomka\Downloads\08-2014 (3).xlsx
2014-09-30 16:53 - 2014-09-30 16:54 - 12881948 _____ () C:\Users\DzukelDomka\Downloads\foryou2.zip
2014-09-28 22:32 - 2014-09-28 22:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-28 22:16 - 2014-09-28 22:16 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\AVG Secure Search
2014-09-28 22:15 - 2014-10-08 16:31 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\1342
2014-09-28 22:13 - 2014-09-28 22:13 - 03099552 _____ (Blizzard Entertainment) C:\Users\Dzipak\Downloads\Hearthstone-Setup-enGB.exe
2014-09-28 22:08 - 2014-10-08 14:23 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Battle.net
2014-09-28 22:08 - 2014-10-07 14:44 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Battle.net
2014-09-28 22:08 - 2014-09-28 22:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Blizzard Entertainment
2014-09-28 22:02 - 2014-09-28 22:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\M-Audio
2014-09-28 22:02 - 2014-09-28 22:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Deployment
2014-09-28 22:02 - 2014-09-28 22:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Apps\2.0
2014-09-28 21:59 - 2014-09-28 22:02 - 52024662 _____ ( ) C:\Users\Dzipak\Downloads\Download-DriverPack-Solution-13.0.380.exe
2014-09-28 21:50 - 2014-09-28 21:59 - 00008499 _____ () C:\Users\Dzipak\Downloads\DriverEasyOnline.Scan.application
2014-09-28 21:48 - 2013-05-23 05:58 - 19690256 _____ (M-Audio, a division of Avid Technology, Inc.) C:\Users\Dzipak\Desktop\Install_M-Audio_Fast_Track_Pro_6.1.10.exe
2014-09-28 21:29 - 2014-09-28 21:29 - 07686507 _____ () C:\Users\Dzipak\Downloads\Fast_Track_USB_Installer_6_0_6_77176.zip
2014-09-28 21:15 - 2014-09-28 21:15 - 00001114 _____ () C:\Users\Dzipak\Desktop\DriverMax.lnk
2014-09-28 21:15 - 2014-09-28 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2014-09-28 21:11 - 2014-09-28 21:17 - 16465549 _____ () C:\Users\Dzipak\Downloads\Install_M-Audio_Fast_Track_Pro_6.1.10.zip
2014-09-28 21:00 - 2014-09-28 21:00 - 05163533 _____ () C:\Users\Dzipak\Downloads\Komplete_Kontrol_392_PC.zip
2014-09-28 20:58 - 2014-09-28 20:58 - 00000000 ____D () C:\ProgramData\Innovative Solutions
2014-09-28 20:58 - 2011-02-17 11:32 - 00531562 _____ () C:\Users\Dzipak\Desktop\DriverMax57cz.exe
2014-09-28 20:58 - 2011-02-17 10:57 - 00001352 _____ () C:\Users\Dzipak\Desktop\Přečti si!.txt
2014-09-28 20:58 - 2009-06-22 18:46 - 00000087 _____ () C:\Users\Dzipak\Desktop\CestinyCZ.txt
2014-09-28 20:51 - 2014-09-28 20:51 - 41361331 _____ () C:\Users\Dzipak\Downloads\Controller_Editor_170_PC.zip
2014-09-28 20:44 - 2014-09-28 20:44 - 04310989 _____ () C:\Users\Dzipak\Downloads\drivermax-zaloha-a-aktulizace-ovladacu+cz.rar
2014-09-28 20:43 - 2014-10-07 05:44 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\AVG Secure Search
2014-09-28 20:43 - 2014-09-28 20:43 - 00002624 _____ () C:\Windows\System32\Tasks\Open Chrome
2014-09-28 20:43 - 2014-09-28 20:43 - 00000380 _____ () C:\Windows\Tasks\Open Chrome.job
2014-09-28 20:41 - 2014-09-28 20:42 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-09-28 20:41 - 2014-09-28 20:41 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-09-28 20:41 - 2014-09-28 20:41 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-09-28 20:39 - 2014-09-28 20:40 - 09979731 _____ () C:\Users\Dzipak\Downloads\M4E.CoM_DriverMax-7.13-Final_By_M.M.A.E.rar
2014-09-28 20:34 - 2014-09-28 20:42 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Audacity
2014-09-28 20:33 - 2014-09-28 20:33 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-09-28 20:33 - 2014-09-28 20:33 - 00001007 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-09-28 20:32 - 2014-09-28 20:34 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-09-28 20:32 - 2014-09-28 20:32 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Innovative Solutions
2014-09-28 20:32 - 2014-09-28 20:32 - 00000000 ____D () C:\Program Files (x86)\Innovative Solutions
2014-09-28 19:45 - 2014-09-28 19:46 - 05799056 _____ (Innovative Solutions ) C:\Users\Dzipak\Downloads\drivermax_7_40_cnet.exe
2014-09-28 19:37 - 2014-09-28 19:38 - 28492155 _____ () C:\Users\Dzipak\Downloads\audacity (1).exe
2014-09-28 19:36 - 2014-09-28 19:37 - 28496251 _____ () C:\Users\Dzipak\Downloads\audacity.exe
2014-09-28 17:19 - 2014-09-28 17:19 - 05860624 _____ () C:\Users\Dzipak\Downloads\foryou.zip
2014-09-28 16:08 - 2014-09-28 16:08 - 00088304 _____ () C:\Users\Dzipak\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-28 15:16 - 2014-10-01 10:35 - 00000000 ____D () C:\Users\Dzipak\Desktop\GIPSY TYSON CD.25 2013 DJMARIO1
2014-09-28 15:16 - 2011-05-17 19:51 - 00000000 ____D () C:\Users\Dzipak\Desktop\Gipsy Tyson romske mp3
2014-09-28 15:11 - 2014-09-28 15:12 - 29767120 _____ () C:\Users\Dzipak\Downloads\GIPSY TYSON CD.25 2013 DJMARIO1.rar
2014-09-28 15:05 - 2014-09-28 15:12 - 45925725 _____ () C:\Users\Dzipak\Downloads\Gipsy-Tyson-romske-mp3.rar
2014-09-27 15:32 - 2014-09-27 15:32 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\WinRAR
2014-09-27 15:32 - 2014-07-19 18:05 - 00000000 ____D () C:\Users\Dzipak\Desktop\GIPSY AMAX 4-2014
2014-09-27 15:32 - 2014-02-28 08:22 - 00000000 ____D () C:\Users\Dzipak\Desktop\GIPSY AMAX 2014 DONCASTER
2014-09-27 15:02 - 2014-09-27 15:13 - 63706536 _____ () C:\Users\Dzipak\Downloads\GIPSY-AMAX-4-2014.rar
2014-09-27 14:57 - 2014-09-27 15:01 - 28591087 _____ () C:\Users\Dzipak\Downloads\GIPSY-AMAX-2014-DONCASTER.rar
2014-09-27 14:42 - 2014-09-27 14:42 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Apple Computer
2014-09-27 06:12 - 2014-09-27 06:12 - 00000003 _____ () C:\Users\Dzipak\stut
2014-09-27 06:11 - 2014-09-28 22:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\NVIDIA
2014-09-27 06:10 - 2014-10-07 12:44 - 00000000 _____ () C:\Users\Dzipak\rgut
2014-09-27 06:10 - 2014-09-27 06:10 - 00000000 __SHD () C:\Users\Dzipak\AppData\Local\EmieUserList
2014-09-27 06:10 - 2014-09-27 06:10 - 00000000 __SHD () C:\Users\Dzipak\AppData\Local\EmieSiteList
2014-09-27 06:09 - 2014-10-07 15:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Adobe
2014-09-27 06:09 - 2014-09-27 14:42 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Apple Computer
2014-09-27 06:09 - 2014-09-27 06:09 - 00001413 _____ () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-27 06:09 - 2014-09-27 06:09 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Razer
2014-09-27 06:09 - 2014-09-27 06:09 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Google
2014-09-27 06:08 - 2014-09-28 21:13 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\VirtualStore
2014-09-27 06:08 - 2014-09-27 06:12 - 00000000 ____D () C:\Users\Dzipak
2014-09-27 06:08 - 2014-09-27 06:10 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\NVIDIA Corporation
2014-09-27 06:08 - 2014-09-27 06:08 - 00000020 ___SH () C:\Users\Dzipak\ntuser.ini
2014-09-27 06:08 - 2014-09-27 06:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\NVIDIA
2014-09-27 06:08 - 2014-07-07 12:29 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Macromedia
2014-09-27 06:08 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-27 06:08 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-26 09:37 - 2014-09-26 09:37 - 00000687 _____ () C:\awhF2DB.tmp
2014-09-24 11:36 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 11:36 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 17:16 - 2014-09-23 18:02 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\Apple Computer
2014-09-23 17:16 - 2014-09-23 17:16 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-23 17:16 - 2014-09-23 17:16 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\Apple Computer
2014-09-23 17:16 - 2014-09-23 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-23 17:15 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-09-23 17:14 - 2014-09-23 17:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-23 17:14 - 2014-09-23 17:15 - 00000000 ____D () C:\Program Files\iTunes
2014-09-23 17:14 - 2014-09-23 17:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-23 17:14 - 2014-09-23 17:14 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-23 17:14 - 2014-09-23 17:14 - 00000000 ____D () C:\Program Files\iPod
2014-09-23 17:12 - 2014-09-23 17:14 - 111264592 _____ (Apple Inc.) C:\Users\DzukelDomka\Downloads\iTunesSetup.exe
2014-09-22 12:11 - 2014-09-22 12:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-22 12:11 - 2014-09-13 22:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-09-22 12:07 - 2014-09-17 06:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-22 12:07 - 2014-09-17 06:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-22 12:07 - 2014-09-14 01:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-22 11:53 - 2014-09-04 21:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-22 11:53 - 2014-09-04 21:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-22 11:27 - 2014-09-22 11:27 - 00000687 _____ () C:\awh8C3F.tmp
2014-09-21 00:45 - 2014-09-21 00:45 - 00000687 _____ () C:\awhD8B4.tmp
2014-09-18 00:13 - 2014-09-18 00:13 - 00694938 _____ () C:\Users\DzukelDomka\Downloads\Fb_Emoji.apk
2014-09-16 03:55 - 2014-09-16 03:55 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prompt Downloader
2014-09-16 03:55 - 2014-09-16 03:55 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\Prompt Downloader
2014-09-16 03:55 - 2014-09-16 03:55 - 00000000 ____D () C:\Program Files (x86)\Prompt Downloader
2014-09-16 03:47 - 2014-10-08 16:31 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\2990
2014-09-16 03:46 - 2014-10-08 16:31 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-16 03:46 - 2014-10-08 16:31 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-16 03:46 - 2014-10-08 16:31 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-16 03:46 - 2014-10-08 16:31 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-16 03:46 - 2014-10-02 10:13 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\vlc
2014-09-16 03:46 - 2014-09-16 03:46 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\globalUpdate
2014-09-16 03:12 - 2014-09-16 03:18 - 00299024 _____ () C:\Users\DzukelDomka\Downloads\FLVPlayer_downloader-N6UvHWHWF.exe
2014-09-16 03:12 - 2014-09-16 03:12 - 00298984 _____ () C:\Users\DzukelDomka\Downloads\FLVPlayer_downloader-Na2mHHycP.exe
2014-09-16 02:27 - 2014-09-16 02:27 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-16 02:27 - 2014-09-16 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-16 02:27 - 2014-09-16 02:27 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-16 01:14 - 2014-09-16 01:14 - 14376291 _____ () C:\Users\DzukelDomka\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-09-16 01:13 - 2014-09-16 01:31 - 625216324 _____ () C:\Users\DzukelDomka\Desktop\Dědictví aneb KURVA se neříká.avi
2014-09-16 01:10 - 2014-09-16 01:11 - 00000000 ____D () C:\Program Files (x86)\Xvid
2014-09-16 01:10 - 2014-09-16 01:10 - 11340424 _____ (Xvid Team) C:\Users\DzukelDomka\Downloads\Xvid-1.3.3-20140407.exe
2014-09-16 01:10 - 2014-09-16 01:10 - 02209528 _____ () C:\Users\DzukelDomka\Downloads\VirtualDub-1.10.4-AMD64.zip
2014-09-16 01:10 - 2014-09-16 01:10 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\plugins64
2014-09-16 01:10 - 2014-09-16 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-09-16 01:10 - 2014-04-08 22:51 - 00706048 _____ () C:\Windows\system32\xvidcore.dll
2014-09-16 01:10 - 2014-04-08 22:51 - 00251392 _____ () C:\Windows\system32\xvidvfw.dll
2014-09-16 01:10 - 2014-04-08 22:51 - 00169984 _____ () C:\Windows\system32\xvid.ax
2014-09-16 01:10 - 2014-04-08 22:50 - 00632320 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-09-16 01:10 - 2014-04-08 22:50 - 00235520 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-09-16 01:10 - 2014-04-08 22:50 - 00147456 _____ () C:\Windows\SysWOW64\xvid.ax
2014-09-16 01:10 - 2013-10-27 17:01 - 00254669 _____ () C:\Users\DzukelDomka\Desktop\VirtualDub.chm
2014-09-16 01:10 - 2013-10-27 17:00 - 04261888 _____ () C:\Users\DzukelDomka\Desktop\Veedub64.exe
2014-09-16 01:10 - 2013-10-27 17:00 - 00332158 _____ () C:\Users\DzukelDomka\Desktop\Veedub64.vdi
2014-09-16 01:10 - 2013-10-27 16:59 - 00072704 _____ ( ) C:\Users\DzukelDomka\Desktop\vdremote64.dll
2014-09-16 01:10 - 2013-10-27 16:59 - 00057856 _____ ( ) C:\Users\DzukelDomka\Desktop\vdsvrlnk64.dll
2014-09-16 01:10 - 2013-10-27 16:59 - 00009728 _____ ( ) C:\Users\DzukelDomka\Desktop\vdub64.exe
2014-09-16 01:10 - 2013-10-27 16:59 - 00004096 _____ () C:\Users\DzukelDomka\Desktop\vdlaunch64.exe
2014-09-16 01:10 - 2013-10-27 16:21 - 00001296 _____ () C:\Users\DzukelDomka\Desktop\frameserver64.reg
2014-09-15 15:36 - 2014-09-15 15:36 - 00380619 _____ () C:\Users\DzukelDomka\Downloads\inventurni_tabulka_sk-1 (1).xlsx
2014-09-15 15:25 - 2014-09-15 15:25 - 00380322 _____ () C:\Users\DzukelDomka\Downloads\inventurni_tabulka_sk-1.xlsx
2014-09-12 15:32 - 2014-09-27 14:42 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\GIPSY MEKENZI 27-2014
2014-09-12 15:24 - 2013-12-15 14:37 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\GIPSY MEKENZI 26-2013
2014-09-12 15:22 - 2014-09-12 15:25 - 47021685 _____ () C:\Users\DzukelDomka\Downloads\GIPSY-MEKENZI-27-2014.rar
2014-09-12 15:21 - 2014-09-12 15:22 - 39119074 _____ () C:\Users\DzukelDomka\Downloads\GIPSY MEKENZI 26-2013 Radio-Lucka.rar
2014-09-12 03:17 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 03:17 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 03:17 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 03:17 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 03:17 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 03:17 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 03:17 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 03:17 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 03:17 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 03:17 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 03:17 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 03:17 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 03:17 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 03:17 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 03:17 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 03:17 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 03:17 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 03:17 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 03:17 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 03:17 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 03:17 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 03:17 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 03:17 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 03:17 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 03:17 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 03:17 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 03:17 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 03:17 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 03:17 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 03:17 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 03:17 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 03:17 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 03:17 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 03:17 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 03:17 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 03:17 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 03:17 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 03:17 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 03:17 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 03:17 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 03:17 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 03:17 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 03:17 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 03:17 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 03:17 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 03:17 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 03:17 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 03:17 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 03:17 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 03:17 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 03:17 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 03:17 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 03:17 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 03:17 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 03:17 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 03:17 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 03:04 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 03:04 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 03:00 - 2014-10-03 21:28 - 00001364 _____ () C:\Users\DzukelDomka\Desktop\Norton Installation Files.lnk
2014-09-12 03:00 - 2014-09-12 03:00 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-09-11 06:46 - 2014-09-11 07:49 - 1013174272 _____ () C:\Users\DzukelDomka\Downloads\Dědictví aneb KURVA se neříká.avi
2014-09-11 06:40 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 06:40 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 06:40 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 06:40 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 06:39 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 06:39 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 06:39 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 06:39 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 06:39 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 16:48 - 2014-07-22 22:43 - 00000952 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job
2014-10-08 16:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-08 16:31 - 2014-07-07 09:48 - 00000000 ____D () C:\Program Files (x86)\Windows 7 ultimate - aktivace - 100% funkn
2014-10-08 16:31 - 2009-07-14 04:34 - 00000518 _____ () C:\Windows\win.ini
2014-10-08 16:25 - 2014-07-07 12:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-08 15:49 - 2014-07-07 09:44 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-08 14:46 - 2014-07-07 08:46 - 01057109 _____ () C:\Windows\WindowsUpdate.log
2014-10-08 13:46 - 2009-07-14 06:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-08 13:46 - 2009-07-14 06:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-08 13:36 - 2014-07-24 15:59 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-08 11:58 - 2014-08-11 14:38 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\Shindy - 2013 NWA 2.0
2014-10-08 11:55 - 2014-08-11 14:31 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\Bushido - 2014 Sonny Black (+Bonusové Tracky z Box-setu)
2014-10-08 09:49 - 2014-07-07 09:44 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-08 01:29 - 2014-08-24 06:56 - 00000464 ____H () C:\Windows\Tasks\Norton Security Scan for DzukelDomka.job
2014-10-07 22:48 - 2014-07-22 22:43 - 00000930 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job
2014-10-07 12:42 - 2009-07-14 06:51 - 00087404 _____ () C:\Windows\setupact.log
2014-10-07 12:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-07 12:40 - 2014-07-07 12:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-07 12:40 - 2014-07-07 10:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-07 12:40 - 2014-07-07 09:53 - 00237822 _____ () C:\Windows\PFRO.log
2014-10-07 02:12 - 2014-07-07 10:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-07 02:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-07 02:00 - 2009-07-14 04:34 - 00000256 _____ () C:\Windows\system.ini
2014-10-07 01:42 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-07 01:05 - 2014-07-07 09:40 - 00000000 ____D () C:\Users\DzukelDomka
2014-10-06 15:14 - 2014-07-24 15:59 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\Battle.net
2014-10-04 10:26 - 2014-08-24 06:56 - 00000000 ____D () C:\ProgramData\Norton
2014-09-28 22:16 - 2014-07-07 11:27 - 00000330 _____ () C:\Users\DzukelDomka\rgut
2014-09-28 21:25 - 2009-07-14 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-28 17:21 - 2014-08-31 16:13 - 00000384 _____ () C:\Windows\ODBC.INI
2014-09-27 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 15:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-26 16:36 - 2009-07-14 07:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-25 03:06 - 2014-07-07 09:45 - 00002387 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 03:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-09-25 03:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-24 18:33 - 2014-07-07 12:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 18:33 - 2014-07-07 12:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 18:33 - 2014-07-07 12:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 10:53 - 2014-07-24 16:08 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-22 12:11 - 2014-07-07 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-22 12:11 - 2014-07-07 10:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-22 11:54 - 2014-07-07 10:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-21 14:54 - 2014-08-19 19:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 06:51 - 2014-07-07 10:22 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-17 04:13 - 2014-07-23 19:12 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-09-17 04:13 - 2014-07-07 11:56 - 02193560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-17 04:12 - 2014-07-23 19:12 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-09-17 04:12 - 2014-07-07 11:56 - 02799784 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-16 03:45 - 2014-07-07 12:17 - 00001351 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-16 03:45 - 2014-07-07 12:17 - 00001339 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-16 03:45 - 2014-07-07 09:40 - 00001617 _____ () C:\Users\DzukelDomka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-15 15:38 - 2014-08-22 19:42 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\lol
2014-09-15 09:06 - 2014-07-07 09:02 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 01:48 - 2014-08-03 12:02 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-14 01:48 - 2014-07-07 10:33 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-09-14 01:48 - 2014-07-07 10:33 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 00984424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 00026956 _____ () C:\Windows\system32\nvinfo.pb
2014-09-13 23:53 - 2014-07-07 10:33 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-13 23:53 - 2014-07-07 10:33 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-13 23:53 - 2014-07-07 10:33 - 02557640 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-09-13 23:53 - 2014-07-07 10:33 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-13 23:53 - 2014-07-07 10:33 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-13 23:53 - 2014-07-07 10:33 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-12 03:13 - 2014-07-07 10:31 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 17:37 - 2014-07-07 10:33 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-11 06:29 - 2014-07-07 09:44 - 00088304 _____ () C:\Users\DzukelDomka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-11 06:28 - 2009-07-14 06:45 - 00354592 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Dzipak\AppData\Local\Temp\proxy_vole6621517271104180865.dll
C:\Users\DzukelDomka\AppData\Local\Temp\downloader.dll
C:\Users\DzukelDomka\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\DzukelDomka\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\DzukelDomka\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\DzukelDomka\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\DzukelDomka\AppData\Local\Temp\nvStInst.exe
C:\Users\DzukelDomka\AppData\Local\Temp\setup64.exe
C:\Users\DzukelDomka\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LLRKCYNS.job => C:\Users\Dzipak\AppData\Roaming\LLRKCYNS.exe
Task: C:\Windows\Tasks\LPHKLPNY.job => C:\Users\Dzipak\AppData\Roaming\LPHKLPNY.exe
Task: C:\Windows\Tasks\MSVGA.job => C:\Users\Dzipak\AppData\Roaming\MSVGA.exe
Task: C:\Windows\Tasks\Norton Security Scan for DzukelDomka.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe
Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\Zrychlenie PC\PCSUSD.exe
Task: C:\Windows\Tasks\UPKIF.job => C:\Users\Dzipak\AppData\Roaming\UPKIF.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Dzipak\Desktop" je 209 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications    REG_DWORD    0x1
    EnableFirewall    REG_DWORD    0x0
    DoNotAllowExceptions    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
Přílohy
Addition.rar
(6.46 KiB) Staženo 73 x
Nahoru
DZIPAK
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 08 říj 2014 15:35

Re: Virus 100% vyuz. processora

#2 Příspěvek od DZIPAK »

RSIT:

Kód: Vybrat vše

Logfile of random's system information tool 1.08 (written by random/random)
Run by Dzipak at 2014-10-08 16:55:25
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 2 GB (0%) free of 400 GB
Total RAM: 4077 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:55:43, on 8. 10. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe
C:\Windows\SysWOW64\WScript.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
C:\Windows\SysWOW64\WScript.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Dzipak\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\SysWOW64\lcpmncqtvey.exe
C:\Windows\SysWOW64\lcpmncnaqa.exe
C:\Program Files (x86)\YTDownloader\DownloadHelper.exe
C:\Program Files (x86)\YTDownloader\DownloadHelper.exe
C:\Program Files (x86)\YTDownloader\DownloadHelper.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\snipsmart\bin\snipsmart.BrowserAdapter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dzipak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1410831952&from=amt&uid=ST31000524AS_9VPCLXF3XXXX9VPCLXF3&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mncrnrmSrv] C:\Windows\inf\mncrnrm.vbe
O4 - HKLM\..\Run: [mncqtveySrv] C:\Windows\system32\mncqtvey.vbe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
O4 - HKLM\..\Run: [mncnaqaSrv] C:\Windows\system32\mncnaqa.vbe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Dzipak\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Dzipak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe"  -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-714635507-2199221034-3097845752-1001\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'DzukelDomka')
O4 - HKUS\S-1-5-21-714635507-2199221034-3097845752-1001\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychlenie PC\PCSUNotifier.exe (User 'DzukelDomka')
O4 - HKUS\S-1-5-21-714635507-2199221034-3097845752-1001\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot (User 'DzukelDomka')
O4 - HKUS\S-1-5-21-714635507-2199221034-3097845752-1001\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup (User 'DzukelDomka')
O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - 
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Fast Track Pro Audio Device Monitor (FastTrackProAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files\PDApp\StartHelp.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13136 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe"
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
"C:\Program Files (x86)\SupTab\Loader64.exe" 
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\SysWOW64\nethtsrv.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 95883ba1-4940-4f5e-8867-8c45466c66a9 1
\??\C:\Windows\system32\conhost.exe "136288935917655491191874510785-3982861171618424774-8477395631982788279-1779055597
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-87108168176666483720841296-859359631692516712-18740730494942205531529319494
\??\C:\Windows\system32\conhost.exe "1789194829-87915919718924014284641035-59929282019146395062055290935-1211365147
"C:\Program Files\PDApp\pcgen.exe"  -a X11 -o stratum+tcp://"ec2-54-179-192-205.ap-southeast-1.compute.amazonaws.com:3872" -R 5 
"C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe"
C:\Windows\SysWOW64\netupdsrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-489978282-1258414428-1159313024205704281713703684131727663113-19545859671330380294
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0d023a90-159c-4225-9d3e-1fde10574444 -SystemEventPortName:HostProcess-2fb93515-548c-4906-9a96-6ab78659592f -IoCancelEventPortName:HostProcess-3a01018f-5d62-46f6-966a-0fd6164d6d85 -NonStateChangingEventPortName:HostProcess-3188a7aa-1272-46d3-a6eb-7c6f6e6a2aaa -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:188d05d6-8af0-4c26-a983-6ef5e4a1f8c9 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe" 
"C:\Windows\System32\WScript.exe" "C:\Windows\System32\mncqtvey.vbe" 
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" 
"C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe" 
"C:\Windows\System32\WScript.exe" "C:\Windows\System32\mncnaqa.vbe" 
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\iTunes\iTunesHelper.exe" 
szndesktop.exe default start
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\lcpmncqtvey.exe"  --threads=2
\??\C:\Windows\system32\conhost.exe "11553240192004830585-200068377415104133711264421134419481217-1414553452-1373383342
"C:\Windows\system32\lcpmncnaqa.exe"  --threads=2
\??\C:\Windows\system32\conhost.exe "-184935844817614008251923056764-682546254-280949027-43800025369064151809076944
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\snipsmart\bin\utilsnipsmart.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\snipsmart\updatesnipsmart.exe"
"C:\Windows\explorer.exe" 
DownloadHelper.exe -pid 186932 -size 0 MB  -sizeBytes 916555 -type video/x-flv -url http://cdn.ads.moviebox.com/brazzers/728x90/dani-1080-4.flv -cookie  -referer  -host cdn.ads.moviebox.com -useragent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 -resolution  -protocol http
"C:\Program Files (x86)\snipsmart\bin\snipsmart.PurBrowse64.exe"  /l false /s false /c "snipsmart" /t "C:\Program Files (x86)\snipsmart\bin\TEMP" /i "http://apisnipsmartinfo-a.akamaihd.net/gsrs?is=ob100ppSK&bp=PBG&g=00000000-0000-0000-0000-000000000000" /d {6ccfd995-07be-49cf-8ad6-1422dc08761a}Gw64 /p 22eabe29-4553-4aec-ba4c-266f680bccab:chrome /h cdn.sharedaddomain.com,cdn.sharedaddomain2.com 0 3 "C:\Program Files (x86)\snipsmart\bin\bau" true
\??\C:\Windows\system32\conhost.exe "-774786353-366720623-15942305608763478251157278191973362781719605144-274756990
DownloadHelper.exe -pid 188040 -size ~13MB -sizeBytes 14289696 -type video/mp4 -url http://r4---sn-nav853-cunl.googlevideo.com/videoplayback?sver=3&ipbits=0&ratebypass=yes&expire=1412779747&initcwndbps=1077500&fexp=902543%2C906335%2C907257%2C916941%2C927622%2C930666%2C930671%2C930813%2C931983%2C932404%2C934030%2C935660%2C946023%2C947209%2C952302%2C953801&source=youtube&upn=_YcCDE9DrA0&gcr=sk&id=o-AMu1WGzVWWNsf_2sFh1F2-XtTxJUjtBa2pd6Z-S5ovLX&key=yt5&mm=31&itag=18&ip=78.98.95.222&mime=video%2Fmp4&ms=au&mt=1412758104&mv=m&sparams=gcr%2Cid%2Cinitcwndbps%2Cip%2Cipbits%2Citag%2Cmime%2Cmm%2Cms%2Cmv%2Cratebypass%2Csource%2Cupn%2Cexpire&signature=BBC9A706F4133840BF0CE4E672FFD59222.847A928EB8386924515E0B2D92CE2F59485F62484 -cookie  -referer  -host  -useragent  -resolution  -protocol http
"C:\Windows\system32\wuauclt.exe"
taskeng.exe {809FCA68-D433-47F7-9E74-6C4A4967D90F}
"C:\Program Files (x86)\SavePass 1.1\58424070-d40e-4268-a04a-39d8220eb788.exe" /agentregpath='SavePass 1.1' /appid=63429 /srcid='001504' /subid='0' /zdata='149033391' /bic=3CA42727949E4D40A113A945FEA63E8AIE /verifier=5aa136c605674b53647a19732a528d90 /installerversion=1_35_09_29 /installationtime=1412640079 /statsdomain=http://stats.newdemoonlinecloud.com /errorsdomain=http://errors.newdemoonlinecloud.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newdemoonlinecloud.com /runfrom='task' /externallog=''
DownloadHelper.exe -pid 190160 -size 447 -sizeBytes 469713298 -type video/mp4 -url http://vs21.exashare.com:8777/ycx2dcgv7um56odwt3c6lhxv5errxhul7abyzakawhnmao6xyrbgync6rgsq/v.mp4 -cookie _gat=1; _ga=GA1.2.961234609.1411813693 -referer http://exashare.com/embed-pr694c2ns2xk-640x380.html -host vs21.exashare.com:8777 -ads  -useragent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 -protocol http
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"taskhost.exe"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1410831952&from=amt&uid=ST31000524AS_9VPCLXF3XXXX9VPCLXF3
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="244680.0.1326525667\522792153" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,44 --gpu-vendor-id=0x10de --gpu-device-id=0x1245 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4411 --ignored=" --type=renderer " /prefetch:822062411
 /c 22eabe29-4553-4aec-ba4c-266f680bccab /i ff9368a5-a440-4ba8-9b78-dea4ae250302 /f a624b1a2-1018-4990-b910-d84787497bcf /z "n=snipsmart&is=&dpt=20"
 /c 22eabe29-4553-4aec-ba4c-266f680bccab /i ff9368a5-a440-4ba8-9b78-dea4ae250302 /f a624b1a2-1018-4990-b910-d84787497bcf /z "n=snipsmart&is=&dpt=20"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="244680.7.1793493913\497748675" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="244680.14.1740578941\363913900" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="244680.15.940534923\1940791718" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="244680.17.2035894076\461138522" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe49_ Global\UsGthrCtrlFltPipeMssGthrPipe49 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 
"C:\Users\Dzipak\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\LLRKCYNS.job
C:\Windows\tasks\LPHKLPNY.job
C:\Windows\tasks\MSVGA.job
C:\Windows\tasks\Norton Security Scan for DzukelDomka.job
C:\Windows\tasks\Open Chrome.job
C:\Windows\tasks\UPKIF.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-07 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-07 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-07-07 7203032]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-17 2799784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"= []
"DriverMax_RESTART"= []
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2014-08-25 1988968]
"Exetender"=C:\Program Files (x86)\Free Ride Games\GPlayer.exe [2014-09-07 4993920]
"cz.seznam.software.autoupdate"=C:\Users\Dzipak\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Dzipak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mncrnrmSrv"=C:\Windows\inf\mncrnrm.vbe [2014-01-13 1338]
"mncqtveySrv"=C:\Windows\system32\mncqtvey.vbe []
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"ASUS Ai Charger"=C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [2011-09-27 465536]
"mncnaqaSrv"=C:\Windows\system32\mncnaqa.vbe []
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-06-23 585560]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-09-28 2640408]
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2014-08-25 1988968]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2014-05-12 54072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-10-08 16:55:26 ----D---- C:\Program Files\trend micro
2014-10-08 16:55:25 ----D---- C:\rsit
2014-10-08 16:46:44 ----D---- C:\FRST
2014-10-08 16:32:45 ----A---- C:\Windows\system32\drivers\foyhncjs.sys
2014-10-08 16:31:12 ----A---- C:\fbmptn.exe
2014-10-08 16:02:54 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-10-08 16:01:56 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-10-08 16:01:56 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-10-08 16:01:56 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-10-08 16:01:55 ----D---- C:\ProgramData\Malwarebytes
2014-10-08 16:01:55 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-07 18:52:37 ----D---- C:\Users\Dzipak\AppData\Roaming\eCyber
2014-10-07 12:47:51 ----A---- C:\awhC1D8.tmp
2014-10-07 09:29:08 ----A---- C:\awh3600.tmp
2014-10-07 06:10:01 ----D---- C:\Users\Dzipak\AppData\Roaming\Mozilla
2014-10-07 02:42:34 ----D---- C:\Program Files (x86)\Seznam.cz
2014-10-07 02:41:31 ----D---- C:\Users\Dzipak\AppData\Roaming\Seznam.cz
2014-10-07 02:12:21 ----D---- C:\Remote Programs
2014-10-07 02:12:17 ----D---- C:\ProgramData\Free Ride Games
2014-10-07 02:12:03 ----N---- C:\Windows\ExentInfo.exe
2014-10-07 02:12:01 ----D---- C:\Program Files (x86)\Free Ride Games
2014-10-07 02:09:30 ----D---- C:\Program Files (x86)\snipsmart
2014-10-07 02:06:13 ----D---- C:\Program Files (x86)\YTDownloader
2014-10-07 02:05:01 ----D---- C:\Program Files (x86)\ShopperPro
2014-10-07 02:01:27 ----D---- C:\Program Files (x86)\SavePass 1.1
2014-10-07 02:00:25 ----D---- C:\Program Files (x86)\JDownloader
2014-10-07 01:56:26 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-07 01:55:49 ----D---- C:\Program Files\PDApp
2014-10-07 01:04:50 ----D---- C:\Program Files (x86)\CasinoOnNet
2014-10-06 08:26:32 ----N---- C:\Windows\SYSWOW64\nethtsrv.exe
2014-10-06 08:25:26 ----N---- C:\Windows\SYSWOW64\hfnapi.dll
2014-10-06 08:25:14 ----A---- C:\Windows\SYSWOW64\hfpapi.dll
2014-10-01 09:12:20 ----N---- C:\Windows\SYSWOW64\netupdsrv.exe
2014-10-01 00:11:42 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 00:11:42 ----A---- C:\Windows\system32\qdvd.dll
2014-09-28 22:32:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-28 22:08:04 ----D---- C:\Users\Dzipak\AppData\Roaming\Battle.net
2014-09-28 20:58:38 ----D---- C:\ProgramData\Innovative Solutions
2014-09-28 20:41:55 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-09-28 20:41:46 ----D---- C:\ProgramData\AVG Secure Search
2014-09-28 20:41:45 ----D---- C:\Program Files (x86)\AVG Secure Search
2014-09-28 20:41:11 ----HD---- C:\ProgramData\Common Files
2014-09-28 20:34:03 ----D---- C:\Users\Dzipak\AppData\Roaming\Audacity
2014-09-28 20:32:59 ----D---- C:\Program Files (x86)\Audacity
2014-09-28 20:32:34 ----D---- C:\Program Files (x86)\Innovative Solutions
2014-09-27 15:32:04 ----D---- C:\Users\Dzipak\AppData\Roaming\WinRAR
2014-09-27 06:11:56 ----D---- C:\Users\Dzipak\AppData\Roaming\NVIDIA
2014-09-27 06:09:27 ----D---- C:\Users\Dzipak\AppData\Roaming\Apple Computer
2014-09-27 06:09:17 ----D---- C:\Users\Dzipak\AppData\Roaming\Adobe
2014-09-27 06:09:02 ----D---- C:\Users\Dzipak\AppData\Roaming\Identities
2014-09-27 06:08:51 ----SD---- C:\Users\Dzipak\AppData\Roaming\Microsoft
2014-09-27 06:08:51 ----D---- C:\Users\Dzipak\AppData\Roaming\Media Center Programs
2014-09-27 06:08:51 ----D---- C:\Users\Dzipak\AppData\Roaming\Macromedia
2014-09-26 09:37:22 ----A---- C:\awhF2DB.tmp
2014-09-24 11:36:57 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 11:36:57 ----A---- C:\Windows\system32\tzres.dll
2014-09-23 17:15:55 ----DC---- C:\Windows\system32\DRVSTORE
2014-09-23 17:15:55 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2014-09-23 17:14:45 ----D---- C:\ProgramData\Apple Computer
2014-09-23 17:14:45 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-23 17:14:45 ----D---- C:\Program Files\iTunes
2014-09-23 17:14:45 ----D---- C:\Program Files\iPod
2014-09-23 17:14:45 ----D---- C:\Program Files (x86)\iTunes
2014-09-22 12:11:38 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-09-22 12:11:03 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-09-22 12:07:43 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvopencl.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvoglv64.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvinitx.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\NvIFR64.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvhdap64.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\NvFBC64.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvdispgenco6434411.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvdispco6434411.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvcuvid.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvcuda.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\nvcompiler.dll
2014-09-22 12:07:43 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-09-22 12:07:43 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-09-22 11:53:01 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-09-22 11:53:01 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-09-22 11:27:44 ----A---- C:\awh8C3F.tmp
2014-09-21 00:45:40 ----A---- C:\awhD8B4.tmp
2014-09-16 03:55:04 ----D---- C:\Program Files (x86)\Prompt Downloader
2014-09-16 03:46:52 ----D---- C:\Program Files (x86)\globalUpdate
2014-09-16 03:46:29 ----D---- C:\ProgramData\IePluginServices
2014-09-16 03:46:23 ----D---- C:\ProgramData\WindowsMangerProtect
2014-09-16 03:46:21 ----D---- C:\Program Files (x86)\SupTab
2014-09-16 02:27:27 ----D---- C:\Program Files (x86)\VideoLAN
2014-09-16 01:10:51 ----A---- C:\Windows\system32\xvidvfw.dll
2014-09-16 01:10:51 ----A---- C:\Windows\system32\xvidcore.dll
2014-09-16 01:10:50 ----D---- C:\Program Files (x86)\Xvid
2014-09-16 01:10:50 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-09-16 01:10:50 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2014-09-12 03:17:46 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-12 03:17:46 ----A---- C:\Windows\system32\ieui.dll
2014-09-12 03:17:42 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-12 03:17:42 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-12 03:17:42 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-12 03:17:42 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 03:17:42 ----A---- C:\Windows\system32\iernonce.dll
2014-09-12 03:17:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 03:17:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-12 03:17:41 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-12 03:17:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-12 03:17:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-12 03:17:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-12 03:17:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-12 03:17:41 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-12 03:17:41 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-12 03:17:41 ----A---- C:\Windows\system32\vbscript.dll
2014-09-12 03:17:41 ----A---- C:\Windows\system32\msrating.dll
2014-09-12 03:17:41 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-12 03:17:41 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-12 03:17:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-12 03:17:41 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-12 03:17:41 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-12 03:17:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-12 03:17:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-12 03:17:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-12 03:17:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-12 03:17:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-12 03:17:40 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-12 03:17:40 ----A---- C:\Windows\system32\iesetup.dll
2014-09-12 03:17:40 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-12 03:17:40 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-12 03:17:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-12 03:17:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-12 03:17:39 ----A---- C:\Windows\system32\mshtml.dll
2014-09-12 03:17:39 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-12 03:17:38 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-12 03:17:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 03:17:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-12 03:17:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-12 03:17:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-12 03:17:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-12 03:17:32 ----A---- C:\Windows\system32\iertutil.dll
2014-09-12 03:17:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-12 03:17:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-12 03:17:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-12 03:17:31 ----A---- C:\Windows\system32\wininet.dll
2014-09-12 03:17:31 ----A---- C:\Windows\system32\urlmon.dll
2014-09-12 03:17:31 ----A---- C:\Windows\system32\jscript9.dll
2014-09-12 03:17:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-12 03:17:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-12 03:17:29 ----A---- C:\Windows\system32\ieframe.dll
2014-09-12 03:04:30 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-12 03:04:30 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 06:40:53 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-11 06:40:52 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-11 06:40:15 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-11 06:40:14 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-11 06:39:45 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-11 06:39:45 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-11 06:39:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-11 06:39:45 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-11 06:39:45 ----A---- C:\Windows\system32\kerberos.dll

======List of files/folders modified in the last 1 months======

2014-10-08 16:55:30 ----D---- C:\Windows\Temp
2014-10-08 16:55:26 ----RD---- C:\Program Files
2014-10-08 16:53:24 ----RD---- C:\Program Files (x86)
2014-10-08 16:53:10 ----D---- C:\Windows\Tasks
2014-10-08 16:49:22 ----D---- C:\Windows
2014-10-08 16:33:22 ----A---- C:\Windows\system32\RzMaelstromVADAudioDeviceManager_log.txt
2014-10-08 16:32:45 ----D---- C:\Windows\system32\drivers
2014-10-08 16:32:45 ----D---- C:\Windows\LiveKernelReports
2014-10-08 16:32:00 ----HD---- C:\ProgramData
2014-10-08 16:31:36 ----A---- C:\Windows\win.ini
2014-10-08 16:31:31 ----D---- C:\Program Files (x86)\Common Files
2014-10-08 16:31:11 ----D---- C:\Windows\SysWOW64
2014-10-08 16:31:11 ----D---- C:\Windows\system32\Tasks
2014-10-08 16:31:11 ----D---- C:\Windows\inf
2014-10-08 16:31:10 ----D---- C:\Program Files (x86)\Windows 7 ultimate - aktivace - 100% funkn
2014-10-08 13:52:43 ----D---- C:\Windows\system32\config
2014-10-08 13:36:49 ----D---- C:\Program Files (x86)\Battle.net
2014-10-08 12:56:22 ----D---- C:\Windows\Prefetch
2014-10-07 20:11:41 ----SHD---- C:\System Volume Information
2014-10-07 12:45:46 ----A---- C:\Windows\SYSWOW64\log.txt
2014-10-07 12:40:58 ----D---- C:\ProgramData\NVIDIA
2014-10-07 12:40:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-07 02:44:05 ----SHD---- C:\Windows\Installer
2014-10-07 02:44:05 ----SHD---- C:\Config.Msi
2014-10-07 02:12:17 ----D---- C:\Windows\Downloaded Program Files
2014-10-07 02:12:01 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-07 02:06:33 ----D---- C:\Program Files\Common Files\System
2014-10-07 02:00:00 ----A---- C:\Windows\system.ini
2014-10-07 01:56:51 ----SD---- C:\ProgramData\Microsoft
2014-10-04 10:26:25 ----D---- C:\ProgramData\Norton
2014-10-04 10:26:22 ----D---- C:\Program Files (x86)\NortonInstaller
2014-10-01 03:00:34 ----D---- C:\Windows\System32
2014-10-01 03:00:31 ----D---- C:\Windows\winsxs
2014-10-01 00:10:42 ----D---- C:\Windows\system32\catroot
2014-09-28 17:21:05 ----A---- C:\Windows\ODBC.INI
2014-09-27 17:02:20 ----D---- C:\Windows\rescache
2014-09-27 06:09:00 ----SHD---- C:\$Recycle.Bin
2014-09-27 06:08:51 ----RD---- C:\Users
2014-09-26 16:36:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-25 03:01:18 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-09-25 03:01:18 ----D---- C:\Windows\system32\sk-SK
2014-09-24 18:33:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-24 11:35:33 ----D---- C:\Windows\system32\catroot2
2014-09-23 10:53:51 ----D---- C:\Program Files (x86)\Hearthstone
2014-09-22 12:11:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-09-22 12:11:00 ----D---- C:\Windows\system32\DriverStore
2014-09-22 11:54:48 ----D---- C:\Program Files\NVIDIA Corporation
2014-09-17 06:51:20 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2014-09-17 04:13:36 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-09-17 04:13:36 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-09-17 04:12:40 ----A---- C:\Windows\system32\nvspcap64.dll
2014-09-17 04:12:39 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-09-15 09:06:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-14 01:48:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-09-14 01:48:03 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-09-14 01:48:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-09-14 01:48:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-09-14 01:48:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-09-14 01:48:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-09-14 01:48:03 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-09-14 01:48:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-09-13 23:53:36 ----A---- C:\Windows\system32\nvsvc64.dll
2014-09-13 23:53:36 ----A---- C:\Windows\system32\nvcpl.dll
2014-09-13 23:53:34 ----A---- C:\Windows\system32\nvvsvc.exe
2014-09-13 23:53:34 ----A---- C:\Windows\system32\nvsvcr.dll
2014-09-13 23:53:34 ----A---- C:\Windows\system32\nvshext.dll
2014-09-13 23:53:34 ----A---- C:\Windows\system32\nvmctray.dll
2014-09-12 04:16:20 ----D---- C:\Windows\Microsoft.NET
2014-09-12 04:15:42 ----RSD---- C:\Windows\assembly
2014-09-12 03:37:22 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-12 03:37:22 ----D---- C:\Windows\system32\en-US
2014-09-12 03:37:22 ----D---- C:\Program Files\Internet Explorer
2014-09-12 03:37:22 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-12 03:13:36 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-09-28 50976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-20 283064]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-09-09 487216]
R2 sbmntr;SBMNTR; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys [2014-08-25 58728]
R2 X5XSEx_Pr143;X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [2013-07-18 56584]
R3 AiCharger;AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [2012-03-22 14848]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-07-07 3692632]
R3 MAUSBFASTTRACKPRO;Service for M-Audio Fast Track Pro; C:\Windows\system32\DRIVERS\MAudioFastTrackPro.sys [2013-05-23 184592]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-10-08 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-07-07 100312]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2014-07-07 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2014-07-07 217600]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-09-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-07-07 883928]
R3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2014-05-19 39080]
R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service; C:\Windows\system32\drivers\RzMaelstromVAD.sys [2014-06-09 32768]
R3 rzudd;Razer Mouse Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2014-05-19 155816]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-07 33008]
S0 asrngamn;asrngamn; C:\Windows\System32\drivers\foyhncjs.sys [2014-10-08 79064]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-06-10 54784]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FastTrackProAudioDevMon;Fast Track Pro Audio Device Monitor; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [2013-05-23 1688336]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1148744]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19439944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-09-13 934216]
R2 RzMaelstromVADStreamingService;Razer Surround Audio Service; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2014-06-09 4250624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-09-13 411968]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-07 116648]
S2 ProtectMonitor;Protect Monitor; C:\Program Files\PDApp\StartHelp.exe [2014-09-30 512182]
S2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-09-28 1820184]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-07 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-28 114288]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-14 833728]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Virus 100% vyuz. processora

#3 Příspěvek od vyosek »

Zdravim :)

:arrow: Nedavejte prosim logy do code, spatne se to lusti. Code slouzi pouze pro skripty radcum

:arrow: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
DZIPAK
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 08 říj 2014 15:35

Re: Virus 100% vyuz. processora

#4 Příspěvek od DZIPAK »

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/08/2014 07:56:45 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/08/2014 07:57:44 PM
Execution time: 0 hours(s), 0 minute(s), and 59 seconds(s)
Nahoru
DZIPAK
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 08 říj 2014 15:35

Re: Virus 100% vyuz. processora

#5 Příspěvek od DZIPAK »

combofix log


ComboFix 14-10-04.01 - Dzipak . 10. 2014 20:11:43.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.4077.2535 [GMT 2:00]
Running from: c:\users\Dzipak\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\fbmptn.exe
c:\program files (x86)\ShopperPro
c:\program files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe
c:\windows\iun6002.exe
c:\windows\SysWow64\hfnapi.dll
c:\windows\SysWow64\hfpapi.dll
D:\autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
-------\Service_ProtectMonitor
.
.
((((((((((((((((((((((((( Files Created from 2014-09-08 to 2014-10-08 )))))))))))))))))))))))))))))))
.
.
2014-10-08 18:17 . 2014-10-08 18:17 -------- d-----w- c:\users\DzukelDomka\AppData\Local\temp
2014-10-08 18:17 . 2014-10-08 18:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-08 14:55 . 2014-10-08 14:55 -------- d-----w- c:\program files\trend micro
2014-10-08 14:55 . 2014-10-08 14:56 -------- d-----w- C:\rsit
2014-10-08 14:46 . 2014-10-08 14:47 -------- d-----w- C:\FRST
2014-10-08 14:02 . 2014-10-08 14:03 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-08 14:01 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-08 14:01 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-08 14:01 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-08 14:01 . 2014-10-08 14:01 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-10-08 14:01 . 2014-10-08 14:01 -------- d-----w- c:\programdata\Malwarebytes
2014-10-08 11:42 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{11600082-457D-4B82-BAC5-B8D0C6B53EAD}\mpengine.dll
2014-10-07 10:47 . 2014-10-07 10:47 687 ----a-w- C:\awhC1D8.tmp
2014-10-07 07:29 . 2014-10-07 07:29 687 ----a-w- C:\awh3600.tmp
2014-10-07 00:42 . 2014-10-07 00:42 -------- d-----w- c:\program files (x86)\Seznam.cz
2014-10-07 00:12 . 2014-10-07 00:12 -------- d-----w- C:\Remote Programs
2014-10-07 00:12 . 2014-10-07 00:12 -------- d-----w- c:\programdata\Free Ride Games
2014-10-07 00:12 . 2013-07-14 07:58 58264 ------w- c:\windows\ExentInfo.exe
2014-10-07 00:12 . 2014-10-07 00:13 -------- d-----w- c:\program files (x86)\Free Ride Games
2014-10-07 00:06 . 2014-10-07 00:06 -------- d-----w- c:\program files (x86)\YTDownloader
2014-10-07 00:00 . 2014-10-07 00:04 -------- d-----w- c:\program files (x86)\JDownloader
2014-10-06 23:56 . 2014-10-06 23:56 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-10-06 23:55 . 2014-10-07 10:42 -------- d-----w- c:\program files\PDApp
2014-10-06 23:04 . 2014-10-06 23:33 -------- d-----w- c:\users\DzukelDomka\AppData\Roaming\CasinoOnNet
2014-10-06 23:04 . 2014-10-06 23:05 -------- d-----w- c:\program files (x86)\CasinoOnNet
2014-10-06 20:18 . 2014-10-06 20:18 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-10-03 20:01 . 2014-10-03 20:01 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-09-30 22:11 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-30 22:11 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-29 19:57 . 2014-09-29 19:57 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-09-29 04:57 . 2014-09-29 04:57 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-09-28 20:16 . 2014-09-28 20:16 -------- d-----w- c:\users\DzukelDomka\AppData\Local\AVG Secure Search
2014-09-28 20:15 . 2014-10-08 14:31 -------- d-----w- c:\users\DzukelDomka\AppData\Local\1342
2014-09-28 18:58 . 2014-09-28 18:58 -------- d-----w- c:\programdata\Innovative Solutions
2014-09-28 18:41 . 2014-09-28 18:41 50976 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-09-28 18:41 . 2014-09-28 18:41 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2014-09-28 18:41 . 2014-09-28 18:42 -------- d-----w- c:\programdata\AVG Secure Search
2014-09-28 18:41 . 2014-09-28 18:41 -------- d-----w- c:\program files (x86)\AVG Secure Search
2014-09-28 18:41 . 2014-09-28 18:41 -------- d--h--w- c:\programdata\Common Files
2014-09-28 18:32 . 2014-09-28 18:34 -------- d-----w- c:\program files (x86)\Audacity
2014-09-28 18:32 . 2014-09-28 18:32 -------- d-----w- c:\program files (x86)\Innovative Solutions
2014-09-27 04:08 . 2014-09-27 04:12 -------- d-----w- c:\users\Dzipak
2014-09-26 07:37 . 2014-09-26 07:37 687 ----a-w- C:\awhF2DB.tmp
2014-09-24 09:36 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 09:36 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-23 15:16 . 2014-09-23 16:02 -------- d-----w- c:\users\DzukelDomka\AppData\Roaming\Apple Computer
2014-09-23 15:16 . 2014-09-23 15:16 -------- d-----w- c:\users\DzukelDomka\AppData\Local\Apple Computer
2014-09-23 15:15 . 2014-09-23 15:15 -------- dc----w- c:\windows\system32\DRVSTORE
2014-09-23 15:15 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-09-23 15:14 . 2014-09-23 15:15 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-23 15:14 . 2014-09-23 15:15 -------- d-----w- c:\program files\iTunes
2014-09-23 15:14 . 2014-09-23 15:15 -------- d-----w- c:\program files (x86)\iTunes
2014-09-23 15:14 . 2014-09-23 15:14 -------- d-----w- c:\programdata\Apple Computer
2014-09-23 15:14 . 2014-09-23 15:14 -------- d-----w- c:\program files\iPod
2014-09-22 10:11 . 2014-09-22 10:11 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-09-22 10:11 . 2014-09-13 20:13 613696 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-09-22 09:53 . 2014-09-04 19:14 38048 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-09-22 09:53 . 2014-09-04 19:14 32416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-09-22 09:27 . 2014-09-22 09:27 687 ----a-w- C:\awh8C3F.tmp
2014-09-20 22:45 . 2014-09-20 22:45 687 ----a-w- C:\awhD8B4.tmp
2014-09-16 01:55 . 2014-09-16 01:55 -------- d-----w- c:\users\DzukelDomka\AppData\Local\Prompt Downloader
2014-09-16 01:55 . 2014-09-16 01:55 -------- d-----w- c:\program files (x86)\Prompt Downloader
2014-09-16 01:47 . 2014-10-08 14:31 -------- d-----w- c:\users\DzukelDomka\AppData\Local\2990
2014-09-16 01:46 . 2014-10-08 14:31 -------- d-----w- c:\program files (x86)\globalUpdate
2014-09-16 01:46 . 2014-09-16 01:46 -------- d-----w- c:\users\DzukelDomka\AppData\Local\globalUpdate
2014-09-16 01:46 . 2014-10-02 08:13 -------- d-----w- c:\users\DzukelDomka\AppData\Roaming\vlc
2014-09-16 00:27 . 2014-09-16 00:27 -------- d-----w- c:\program files (x86)\VideoLAN
2014-09-15 23:10 . 2014-04-08 20:51 169984 ----a-w- c:\windows\system32\xvid.ax
2014-09-15 23:10 . 2014-04-08 20:51 251392 ----a-w- c:\windows\system32\xvidvfw.dll
2014-09-15 23:10 . 2014-04-08 20:51 706048 ----a-w- c:\windows\system32\xvidcore.dll
2014-09-15 23:10 . 2014-09-15 23:11 -------- d-----w- c:\program files (x86)\Xvid
2014-09-15 23:10 . 2014-04-08 20:50 147456 ----a-w- c:\windows\SysWow64\xvid.ax
2014-09-15 23:10 . 2014-04-08 20:50 235520 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2014-09-15 23:10 . 2014-04-08 20:50 632320 ----a-w- c:\windows\SysWow64\xvidcore.dll
2014-09-12 01:04 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-12 01:04 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-11 04:40 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-11 04:40 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-11 04:40 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-11 04:40 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-11 04:39 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-11 04:39 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-11 04:39 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-11 04:39 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-11 04:39 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-08 18:22 . 2014-10-08 18:22 103140 --sh--r- C:\yumiy.pif
2014-09-24 16:33 . 2014-07-07 10:30 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 16:33 . 2014-07-07 10:30 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-17 04:51 . 2014-07-07 08:22 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-09-17 02:13 . 2014-07-23 17:12 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-09-17 02:13 . 2014-07-07 09:56 2193560 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-09-17 02:12 . 2014-07-07 09:56 2799784 ----a-w- c:\windows\system32\nvspcap64.dll
2014-09-17 02:12 . 2014-07-23 17:12 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-09-15 07:06 . 2014-07-07 07:02 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-13 23:48 . 2014-08-03 10:02 18106152 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-09-13 23:48 . 2014-07-07 08:33 73872 ----a-w- c:\windows\system32\OpenCL.dll
2014-09-13 23:48 . 2014-07-07 08:33 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-09-13 23:48 . 2014-07-07 08:22 984424 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-09-13 23:48 . 2014-07-07 08:22 20589536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-09-13 23:48 . 2014-07-07 08:22 3223120 ----a-w- c:\windows\system32\nvapi64.dll
2014-09-13 23:48 . 2014-07-07 08:22 2838424 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-09-13 23:48 . 2014-07-07 08:22 16875856 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-09-13 21:53 . 2014-07-07 08:33 6890696 ----a-w- c:\windows\system32\nvcpl.dll
2014-09-13 21:53 . 2014-07-07 08:33 3529872 ----a-w- c:\windows\system32\nvsvc64.dll
2014-09-13 21:53 . 2014-07-07 08:33 934216 ----a-w- c:\windows\system32\nvvsvc.exe
2014-09-13 21:53 . 2014-07-07 08:33 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-09-13 21:53 . 2014-07-07 08:33 385168 ----a-w- c:\windows\system32\nvmctray.dll
2014-09-13 21:53 . 2014-07-07 08:33 2557640 ----a-w- c:\windows\system32\nvsvcr.dll
2014-09-11 15:37 . 2014-07-07 08:33 3961833 ----a-w- c:\windows\system32\nvcoproc.bin
2014-09-04 19:14 . 2014-07-07 08:22 34976 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-08-23 02:07 . 2014-08-28 07:00 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 07:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 07:00 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-08 10:54 . 2014-08-08 10:54 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-20 11:12 . 2014-07-20 11:11 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-18 01:34 . 2014-07-18 01:34 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-07-18 01:34 . 2014-07-18 01:34 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-07-18 01:34 . 2014-07-18 01:34 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-07-18 01:34 . 2014-07-18 01:34 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-07-18 01:34 . 2014-07-18 01:34 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-07-18 01:34 . 2014-07-18 01:34 81408 ----a-w- c:\windows\system32\icardie.dll
2014-07-18 01:34 . 2014-07-18 01:34 774144 ----a-w- c:\windows\system32\jscript.dll
2014-07-18 01:34 . 2014-07-18 01:34 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-07-18 01:34 . 2014-07-18 01:34 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-07-18 01:34 . 2014-07-18 01:34 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-07-18 01:34 . 2014-07-18 01:34 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-07-18 01:34 . 2014-07-18 01:34 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-07-18 01:34 . 2014-07-18 01:34 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-07-18 01:34 . 2014-07-18 01:34 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-07-18 01:34 . 2014-07-18 01:34 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-07-18 01:34 . 2014-07-18 01:34 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-07-18 01:34 . 2014-07-18 01:34 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-07-18 01:34 . 2014-07-18 01:34 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-07-18 01:34 . 2014-07-18 01:34 413696 ----a-w- c:\windows\system32\html.iec
2014-07-18 01:34 . 2014-07-18 01:34 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-07-18 01:34 . 2014-07-18 01:34 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-07-18 01:34 . 2014-07-18 01:34 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-07-18 01:34 . 2014-07-18 01:34 247808 ----a-w- c:\windows\system32\msls31.dll
2014-07-18 01:34 . 2014-07-18 01:34 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-07-18 01:34 . 2014-07-18 01:34 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-07-18 01:34 . 2014-07-18 01:34 235520 ----a-w- c:\windows\system32\url.dll
2014-07-18 01:34 . 2014-07-18 01:34 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-07-18 01:34 . 2014-07-18 01:34 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-07-18 01:34 . 2014-07-18 01:34 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-07-18 01:34 . 2014-07-18 01:34 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-07-18 01:34 . 2014-07-18 01:34 147968 ----a-w- c:\windows\system32\occache.dll
2014-07-18 01:34 . 2014-07-18 01:34 143872 ----a-w- c:\windows\system32\wextract.exe
2014-07-18 01:34 . 2014-07-18 01:34 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-07-18 01:34 . 2014-07-18 01:34 13824 ----a-w- c:\windows\system32\mshta.exe
2014-07-18 01:34 . 2014-07-18 01:34 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-07-18 01:34 . 2014-07-18 01:34 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-07-18 01:34 . 2014-07-18 01:34 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-07-18 01:34 . 2014-07-18 01:34 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-07-18 01:34 . 2014-07-18 01:34 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-07-18 01:34 . 2014-07-18 01:34 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-07-18 01:34 . 2014-07-18 01:34 101376 ----a-w- c:\windows\system32\inseng.dll
2014-07-18 01:32 . 2014-07-18 01:32 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-07-18 01:32 . 2014-07-18 01:32 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-07-18 01:32 . 2014-07-18 01:32 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-07-18 01:32 . 2014-07-18 01:32 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-07-18 01:32 . 2014-07-18 01:32 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-07-18 01:32 . 2014-07-18 01:32 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-07-18 01:32 . 2014-07-18 01:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-07-18 01:32 . 2014-07-18 01:32 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-07-18 01:32 . 2014-07-18 01:32 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-18 01:32 . 2014-07-18 01:32 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-07-18 01:32 . 2014-07-18 01:32 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-07-18 01:32 . 2014-07-18 01:32 221184 ----a-w- c:\windows\system32\UIAnimation.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"YTDownloader"="c:\program files (x86)\YTDownloader\YTDownloader.exe" [2014-08-25 1988968]
"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2014-09-07 4993920]
"cz.seznam.software.autoupdate"="c:\users\Dzipak\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Dzipak\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mncrnrmSrv"="c:\windows\inf\mncrnrm.vbe" [2014-01-13 1338]
"mncqtveySrv"="c:\windows\system32\mncqtvey.vbe" [2014-03-05 7670]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"ASUS Ai Charger"="c:\program files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2011-09-27 465536]
"mncnaqaSrv"="c:\windows\system32\mncnaqa.vbe" [2014-03-05 7670]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-06-23 585560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-08-01 152392]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2014-09-28 2640408]
"YTDownloader"="c:\program files (x86)\YTDownloader\YTDownloader.exe" [2014-08-25 1988968]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2014-09-07 4993920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 FastTrackProAudioDevMon;Fast Track Pro Audio Device Monitor;c:\program files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe;c:\program files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzMaelstromVADStreamingService;Razer Surround Audio Service;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [x]
S2 sbmntr;sbmntr;c:\progra~2\YTDOWN~1\sbmntr.sys;c:\progra~2\YTDOWN~1\sbmntr.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [x]
S2 X5XSEx_Pr143;X5XSEx_Pr143;c:\program files (x86)\Free Ride Games\X5XSEx_Pr143.Sys;c:\program files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 MAUSBFASTTRACKPRO;Service for M-Audio Fast Track Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioFastTrackPro.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 01:01 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-07 16:33]
.
2014-10-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job
- c:\users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-22 20:43]
.
2014-10-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job
- c:\users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-22 20:43]
.
2014-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-07 07:44]
.
2014-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-07 07:44]
.
2014-10-07 c:\windows\Tasks\Norton Security Scan for DzukelDomka.job
- c:\progra~2\NORTON~2\Engine\410~1.28\Nss.exe [2014-08-24 06:04]
.
2014-09-28 c:\windows\Tasks\Open Chrome.job
- c:\program files (x86)\Google\Chrome\Application\chrome.exe [2014-07-07 04:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-09-17 2460488]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-07-07 7203032]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-09-17 2799784]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=13415
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410 ... earchTerms}
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
FF - ProfilePath - c:\users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-DriverMax - (no file)
Wow6432Node-HKCU-Run-DriverMax_RESTART - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
c:\users\Dzipak\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-10-08 20:27:33 - machine was rebooted
ComboFix-quarantined-files.txt 2014-10-08 18:27
.
Pre-Run: 11 484 205 056 bytes free
Post-Run: 19 215 921 152 bytes free
.
- - End Of File - - 84FB9CFD24AC073020E700B6AFEF5AE5
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Virus 100% vyuz. processora

#6 Příspěvek od vyosek »

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
DZIPAK
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 08 říj 2014 15:35

Re: Virus 100% vyuz. processora

#7 Příspěvek od DZIPAK »

# AdwCleaner v3.311 - Report created 08/10/2014 at 21:09:31
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Dzipak - DZUKELDOMKA-PC
# Running from : C:\Users\Dzipak\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : sbmntr

***** [ Files / Folders ] *****

Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Free Ride Games
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Free Ride Games
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Dzipak\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Dzipak\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Dzipak\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Dzipak\AppData\LocalLow\Sense
Folder Deleted : C:\Users\Dzipak\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
Folder Deleted : C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\DzukelDomka\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\DzukelDomka\AppData\Local\globalUpdate
Folder Deleted : C:\Users\DzukelDomka\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Public\Documents\ShopperPro
File Deleted : C:\Users\Public\Desktop\More FREE games.lnk
File Deleted : C:\Users\Public\Desktop\Play Free Games.lnk
File Deleted : C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\DzukelDomka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\DzukelDomka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk
Shortcut Disinfected : C:\Users\Dzipak\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Free Ride Games\GPlayer.exe]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Driver-Soft
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v32.0.3 (x86 sk)

[ File : C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default\prefs.js ]

Line Deleted : user_pref("extensions.a0cd1569197354ecf9be03d3ee3bc4210848f7b5a58324f064fcom63831.63831.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D[...]
Line Deleted : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.value", "%7B%2219x19.png%22%3A%7B%22id%22%3A485550%2C%22ver%22%3A5%2C%22[...]
Line Deleted : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.a45633fba7e7d40fea9c299dc18447eea04021a325caf3com61911.61911.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A757182%2C%22ver%22%3A1%2C%22status%22%3A1%2[...]
Line Deleted : user_pref("extensions.a45633fba7e7d40fea9c299dc18447eea04021a325caf3com61911.61911.internaldb.Resources_resource_757191.value", "%22function%20startAskCom%28e%2Ct%2Cr%29%7Bfunction%20a%28e%29%7Bvar%20[...]
Line Deleted : user_pref("extensions.a45633fba7e7d40fea9c299dc18447eea04021a325caf3com61911.61911.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2[...]
Line Deleted : user_pref("extensions.aBGKGT66124770ZYFBNPM50498512com64141.64141.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%[...]
Line Deleted : user_pref("extensions.aVJKPXI46039420JMZUIOB85844870com63429.63429.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22[...]
Line Deleted : user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22[...]

[ File : C:\Users\DzukelDomka\AppData\Roaming\Mozilla\Firefox\Profiles\3njno936.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "istartsurf");
Line Deleted : user_pref("browser.search.selectedEngine", "istartsurf");
Line Deleted : user_pref("extensions.aBGKGT66124770ZYFBNPM50498512com64141.64141.cookie.previous_page.value", "%22hxxp%3A//www.istartsurf.com/%3Ftype%3Dsc%26ts%3D ... S_9VPCLXF3[...]
Line Deleted : user_pref("extensions.aBGKGT66124770ZYFBNPM50498512com64141.64141.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anth[...]
Line Deleted : user_pref("extensions.aBGKGT66124770ZYFBNPM50498512com64141.64141.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%[...]

-\\ Google Chrome v37.0.2062.124

[ File : C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\DzukelDomka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14947 octets] - [08/10/2014 21:07:46]
AdwCleaner[S0].txt - [14288 octets] - [08/10/2014 21:09:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14349 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Virus 100% vyuz. processora

#8 Příspěvek od vyosek »

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: Dejte novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
DZIPAK
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 08 říj 2014 15:35

Re: Virus 100% vyuz. processora

#9 Příspěvek od DZIPAK »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Dzipak at 2014-10-08 22:04:27
Running from C:\Users\Dzipak\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aktualizácie NVIDIA 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.02.01 - ASUSTeK Computer Inc.)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.1.2 - ASUSTeK Computer Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DriverMax 5 (HKLM-x32\...\DMX5_is1) (Version: 5.7.0.800 - Innovative Solutions)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Chipset Device Software (Version: 10.0.13 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 sk) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 sk)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA 3D Vision radič ovládača 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Grafický ovládač 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA Ovládač 3D Vision 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Softvér systému s podporou technológie PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
Ovládací panel NVIDIA 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 ultimate - aktivace - 100% funkn version for Windows (HKLM-x32\...\{5A026EFE-F5DB-2857-8670-3D9E69D10ECD}_is1) (Version: for Windows - )
WinRAR 5.10 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

08-10-2014 20:02:58 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-10-08 20:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2038AAA9-FB72-4622-B494-9B2E0FC67DA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-07] (Google Inc.)
Task: {2E8B9108-12B3-42F6-B0D0-9AC2001678B5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-22] (Facebook Inc.)
Task: {447387B9-3FEE-4110-AE05-7A23836BE7FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {479C0101-D045-46E4-A49B-3A07527FAA53} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {5EA92C02-EE4B-489F-87E4-F4E274A03118} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {8FEBA8E7-F2A6-40F8-8C5A-0FD74C393B48} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-08] (Adobe Systems Incorporated)
Task: {AD964B29-9893-423B-A981-AA861536C23D} - System32\Tasks\Open Chrome => Chrome.exe --new-window http://toolbar.avg.com/almost-done?pid= ... rowser=all
Task: {BF8E251C-3AF4-43EE-9A29-E01DD5755BB5} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {CF047BE2-9D2A-4297-A7A4-2870D5EE0901} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-22] (Facebook Inc.)
Task: {FC78774A-C8DC-47D0-8B50-91D6DDBCBFA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-07] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe

==================== Loaded Modules (whitelisted) =============

2014-07-07 11:09 - 2010-12-02 19:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-714635507-2199221034-3097845752-500 - Administrator - Disabled)
Dzipak (S-1-5-21-714635507-2199221034-3097845752-1003 - Administrator - Enabled) => C:\Users\Dzipak
DzukelDomka (S-1-5-21-714635507-2199221034-3097845752-1001 - Administrator - Enabled) => C:\Users\DzukelDomka
Guest (S-1-5-21-714635507-2199221034-3097845752-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-714635507-2199221034-3097845752-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: X5XSEx_Pr143
Description: X5XSEx_Pr143
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: X5XSEx_Pr143
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2014 10:02:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
Systém nemôže nájsť zadaný súbor.
.

Error: (10/08/2014 09:59:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
Systém nemôže nájsť zadaný súbor.
.

Error: (10/08/2014 09:52:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
Systém nemôže nájsť zadaný súbor.
.

Error: (10/08/2014 09:13:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 1.0.0.532 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bb8

Start Time: 01cfe32bb59b5356

Termination Time: 1

Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Report Id: 3ed0b978-4f1f-11e4-a4c8-bcaec5e0aef6

Error: (10/08/2014 05:53:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 37.0.2062.124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3bbc8

Start Time: 01cfe30445f88cb8

Termination Time: 74

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 2d9a2454-4f03-11e4-a8b2-bcaec5e0aef6

Error: (10/08/2014 04:03:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: mm.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
at ƒþ.ƒý.æ(System.String[])
at ƒþ.ƒý.¦(System.String[])
at ƒþ.ƒý.Ú(System.String[])
at ƒþ.ƒý.Ù(System.String[])
at ƒþ.ƒý.‚Ð(System.String[])

Error: (10/08/2014 02:26:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 37.0.2062.124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2e6d0

Start Time: 01cfe2f1ec9c2c1b

Termination Time: 111

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 4872e722-4ee6-11e4-a8b2-bcaec5e0aef6

Error: (10/08/2014 10:49:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 37.0.2062.124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2de88

Start Time: 01cfe2d409262e17

Termination Time: 180

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 0f9cf468-4ec8-11e4-a8b2-bcaec5e0aef6

Error: (10/08/2014 03:15:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 802126

Error: (10/08/2014 03:15:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 802126


System errors:
=============
Error: (10/08/2014 09:23:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (10/08/2014 09:11:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby X5XSEx_Pr143 zlyhalo kvôli nasledujúcej chybe:
%%3

Error: (10/08/2014 09:11:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby vToolbarUpdater18.1.9 zlyhalo kvôli nasledujúcej chybe:
%%2

Error: (10/08/2014 08:24:15 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (10/08/2014 08:18:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (10/08/2014 08:18:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (10/08/2014 08:17:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/08/2014 08:15:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (10/08/2014 08:09:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Update snipsmart sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (10/08/2014 07:50:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Network Support Service Updater sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Microsoft Office Sessions:
=========================
Error: (10/08/2014 10:02:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
Systém nemôže nájsť zadaný súbor.

Error: (10/08/2014 09:59:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
Systém nemôže nájsť zadaný súbor.

Error: (10/08/2014 09:52:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
Systém nemôže nájsť zadaný súbor.

Error: (10/08/2014 09:13:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.532bb801cfe32bb59b53561C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe3ed0b978-4f1f-11e4-a4c8-bcaec5e0aef6

Error: (10/08/2014 05:53:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe37.0.2062.1243bbc801cfe30445f88cb874C:\Program Files (x86)\Google\Chrome\Application\chrome.exe2d9a2454-4f03-11e4-a8b2-bcaec5e0aef6

Error: (10/08/2014 04:03:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: mm.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
at ƒþ.ƒý.æ(System.String[])
at ƒþ.ƒý.¦(System.String[])
at ƒþ.ƒý.Ú(System.String[])
at ƒþ.ƒý.Ù(System.String[])
at ƒþ.ƒý.‚Ð(System.String[])

Error: (10/08/2014 02:26:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe37.0.2062.1242e6d001cfe2f1ec9c2c1b111C:\Program Files (x86)\Google\Chrome\Application\chrome.exe4872e722-4ee6-11e4-a8b2-bcaec5e0aef6

Error: (10/08/2014 10:49:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe37.0.2062.1242de8801cfe2d409262e17180C:\Program Files (x86)\Google\Chrome\Application\chrome.exe0f9cf468-4ec8-11e4-a8b2-bcaec5e0aef6

Error: (10/08/2014 03:15:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 802126

Error: (10/08/2014 03:15:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 802126


CodeIntegrity Errors:
===================================
Date: 2014-10-08 20:17:25.425
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-08 20:17:25.347
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 33%
Total physical RAM: 4077.25 MB
Available physical RAM: 2731.45 MB
Total Pagefile: 8152.67 MB
Available Pagefile: 6813.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:390.63 GB) (Free:24.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:540.88 GB) (Free:61.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7D807D80)
Partition 1: (Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=540.9 GB) - (Type=OF Extended)

==================== End Of Log ============================
Přílohy
Addition1.rar
(6.75 KiB) Staženo 56 x
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Virus 100% vyuz. processora

#10 Příspěvek od vyosek »

Do prispevku i do prilohy jste dal Addition, dejte jeste FRST.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
DZIPAK
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 08 říj 2014 15:35

Re: Virus 100% vyuz. processora

#11 Příspěvek od DZIPAK »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Dzipak (administrator) on DZUKELDOMKA-PC on 08-10-2014 22:03:28
Running from C:\Users\Dzipak\Desktop
Loaded Profile: Dzipak (Available profiles: DzukelDomka & Dzipak)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(forum.viry.cz) C:\Users\Dzipak\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2014-07-07] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [101694776 2014-08-29] (Microsoft Corporation)
HKLM-x32\...\Run: [mncrnrmSrv] => C:\Windows\inf\mncrnrm.vbe [1338 2014-01-13] ()
HKLM-x32\...\Run: [mncqtveySrv] => C:\Windows\SysWOW64\mncqtvey.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [187016 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [535168 2011-09-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mncnaqaSrv] => C:\Windows\SysWOW64\mncnaqa.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
AlternateShell:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x69D0DF2EC0E1CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk-SK
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {45ACAD63-3905-477C-931D-599058A672FB} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Dzipak\AppData\Roaming\Mozilla\Firefox\Profiles\0ua67gs7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: www.exent.com/GameTreatWidget -> C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml

Chrome:
=======
CHR Profile: C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-10-07]
CHR Extension: (Peňaženka Google) - C:\Users\Dzipak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-28] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-20] (Disc Soft Ltd)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-07-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-07-07] (Synaptics Incorporated)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 21:59 - 2014-10-08 21:59 - 00652800 _____ () C:\Users\Dzipak\Downloads\MicrosoftFixit50362.msi
2014-10-08 21:58 - 2014-10-08 21:59 - 00347816 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\MicrosoftFixit.wu.LB.128336229114357388.1.1.Run.exe
2014-10-08 21:56 - 2014-10-08 21:56 - 01055936 _____ (Adobe) C:\Users\Dzipak\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe
2014-10-08 21:52 - 2014-10-08 21:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-08 21:52 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-08 21:34 - 2014-10-08 21:34 - 06139760 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\WindowsUpdateAgent30-x86.exe
2014-10-08 21:33 - 2014-10-08 21:33 - 00347816 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\MicrosoftFixit.wu.LB.223336227610340612.1.1.Run.exe
2014-10-08 21:30 - 2014-10-08 21:30 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\IsolatedStorage
2014-10-08 21:27 - 2014-10-08 21:30 - 00000000 ____D () C:\Program Files\PCDApp
2014-10-08 21:25 - 2014-10-08 21:25 - 00000000 ____D () C:\Users\Dzipak\.appwork
2014-10-08 21:07 - 2014-10-08 21:09 - 00000000 ____D () C:\AdwCleaner
2014-10-08 21:07 - 2014-10-08 21:07 - 01375089 _____ () C:\Users\Dzipak\Desktop\adwcleaner_3.311.exe
2014-10-08 21:06 - 2014-10-08 21:07 - 01375089 _____ () C:\Users\Dzipak\Downloads\adwcleaner_3.311.exe
2014-10-08 20:27 - 2014-10-08 20:27 - 00034445 _____ () C:\Users\Dzipak\Desktop\COMBOFIX.txt
2014-10-08 20:27 - 2014-10-08 20:27 - 00034445 _____ () C:\ComboFix.txt
2014-10-08 20:22 - 2014-10-08 20:22 - 00103140 __RSH () C:\yumiy.pif
2014-10-08 20:09 - 2014-10-08 22:02 - 00000000 ____D () C:\Windows\erdnt
2014-10-08 20:09 - 2014-10-08 20:27 - 00000000 ____D () C:\ComboFix
2014-10-08 20:06 - 2014-10-08 20:07 - 05582481 _____ (Swearware) C:\Users\Dzipak\Downloads\ComboFix.exe
2014-10-08 20:04 - 2014-10-08 20:05 - 04394999 _____ (Swearware) C:\Users\Dzipak\Desktop\Nepotvrdené 5531.crdownload
2014-10-08 19:56 - 2014-10-08 19:56 - 00000000 ____D () C:\Users\Dzipak\Desktop\Nový priečinok
2014-10-08 19:50 - 2014-10-08 19:57 - 00002338 _____ () C:\Users\Dzipak\Desktop\Rkill.txt
2014-10-08 19:50 - 2014-10-08 19:50 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Desktop\rkill64.com
2014-10-08 19:49 - 2014-10-08 19:49 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Downloads\rkill.com
2014-10-08 19:49 - 2014-10-08 19:49 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Desktop\rkill.com
2014-10-08 17:20 - 2014-10-08 17:20 - 00007606 _____ () C:\Users\Dzipak\AppData\Local\Resmon.ResmonCfg
2014-10-08 16:58 - 2014-10-08 16:58 - 00006612 _____ () C:\Users\Dzipak\Desktop\Addition.rar
2014-10-08 16:55 - 2014-10-08 16:56 - 00000000 ____D () C:\rsit
2014-10-08 16:55 - 2014-10-08 16:55 - 00832273 _____ () C:\Users\Dzipak\Downloads\RSITx64.exe
2014-10-08 16:55 - 2014-10-08 16:55 - 00832273 _____ () C:\Users\Dzipak\Desktop\RSITx64.exe
2014-10-08 16:55 - 2014-10-08 16:55 - 00000000 ____D () C:\Program Files\trend micro
2014-10-08 16:46 - 2014-10-08 22:04 - 00013172 _____ () C:\Users\Dzipak\Desktop\FRST.txt
2014-10-08 16:46 - 2014-10-08 22:03 - 00000000 ____D () C:\FRST
2014-10-08 16:42 - 2014-10-08 16:42 - 00112640 _____ (forum.viry.cz) C:\Users\Dzipak\Desktop\FRSTLauncher.exe
2014-10-08 16:41 - 2014-10-08 16:42 - 00112640 _____ (forum.viry.cz) C:\Users\Dzipak\Downloads\FRSTLauncher.exe
2014-10-08 16:41 - 2014-10-08 16:40 - 02109952 _____ (Farbar) C:\Users\Dzipak\Desktop\FRST64.exe
2014-10-08 16:40 - 2014-10-08 16:40 - 02109952 _____ (Farbar) C:\Users\Dzipak\Downloads\FRST64.exe
2014-10-08 16:40 - 2014-10-08 16:40 - 02109952 _____ (Farbar) C:\Users\Dzipak\Downloads\FRST64 (1).exe
2014-10-08 16:02 - 2014-10-08 16:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-08 16:01 - 2014-10-08 16:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-08 16:01 - 2014-09-26 21:01 - 00000000 ____D () C:\Users\Dzipak\Desktop\Malwarebytes Anti-Malware +key 2014
2014-10-07 20:20 - 2014-10-07 20:21 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (14).exe
2014-10-07 20:12 - 2014-10-07 20:14 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (13).exe
2014-10-07 19:56 - 2014-10-07 19:56 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (12).exe
2014-10-07 19:52 - 2014-10-07 19:52 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (11).exe
2014-10-07 19:49 - 2014-10-07 19:50 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (10).exe
2014-10-07 19:44 - 2014-10-07 19:44 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (9).exe
2014-10-07 19:41 - 2014-10-07 19:41 - 00480168 _____ () C:\Users\Dzipak\Downloads\FLVPlayer-Chrome (1).exe
2014-10-07 19:39 - 2014-10-07 19:40 - 00471976 _____ () C:\Users\Dzipak\Downloads\FLVPlayer-Chrome.exe
2014-10-07 19:39 - 2014-10-07 19:39 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (8).exe
2014-10-07 19:37 - 2014-10-07 19:37 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (7).exe
2014-10-07 18:55 - 2014-10-07 18:55 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (6).exe
2014-10-07 18:55 - 2014-10-07 18:55 - 00118149 _____ () C:\Users\Dzipak\Desktop\wmpChrome.crx
2014-10-07 18:26 - 2014-10-07 18:26 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (5).exe
2014-10-07 18:17 - 2014-10-07 18:17 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (4).exe
2014-10-07 17:07 - 2014-10-07 17:07 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (3).exe
2014-10-07 16:13 - 2014-10-07 16:13 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (2).exe
2014-10-07 15:57 - 2014-10-07 15:57 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (1).exe
2014-10-07 15:40 - 2014-10-07 15:41 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh.exe
2014-10-07 15:08 - 2014-10-08 22:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Adobe
2014-10-07 14:45 - 2014-10-07 14:45 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Blizzard
2014-10-07 12:59 - 2014-10-07 12:59 - 00282909 _____ () C:\Users\Dzipak\Downloads\stiahnuť.htm
2014-10-07 12:47 - 2014-10-07 12:47 - 00000687 _____ () C:\awhC1D8.tmp
2014-10-07 09:29 - 2014-10-07 09:29 - 00000687 _____ () C:\awh3600.tmp
2014-10-07 06:27 - 2014-10-07 06:27 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Macromedia
2014-10-07 06:10 - 2014-10-07 06:10 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Mozilla
2014-10-07 06:10 - 2014-10-07 06:10 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Mozilla
2014-10-07 02:45 - 2014-10-08 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-07 02:45 - 2014-10-07 02:45 - 00002137 _____ () C:\Users\DzukelDomka\Desktop\AppsHat.lnk
2014-10-07 02:45 - 2014-10-07 02:45 - 00002117 _____ () C:\Users\Dzipak\Desktop\AppsHat.lnk
2014-10-07 02:45 - 2014-10-07 02:45 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-07 02:42 - 2014-10-08 21:19 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-10-07 02:41 - 2014-10-08 21:19 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Seznam.cz
2014-10-07 02:41 - 2014-10-08 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-10-07 02:41 - 2014-10-07 02:41 - 00002166 _____ () C:\Users\DzukelDomka\Desktop\FLV Player.lnk
2014-10-07 02:41 - 2014-10-07 02:41 - 00002146 _____ () C:\Users\Dzipak\Desktop\FLV Player.lnk
2014-10-07 02:41 - 2014-10-07 02:41 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-10-07 02:16 - 2014-10-08 21:26 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\JDownloader v2.0
2014-10-07 02:12 - 2014-10-07 02:46 - 00001117 _____ () C:\Users\Dzipak\Desktop\Play Jewel Quest 3.lnk
2014-10-07 02:12 - 2014-10-07 02:12 - 00246992 _____ () C:\Users\Dzipak\Downloads\installer_jdownloader_two.exe
2014-10-07 02:12 - 2014-10-07 02:12 - 00002063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Free Ride Games.lnk
2014-10-07 02:12 - 2014-10-07 02:12 - 00000064 _____ () C:\Windows\GPlrLanc.dat
2014-10-07 02:12 - 2013-07-14 09:58 - 00058264 ____N (Exent Technologies Ltd.) C:\Windows\ExentInfo.exe
2014-10-07 02:11 - 2014-10-07 02:11 - 00001342 _____ () C:\Users\Dzipak\Desktop\Continue JewelQuest.lnk
2014-10-07 02:06 - 2014-10-07 02:06 - 00003586 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-10-07 02:06 - 2014-10-07 02:06 - 00001949 _____ () C:\Users\Dzipak\Desktop\YTDownloader.lnk
2014-10-07 02:04 - 2014-10-07 02:04 - 00307192 _____ () C:\Users\Dzipak\Downloads\FLVPlayer_downloader-Nfj0Lh7XF.exe
2014-10-07 02:04 - 2014-10-07 02:04 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\CrashRpt
2014-10-07 02:00 - 2014-10-08 21:26 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-10-07 01:59 - 2014-10-08 16:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\8826
2014-10-07 01:58 - 2014-10-07 01:58 - 00234704 _____ () C:\Users\Dzipak\Downloads\installer_jdownloader_one.exe
2014-10-07 01:56 - 2014-10-07 01:56 - 00043259 _____ () C:\Users\Dzipak\Downloads\JD2 DB 10-05-13.zip
2014-10-07 01:56 - 2014-10-07 01:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-07 01:56 - 2014-10-07 01:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-07 01:55 - 2014-10-07 12:42 - 00000000 ____D () C:\Program Files\PDApp
2014-10-07 01:48 - 2014-10-07 01:48 - 02713191 _____ () C:\Users\Dzipak\Downloads\Uploaded.net downloader v10.6.rar
2014-10-07 01:48 - 2014-10-05 21:37 - 00000000 ____D () C:\Users\Dzipak\Desktop\Uploaded.net downloader v10.6
2014-10-07 01:24 - 2014-10-07 01:25 - 00956160 _____ (Slots Heaven) C:\Users\DzukelDomka\Downloads\SetupCasino_319d65_en.exe
2014-10-07 01:05 - 2014-10-07 01:05 - 00002024 _____ () C:\Users\Dzipak\Desktop\888casino.lnk
2014-10-07 01:05 - 2014-10-07 01:05 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
2014-10-07 01:04 - 2014-10-08 21:17 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\CasinoOnNet
2014-10-05 12:28 - 2014-10-05 12:28 - 00000000 _____ () C:\Users\DzukelDomka\Desktop\Nový textový dokument (3).txt
2014-10-04 14:57 - 2014-10-04 14:57 - 00000000 _____ () C:\Users\DzukelDomka\Desktop\Nový textový dokument (2).txt
2014-10-01 19:47 - 2014-10-01 20:42 - 729675776 _____ () C:\Users\DzukelDomka\Downloads\Zbesily-utek.avi
2014-10-01 00:11 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 00:11 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 23:15 - 2014-09-30 23:15 - 00007514 _____ () C:\Users\DzukelDomka\Downloads\08-2014 (5).xlsx
2014-09-30 23:15 - 2014-09-30 23:15 - 00007514 _____ () C:\Users\DzukelDomka\Desktop\08-2014 (5).xlsx
2014-09-30 23:02 - 2014-09-30 23:02 - 00014882 _____ () C:\Users\DzukelDomka\Downloads\08-2014 (4).xlsx
2014-09-30 23:02 - 2014-09-30 23:02 - 00014882 _____ () C:\Users\DzukelDomka\Downloads\08-2014 (3).xlsx
2014-09-30 16:53 - 2014-09-30 16:54 - 12881948 _____ () C:\Users\DzukelDomka\Downloads\foryou2.zip
2014-09-28 22:32 - 2014-09-28 22:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-28 22:15 - 2014-10-08 16:31 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\1342
2014-09-28 22:13 - 2014-09-28 22:13 - 03099552 _____ (Blizzard Entertainment) C:\Users\Dzipak\Downloads\Hearthstone-Setup-enGB.exe
2014-09-28 22:08 - 2014-10-08 14:23 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Battle.net
2014-09-28 22:08 - 2014-10-07 14:44 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Battle.net
2014-09-28 22:08 - 2014-09-28 22:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Blizzard Entertainment
2014-09-28 22:02 - 2014-09-28 22:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\M-Audio
2014-09-28 22:02 - 2014-09-28 22:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Deployment
2014-09-28 22:02 - 2014-09-28 22:02 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Apps\2.0
2014-09-28 21:59 - 2014-09-28 22:02 - 52024662 _____ ( ) C:\Users\Dzipak\Downloads\Download-DriverPack-Solution-13.0.380.exe
2014-09-28 21:50 - 2014-09-28 21:59 - 00008499 _____ () C:\Users\Dzipak\Downloads\DriverEasyOnline.Scan.application
2014-09-28 21:48 - 2013-05-23 05:58 - 19690256 _____ (M-Audio, a division of Avid Technology, Inc.) C:\Users\Dzipak\Desktop\Install_M-Audio_Fast_Track_Pro_6.1.10.exe
2014-09-28 21:29 - 2014-09-28 21:29 - 07686507 _____ () C:\Users\Dzipak\Downloads\Fast_Track_USB_Installer_6_0_6_77176.zip
2014-09-28 21:15 - 2014-09-28 21:15 - 00001114 _____ () C:\Users\Dzipak\Desktop\DriverMax.lnk
2014-09-28 21:15 - 2014-09-28 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2014-09-28 21:11 - 2014-09-28 21:17 - 16465549 _____ () C:\Users\Dzipak\Downloads\Install_M-Audio_Fast_Track_Pro_6.1.10.zip
2014-09-28 21:00 - 2014-09-28 21:00 - 05163533 _____ () C:\Users\Dzipak\Downloads\Komplete_Kontrol_392_PC.zip
2014-09-28 20:58 - 2014-09-28 20:58 - 00000000 ____D () C:\ProgramData\Innovative Solutions
2014-09-28 20:58 - 2011-02-17 11:32 - 00531562 _____ () C:\Users\Dzipak\Desktop\DriverMax57cz.exe
2014-09-28 20:58 - 2011-02-17 10:57 - 00001352 _____ () C:\Users\Dzipak\Desktop\Přečti si!.txt
2014-09-28 20:58 - 2009-06-22 18:46 - 00000087 _____ () C:\Users\Dzipak\Desktop\CestinyCZ.txt
2014-09-28 20:51 - 2014-09-28 20:51 - 41361331 _____ () C:\Users\Dzipak\Downloads\Controller_Editor_170_PC.zip
2014-09-28 20:44 - 2014-09-28 20:44 - 04310989 _____ () C:\Users\Dzipak\Downloads\drivermax-zaloha-a-aktulizace-ovladacu+cz.rar
2014-09-28 20:43 - 2014-09-28 20:43 - 00002624 _____ () C:\Windows\System32\Tasks\Open Chrome
2014-09-28 20:43 - 2014-09-28 20:43 - 00000380 _____ () C:\Windows\Tasks\Open Chrome.job
2014-09-28 20:41 - 2014-09-28 20:41 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-09-28 20:39 - 2014-09-28 20:40 - 09979731 _____ () C:\Users\Dzipak\Downloads\M4E.CoM_DriverMax-7.13-Final_By_M.M.A.E.rar
2014-09-28 20:34 - 2014-09-28 20:42 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Audacity
2014-09-28 20:33 - 2014-09-28 20:33 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-09-28 20:33 - 2014-09-28 20:33 - 00001007 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-09-28 20:32 - 2014-09-28 20:34 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-09-28 20:32 - 2014-09-28 20:32 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Innovative Solutions
2014-09-28 20:32 - 2014-09-28 20:32 - 00000000 ____D () C:\Program Files (x86)\Innovative Solutions
2014-09-28 19:45 - 2014-09-28 19:46 - 05799056 _____ (Innovative Solutions ) C:\Users\Dzipak\Downloads\drivermax_7_40_cnet.exe
2014-09-28 19:37 - 2014-09-28 19:38 - 28492155 _____ () C:\Users\Dzipak\Downloads\audacity (1).exe
2014-09-28 19:36 - 2014-09-28 19:37 - 28496251 _____ () C:\Users\Dzipak\Downloads\audacity.exe
2014-09-28 17:19 - 2014-09-28 17:19 - 05860624 _____ () C:\Users\Dzipak\Downloads\foryou.zip
2014-09-28 16:08 - 2014-09-28 16:08 - 00088304 _____ () C:\Users\Dzipak\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-28 15:16 - 2014-10-01 10:35 - 00000000 ____D () C:\Users\Dzipak\Desktop\GIPSY TYSON CD.25 2013 DJMARIO1
2014-09-28 15:16 - 2011-05-17 19:51 - 00000000 ____D () C:\Users\Dzipak\Desktop\Gipsy Tyson romske mp3
2014-09-28 15:11 - 2014-09-28 15:12 - 29767120 _____ () C:\Users\Dzipak\Downloads\GIPSY TYSON CD.25 2013 DJMARIO1.rar
2014-09-28 15:05 - 2014-09-28 15:12 - 45925725 _____ () C:\Users\Dzipak\Downloads\Gipsy-Tyson-romske-mp3.rar
2014-09-27 15:32 - 2014-09-27 15:32 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\WinRAR
2014-09-27 15:32 - 2014-07-19 18:05 - 00000000 ____D () C:\Users\Dzipak\Desktop\GIPSY AMAX 4-2014
2014-09-27 15:32 - 2014-02-28 08:22 - 00000000 ____D () C:\Users\Dzipak\Desktop\GIPSY AMAX 2014 DONCASTER
2014-09-27 15:02 - 2014-09-27 15:13 - 63706536 _____ () C:\Users\Dzipak\Downloads\GIPSY-AMAX-4-2014.rar
2014-09-27 14:57 - 2014-09-27 15:01 - 28591087 _____ () C:\Users\Dzipak\Downloads\GIPSY-AMAX-2014-DONCASTER.rar
2014-09-27 14:42 - 2014-09-27 14:42 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Apple Computer
2014-09-27 06:12 - 2014-10-08 21:14 - 00000003 _____ () C:\Users\Dzipak\stut
2014-09-27 06:11 - 2014-09-28 22:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\NVIDIA
2014-09-27 06:10 - 2014-10-07 12:44 - 00000000 _____ () C:\Users\Dzipak\rgut
2014-09-27 06:10 - 2014-09-27 06:10 - 00000000 __SHD () C:\Users\Dzipak\AppData\Local\EmieUserList
2014-09-27 06:10 - 2014-09-27 06:10 - 00000000 __SHD () C:\Users\Dzipak\AppData\Local\EmieSiteList
2014-09-27 06:09 - 2014-10-07 15:08 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Adobe
2014-09-27 06:09 - 2014-09-27 14:42 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Apple Computer
2014-09-27 06:09 - 2014-09-27 06:09 - 00001413 _____ () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-27 06:09 - 2014-09-27 06:09 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Razer
2014-09-27 06:09 - 2014-09-27 06:09 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\Google
2014-09-27 06:08 - 2014-10-08 21:25 - 00000000 ____D () C:\Users\Dzipak
2014-09-27 06:08 - 2014-10-08 21:22 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\NVIDIA Corporation
2014-09-27 06:08 - 2014-10-08 21:22 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\NVIDIA
2014-09-27 06:08 - 2014-09-28 21:13 - 00000000 ____D () C:\Users\Dzipak\AppData\Local\VirtualStore
2014-09-27 06:08 - 2014-09-27 06:08 - 00000020 ___SH () C:\Users\Dzipak\ntuser.ini
2014-09-27 06:08 - 2014-07-07 12:29 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Macromedia
2014-09-27 06:08 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-27 06:08 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-26 09:37 - 2014-09-26 09:37 - 00000687 _____ () C:\awhF2DB.tmp
2014-09-24 11:36 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 11:36 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 17:16 - 2014-09-23 18:02 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\Apple Computer
2014-09-23 17:16 - 2014-09-23 17:16 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-23 17:16 - 2014-09-23 17:16 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\Apple Computer
2014-09-23 17:16 - 2014-09-23 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-23 17:15 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-09-23 17:14 - 2014-09-23 17:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-23 17:14 - 2014-09-23 17:15 - 00000000 ____D () C:\Program Files\iTunes
2014-09-23 17:14 - 2014-09-23 17:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-23 17:14 - 2014-09-23 17:14 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-23 17:14 - 2014-09-23 17:14 - 00000000 ____D () C:\Program Files\iPod
2014-09-23 17:12 - 2014-09-23 17:14 - 111264592 _____ (Apple Inc.) C:\Users\DzukelDomka\Downloads\iTunesSetup.exe
2014-09-22 12:11 - 2014-09-22 12:11 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-22 12:11 - 2014-09-13 22:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-09-22 12:07 - 2014-09-17 06:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-22 12:07 - 2014-09-17 06:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-22 12:07 - 2014-09-14 01:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-22 12:07 - 2014-09-14 01:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-22 11:53 - 2014-09-04 21:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-22 11:53 - 2014-09-04 21:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-22 11:27 - 2014-09-22 11:27 - 00000687 _____ () C:\awh8C3F.tmp
2014-09-21 00:45 - 2014-09-21 00:45 - 00000687 _____ () C:\awhD8B4.tmp
2014-09-18 00:13 - 2014-09-18 00:13 - 00694938 _____ () C:\Users\DzukelDomka\Downloads\Fb_Emoji.apk
2014-09-16 03:55 - 2014-09-16 03:55 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prompt Downloader
2014-09-16 03:55 - 2014-09-16 03:55 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\Prompt Downloader
2014-09-16 03:47 - 2014-10-08 16:31 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\2990
2014-09-16 03:46 - 2014-10-02 10:13 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Roaming\vlc
2014-09-16 03:12 - 2014-09-16 03:18 - 00299024 _____ () C:\Users\DzukelDomka\Downloads\FLVPlayer_downloader-N6UvHWHWF.exe
2014-09-16 03:12 - 2014-09-16 03:12 - 00298984 _____ () C:\Users\DzukelDomka\Downloads\FLVPlayer_downloader-Na2mHHycP.exe
2014-09-16 02:27 - 2014-09-16 02:27 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-16 02:27 - 2014-09-16 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-16 02:27 - 2014-09-16 02:27 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-16 01:14 - 2014-09-16 01:14 - 14376291 _____ () C:\Users\DzukelDomka\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-09-16 01:13 - 2014-09-16 01:31 - 625216324 _____ () C:\Users\DzukelDomka\Desktop\Dědictví aneb KURVA se neříká.avi
2014-09-16 01:10 - 2014-09-16 01:11 - 00000000 ____D () C:\Program Files (x86)\Xvid
2014-09-16 01:10 - 2014-09-16 01:10 - 11340424 _____ (Xvid Team) C:\Users\DzukelDomka\Downloads\Xvid-1.3.3-20140407.exe
2014-09-16 01:10 - 2014-09-16 01:10 - 02209528 _____ () C:\Users\DzukelDomka\Downloads\VirtualDub-1.10.4-AMD64.zip
2014-09-16 01:10 - 2014-09-16 01:10 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\plugins64
2014-09-16 01:10 - 2014-09-16 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-09-16 01:10 - 2014-04-08 22:51 - 00706048 _____ () C:\Windows\system32\xvidcore.dll
2014-09-16 01:10 - 2014-04-08 22:51 - 00251392 _____ () C:\Windows\system32\xvidvfw.dll
2014-09-16 01:10 - 2014-04-08 22:51 - 00169984 _____ () C:\Windows\system32\xvid.ax
2014-09-16 01:10 - 2014-04-08 22:50 - 00632320 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-09-16 01:10 - 2014-04-08 22:50 - 00235520 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-09-16 01:10 - 2014-04-08 22:50 - 00147456 _____ () C:\Windows\SysWOW64\xvid.ax
2014-09-16 01:10 - 2013-10-27 17:01 - 00254669 _____ () C:\Users\DzukelDomka\Desktop\VirtualDub.chm
2014-09-16 01:10 - 2013-10-27 17:00 - 04261888 _____ () C:\Users\DzukelDomka\Desktop\Veedub64.exe
2014-09-16 01:10 - 2013-10-27 17:00 - 00332158 _____ () C:\Users\DzukelDomka\Desktop\Veedub64.vdi
2014-09-16 01:10 - 2013-10-27 16:59 - 00072704 _____ ( ) C:\Users\DzukelDomka\Desktop\vdremote64.dll
2014-09-16 01:10 - 2013-10-27 16:59 - 00057856 _____ ( ) C:\Users\DzukelDomka\Desktop\vdsvrlnk64.dll
2014-09-16 01:10 - 2013-10-27 16:59 - 00009728 _____ ( ) C:\Users\DzukelDomka\Desktop\vdub64.exe
2014-09-16 01:10 - 2013-10-27 16:59 - 00004096 _____ () C:\Users\DzukelDomka\Desktop\vdlaunch64.exe
2014-09-16 01:10 - 2013-10-27 16:21 - 00001296 _____ () C:\Users\DzukelDomka\Desktop\frameserver64.reg
2014-09-15 15:36 - 2014-09-15 15:36 - 00380619 _____ () C:\Users\DzukelDomka\Downloads\inventurni_tabulka_sk-1 (1).xlsx
2014-09-15 15:25 - 2014-09-15 15:25 - 00380322 _____ () C:\Users\DzukelDomka\Downloads\inventurni_tabulka_sk-1.xlsx
2014-09-12 15:32 - 2014-09-27 14:42 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\GIPSY MEKENZI 27-2014
2014-09-12 15:24 - 2013-12-15 14:37 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\GIPSY MEKENZI 26-2013
2014-09-12 15:22 - 2014-09-12 15:25 - 47021685 _____ () C:\Users\DzukelDomka\Downloads\GIPSY-MEKENZI-27-2014.rar
2014-09-12 15:21 - 2014-09-12 15:22 - 39119074 _____ () C:\Users\DzukelDomka\Downloads\GIPSY MEKENZI 26-2013 Radio-Lucka.rar
2014-09-12 03:17 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 03:17 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 03:17 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 03:17 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 03:17 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 03:17 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 03:17 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 03:17 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 03:17 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 03:17 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 03:17 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 03:17 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 03:17 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 03:17 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 03:17 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 03:17 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 03:17 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 03:17 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 03:17 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 03:17 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 03:17 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 03:17 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 03:17 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 03:17 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 03:17 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 03:17 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 03:17 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 03:17 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 03:17 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 03:17 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 03:17 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 03:17 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 03:17 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 03:17 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 03:17 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 03:17 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 03:17 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 03:17 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 03:17 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 03:17 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 03:17 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 03:17 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 03:17 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 03:17 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 03:17 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 03:17 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 03:17 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 03:17 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 03:17 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 03:17 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 03:17 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 03:17 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 03:17 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 03:17 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 03:17 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 03:17 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 03:04 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 03:04 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 03:00 - 2014-10-03 21:28 - 00001364 _____ () C:\Users\DzukelDomka\Desktop\Norton Installation Files.lnk
2014-09-12 03:00 - 2014-09-12 03:00 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-09-11 06:46 - 2014-09-11 07:49 - 1013174272 _____ () C:\Users\DzukelDomka\Downloads\Dědictví aneb KURVA se neříká.avi
2014-09-11 06:40 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 06:40 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 06:40 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 06:40 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 06:39 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 06:39 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 06:39 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 06:39 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 06:39 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 22:00 - 2014-07-07 08:46 - 01125240 _____ () C:\Windows\WindowsUpdate.log
2014-10-08 21:58 - 2014-07-07 12:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-08 21:58 - 2014-07-07 12:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-08 21:58 - 2014-07-07 12:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-08 21:58 - 2014-07-07 12:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-08 21:50 - 2014-07-07 09:45 - 00001336 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-08 21:49 - 2014-07-07 09:44 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-08 21:30 - 2014-08-24 06:56 - 00000000 __HDC () C:\ProgramData\~0
2014-10-08 21:27 - 2014-08-24 06:56 - 00000000 ____D () C:\ProgramData\Norton
2014-10-08 21:18 - 2009-07-14 06:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-08 21:18 - 2009-07-14 06:45 - 00023344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-08 21:12 - 2014-07-07 09:44 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-08 21:11 - 2014-07-07 10:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-08 21:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-08 21:11 - 2009-07-14 06:51 - 00087740 _____ () C:\Windows\setupact.log
2014-10-08 21:10 - 2014-07-07 09:53 - 00878662 _____ () C:\Windows\PFRO.log
2014-10-08 21:09 - 2014-07-07 12:17 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 21:09 - 2014-07-07 12:17 - 00001049 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-08 21:09 - 2014-07-07 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-08 20:27 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-08 20:21 - 2009-07-14 04:34 - 00000252 _____ () C:\Windows\system.ini
2014-10-08 20:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-08 20:19 - 2009-07-14 04:34 - 71565312 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-10-08 20:19 - 2009-07-14 04:34 - 21495808 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-10-08 20:19 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-10-08 20:19 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-10-08 20:19 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-10-08 19:48 - 2014-07-22 22:43 - 00000952 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job
2014-10-08 16:31 - 2014-07-07 09:48 - 00000000 ____D () C:\Program Files (x86)\Windows 7 ultimate - aktivace - 100% funkn
2014-10-08 16:31 - 2009-07-14 04:34 - 00000518 _____ () C:\Windows\win.ini
2014-10-08 13:36 - 2014-07-24 15:59 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-08 11:58 - 2014-08-11 14:38 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\Shindy - 2013 NWA 2.0
2014-10-08 11:55 - 2014-08-11 14:31 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\Bushido - 2014 Sonny Black (+Bonusové Tracky z Box-setu)
2014-10-07 22:48 - 2014-07-22 22:43 - 00000930 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job
2014-10-07 12:40 - 2014-07-07 12:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-07 02:12 - 2014-07-07 10:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-07 02:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-07 01:42 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-07 01:05 - 2014-07-07 09:40 - 00000000 ____D () C:\Users\DzukelDomka
2014-10-06 15:14 - 2014-07-24 15:59 - 00000000 ____D () C:\Users\DzukelDomka\AppData\Local\Battle.net
2014-09-28 22:16 - 2014-07-07 11:27 - 00000330 _____ () C:\Users\DzukelDomka\rgut
2014-09-28 21:25 - 2009-07-14 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-28 17:21 - 2014-08-31 16:13 - 00000384 _____ () C:\Windows\ODBC.INI
2014-09-27 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 15:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-26 16:36 - 2009-07-14 07:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-25 03:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-09-25 03:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-23 10:53 - 2014-07-24 16:08 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-22 12:11 - 2014-07-07 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-22 12:11 - 2014-07-07 10:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-22 11:54 - 2014-07-07 10:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-21 14:54 - 2014-08-19 19:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 06:51 - 2014-07-07 10:22 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-17 04:13 - 2014-07-23 19:12 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-09-17 04:13 - 2014-07-07 11:56 - 02193560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-17 04:12 - 2014-07-23 19:12 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-09-17 04:12 - 2014-07-07 11:56 - 02799784 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-16 03:45 - 2014-07-07 09:40 - 00001617 _____ () C:\Users\DzukelDomka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-15 15:38 - 2014-08-22 19:42 - 00000000 ____D () C:\Users\DzukelDomka\Desktop\lol
2014-09-15 09:06 - 2014-07-07 09:02 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 01:48 - 2014-08-03 12:02 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-14 01:48 - 2014-07-07 10:33 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-09-14 01:48 - 2014-07-07 10:33 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 00984424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-14 01:48 - 2014-07-07 10:22 - 00026956 _____ () C:\Windows\system32\nvinfo.pb
2014-09-13 23:53 - 2014-07-07 10:33 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-13 23:53 - 2014-07-07 10:33 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-13 23:53 - 2014-07-07 10:33 - 02557640 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-09-13 23:53 - 2014-07-07 10:33 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-13 23:53 - 2014-07-07 10:33 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-13 23:53 - 2014-07-07 10:33 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-12 03:13 - 2014-07-07 10:31 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 17:37 - 2014-07-07 10:33 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-11 06:29 - 2014-07-07 09:44 - 00088304 _____ () C:\Users\DzukelDomka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-11 06:28 - 2009-07-14 06:45 - 00354592 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Dzipak\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih(1).exe
C:\Users\Dzipak\AppData\Local\Temp\proxy_vole4286556943163261073.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 09:57




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:390.63 GB) (Free:24.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:540.88 GB) (Free:61.86 GB) NTFS

Available physical RAM: 2731.45 MB
Total physical RAM: 4077.25 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7D807D80)
Partition 1: (Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=540.9 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Dzipak\Desktop" je 333 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x1
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe"="C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe:*:Enabled:ipsec"
"C:\\Users\\Dzipak\\AppData\\Roaming\\Seznam.cz\\bin\\szndesktop.exe"="C:\\Users\\Dzipak\\AppData\\Roaming\\Seznam.cz\\bin\\szndesktop.exe:*:Enabled:ipsec"
"C:\\Users\\Dzipak\\Desktop\\adwcleaner_3.311.exe"="C:\\Users\\Dzipak\\Desktop\\adwcleaner_3.311.exe:*:Enabled:ipsec"
"C:\\Program Files (x86)\\Renesas Electronics\\USB 3.0 Host Controller Driver\\Application\\nusb3mon.exe"="C:\\Program Files (x86)\\Renesas Electronics\\USB 3.0 Host Controller Driver\\Application\\nusb3mon.exe:*:Enabled:ipsec"
"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe"="C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe:*:Enabled:ipsec"
"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe"="C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Virus 100% vyuz. processora

#12 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:

HKLM-x32\...\Run: [mncrnrmSrv] => C:\Windows\inf\mncrnrm.vbe [1338 2014-01-13] ()
HKLM-x32\...\Run: [mncqtveySrv] => C:\Windows\SysWOW64\mncqtvey.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [mncnaqaSrv] => C:\Windows\SysWOW64\mncnaqa.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
AlternateShell:

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x69D0DF2EC0E1CF01

S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [X]

C:\Program Files (x86)\YTDownloader
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Windows\inf\mncrnrm.vbe
C:\Windows\SysWOW64\mncnaqa.vbe
C:\Windows\SysWOW64\mncqtvey.vbe
2014-10-08 21:59 - 2014-10-08 21:59 - 00652800 _____ () C:\Users\Dzipak\Downloads\MicrosoftFixit50362.msi
2014-10-08 21:58 - 2014-10-08 21:59 - 00347816 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\MicrosoftFixit.wu.LB.128336229114357388.1.1.Run.exe
2014-10-08 21:56 - 2014-10-08 21:56 - 01055936 _____ (Adobe) C:\Users\Dzipak\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe
2014-10-08 21:52 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-08 21:34 - 2014-10-08 21:34 - 06139760 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\WindowsUpdateAgent30-x86.exe
2014-10-08 21:33 - 2014-10-08 21:33 - 00347816 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\MicrosoftFixit.wu.LB.223336227610340612.1.1.Run.exe
2014-10-08 21:07 - 2014-10-08 21:09 - 00000000 ____D () C:\AdwCleaner
2014-10-08 21:07 - 2014-10-08 21:07 - 01375089 _____ () C:\Users\Dzipak\Desktop\adwcleaner_3.311.exe
2014-10-08 21:06 - 2014-10-08 21:07 - 01375089 _____ () C:\Users\Dzipak\Downloads\adwcleaner_3.311.exe
2014-10-08 20:27 - 2014-10-08 20:27 - 00034445 _____ () C:\Users\Dzipak\Desktop\COMBOFIX.txt
2014-10-08 20:27 - 2014-10-08 20:27 - 00034445 _____ () C:\ComboFix.txt
2014-10-08 20:22 - 2014-10-08 20:22 - 00103140 __RSH () C:\yumiy.pif
2014-10-08 20:09 - 2014-10-08 22:02 - 00000000 ____D () C:\Windows\erdnt
2014-10-08 20:09 - 2014-10-08 20:27 - 00000000 ____D () C:\ComboFix
2014-10-08 20:06 - 2014-10-08 20:07 - 05582481 _____ (Swearware) C:\Users\Dzipak\Downloads\ComboFix.exe
2014-10-08 20:04 - 2014-10-08 20:05 - 04394999 _____ (Swearware) C:\Users\Dzipak\Desktop\Nepotvrdené 5531.crdownload
2014-10-08 19:50 - 2014-10-08 19:57 - 00002338 _____ () C:\Users\Dzipak\Desktop\Rkill.txt
2014-10-08 19:50 - 2014-10-08 19:50 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Desktop\rkill64.com
2014-10-08 19:49 - 2014-10-08 19:49 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Downloads\rkill.com
2014-10-08 19:49 - 2014-10-08 19:49 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Desktop\rkill.com
2014-10-08 17:20 - 2014-10-08 17:20 - 00007606 _____ () C:\Users\Dzipak\AppData\Local\Resmon.ResmonCfg
2014-10-08 16:58 - 2014-10-08 16:58 - 00006612 _____ () C:\Users\Dzipak\Desktop\Addition.rar
2014-10-08 16:55 - 2014-10-08 16:56 - 00000000 ____D () C:\rsit
2014-10-08 16:55 - 2014-10-08 16:55 - 00832273 _____ () C:\Users\Dzipak\Downloads\RSITx64.exe
2014-10-08 16:55 - 2014-10-08 16:55 - 00832273 _____ () C:\Users\Dzipak\Desktop\RSITx64.exe
2014-10-08 16:55 - 2014-10-08 16:55 - 00000000 ____D () C:\Program Files\trend micro
2014-10-08 16:46 - 2014-10-08 22:04 - 00013172 _____ () C:\Users\Dzipak\Desktop\FRST.txt
2014-10-07 20:20 - 2014-10-07 20:21 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (14).exe
2014-10-07 20:12 - 2014-10-07 20:14 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (13).exe
2014-10-07 19:56 - 2014-10-07 19:56 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (12).exe
2014-10-07 19:52 - 2014-10-07 19:52 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (11).exe
2014-10-07 19:49 - 2014-10-07 19:50 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (10).exe
2014-10-07 19:44 - 2014-10-07 19:44 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (9).exe
2014-10-07 19:41 - 2014-10-07 19:41 - 00480168 _____ () C:\Users\Dzipak\Downloads\FLVPlayer-Chrome (1).exe
2014-10-07 19:39 - 2014-10-07 19:40 - 00471976 _____ () C:\Users\Dzipak\Downloads\FLVPlayer-Chrome.exe
2014-10-07 19:39 - 2014-10-07 19:39 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (8).exe
2014-10-07 19:37 - 2014-10-07 19:37 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (7).exe
2014-10-07 18:55 - 2014-10-07 18:55 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (6).exe
2014-10-07 18:55 - 2014-10-07 18:55 - 00118149 _____ () C:\Users\Dzipak\Desktop\wmpChrome.crx
2014-10-07 18:26 - 2014-10-07 18:26 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (5).exe
2014-10-07 18:17 - 2014-10-07 18:17 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (4).exe
2014-10-07 17:07 - 2014-10-07 17:07 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (3).exe
2014-10-07 16:13 - 2014-10-07 16:13 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (2).exe
2014-10-07 15:57 - 2014-10-07 15:57 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (1).exe
2014-10-07 15:40 - 2014-10-07 15:41 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh.exe
2014-10-07 12:47 - 2014-10-07 12:47 - 00000687 _____ () C:\awhC1D8.tmp
2014-10-07 09:29 - 2014-10-07 09:29 - 00000687 _____ () C:\awh3600.tmp
2014-10-07 02:45 - 2014-10-08 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-07 02:45 - 2014-10-07 02:45 - 00002137 _____ () C:\Users\DzukelDomka\Desktop\AppsHat.lnk
2014-10-07 02:45 - 2014-10-07 02:45 - 00002117 _____ () C:\Users\Dzipak\Desktop\AppsHat.lnk
2014-10-07 02:45 - 2014-10-07 02:45 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-07 02:12 - 2013-07-14 09:58 - 00058264 ____N (Exent Technologies Ltd.) C:\Windows\ExentInfo.exe
2014-10-07 02:11 - 2014-10-07 02:11 - 00001342 _____ () C:\Users\Dzipak\Desktop\Continue JewelQuest.lnk
2014-10-07 02:06 - 2014-10-07 02:06 - 00003586 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-10-07 02:06 - 2014-10-07 02:06 - 00001949 _____ () C:\Users\Dzipak\Desktop\YTDownloader.lnk
2014-10-07 02:04 - 2014-10-07 02:04 - 00307192 _____ () C:\Users\Dzipak\Downloads\FLVPlayer_downloader-Nfj0Lh7XF.exe
2014-09-28 20:41 - 2014-09-28 20:41 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

Task: {479C0101-D045-46E4-A49B-3A07527FAA53} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {AD964B29-9893-423B-A981-AA861536C23D} - System32\Tasks\Open Chrome => Chrome.exe --new-window http://toolbar.avg.com/almost-done?pid= ... rowser=all
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe

REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Users\\Dzipak\\AppData\\Roaming\\Seznam.cz\\bin\\szndesktop.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Users\\Dzipak\\Desktop\\adwcleaner_3.311.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\Renesas Electronics\\USB 3.0 Host Controller Driver\\Application\\nusb3mon.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe" /f

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
DZIPAK
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 08 říj 2014 15:35

Re: Virus 100% vyuz. processora

#13 Příspěvek od DZIPAK »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by Dzipak at 2014-10-08 22:56:05 Run:1
Running from C:\Users\Dzipak\Desktop
Loaded Profile: Dzipak (Available profiles: DzukelDomka & Dzipak)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [mncrnrmSrv] => C:\Windows\inf\mncrnrm.vbe [1338 2014-01-13] ()
HKLM-x32\...\Run: [mncqtveySrv] => C:\Windows\SysWOW64\mncqtvey.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [mncnaqaSrv] => C:\Windows\SysWOW64\mncnaqa.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
HKU\S-1-5-18\...\Run: [Exetender] => "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
AlternateShell:

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x69D0DF2EC0E1CF01

S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 X5XSEx_Pr143; \??\C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys [X]

C:\Program Files (x86)\YTDownloader
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Windows\inf\mncrnrm.vbe
C:\Windows\SysWOW64\mncnaqa.vbe
C:\Windows\SysWOW64\mncqtvey.vbe
2014-10-08 21:59 - 2014-10-08 21:59 - 00652800 _____ () C:\Users\Dzipak\Downloads\MicrosoftFixit50362.msi
2014-10-08 21:58 - 2014-10-08 21:59 - 00347816 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\MicrosoftFixit.wu.LB.128336229114357388.1.1.Run.exe
2014-10-08 21:56 - 2014-10-08 21:56 - 01055936 _____ (Adobe) C:\Users\Dzipak\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe
2014-10-08 21:52 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-08 21:34 - 2014-10-08 21:34 - 06139760 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\WindowsUpdateAgent30-x86.exe
2014-10-08 21:33 - 2014-10-08 21:33 - 00347816 _____ (Microsoft Corporation) C:\Users\Dzipak\Downloads\MicrosoftFixit.wu.LB.223336227610340612.1.1.Run.exe
2014-10-08 21:07 - 2014-10-08 21:09 - 00000000 ____D () C:\AdwCleaner
2014-10-08 21:07 - 2014-10-08 21:07 - 01375089 _____ () C:\Users\Dzipak\Desktop\adwcleaner_3.311.exe
2014-10-08 21:06 - 2014-10-08 21:07 - 01375089 _____ () C:\Users\Dzipak\Downloads\adwcleaner_3.311.exe
2014-10-08 20:27 - 2014-10-08 20:27 - 00034445 _____ () C:\Users\Dzipak\Desktop\COMBOFIX.txt
2014-10-08 20:27 - 2014-10-08 20:27 - 00034445 _____ () C:\ComboFix.txt
2014-10-08 20:22 - 2014-10-08 20:22 - 00103140 __RSH () C:\yumiy.pif
2014-10-08 20:09 - 2014-10-08 22:02 - 00000000 ____D () C:\Windows\erdnt
2014-10-08 20:09 - 2014-10-08 20:27 - 00000000 ____D () C:\ComboFix
2014-10-08 20:06 - 2014-10-08 20:07 - 05582481 _____ (Swearware) C:\Users\Dzipak\Downloads\ComboFix.exe
2014-10-08 20:04 - 2014-10-08 20:05 - 04394999 _____ (Swearware) C:\Users\Dzipak\Desktop\Nepotvrdené 5531.crdownload
2014-10-08 19:50 - 2014-10-08 19:57 - 00002338 _____ () C:\Users\Dzipak\Desktop\Rkill.txt
2014-10-08 19:50 - 2014-10-08 19:50 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Desktop\rkill64.com
2014-10-08 19:49 - 2014-10-08 19:49 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Downloads\rkill.com
2014-10-08 19:49 - 2014-10-08 19:49 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Dzipak\Desktop\rkill.com
2014-10-08 17:20 - 2014-10-08 17:20 - 00007606 _____ () C:\Users\Dzipak\AppData\Local\Resmon.ResmonCfg
2014-10-08 16:58 - 2014-10-08 16:58 - 00006612 _____ () C:\Users\Dzipak\Desktop\Addition.rar
2014-10-08 16:55 - 2014-10-08 16:56 - 00000000 ____D () C:\rsit
2014-10-08 16:55 - 2014-10-08 16:55 - 00832273 _____ () C:\Users\Dzipak\Downloads\RSITx64.exe
2014-10-08 16:55 - 2014-10-08 16:55 - 00832273 _____ () C:\Users\Dzipak\Desktop\RSITx64.exe
2014-10-08 16:55 - 2014-10-08 16:55 - 00000000 ____D () C:\Program Files\trend micro
2014-10-08 16:46 - 2014-10-08 22:04 - 00013172 _____ () C:\Users\Dzipak\Desktop\FRST.txt
2014-10-07 20:20 - 2014-10-07 20:21 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (14).exe
2014-10-07 20:12 - 2014-10-07 20:14 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (13).exe
2014-10-07 19:56 - 2014-10-07 19:56 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (12).exe
2014-10-07 19:52 - 2014-10-07 19:52 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (11).exe
2014-10-07 19:49 - 2014-10-07 19:50 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (10).exe
2014-10-07 19:44 - 2014-10-07 19:44 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (9).exe
2014-10-07 19:41 - 2014-10-07 19:41 - 00480168 _____ () C:\Users\Dzipak\Downloads\FLVPlayer-Chrome (1).exe
2014-10-07 19:39 - 2014-10-07 19:40 - 00471976 _____ () C:\Users\Dzipak\Downloads\FLVPlayer-Chrome.exe
2014-10-07 19:39 - 2014-10-07 19:39 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (8).exe
2014-10-07 19:37 - 2014-10-07 19:37 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (7).exe
2014-10-07 18:55 - 2014-10-07 18:55 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (6).exe
2014-10-07 18:55 - 2014-10-07 18:55 - 00118149 _____ () C:\Users\Dzipak\Desktop\wmpChrome.crx
2014-10-07 18:26 - 2014-10-07 18:26 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (5).exe
2014-10-07 18:17 - 2014-10-07 18:17 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (4).exe
2014-10-07 17:07 - 2014-10-07 17:07 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (3).exe
2014-10-07 16:13 - 2014-10-07 16:13 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (2).exe
2014-10-07 15:57 - 2014-10-07 15:57 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (1).exe
2014-10-07 15:40 - 2014-10-07 15:41 - 00896584 _____ (Elex do Brasil Participações Ltda) C:\Users\Dzipak\Downloads\yet_another_cleaner_reh.exe
2014-10-07 12:47 - 2014-10-07 12:47 - 00000687 _____ () C:\awhC1D8.tmp
2014-10-07 09:29 - 2014-10-07 09:29 - 00000687 _____ () C:\awh3600.tmp
2014-10-07 02:45 - 2014-10-08 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-07 02:45 - 2014-10-07 02:45 - 00002137 _____ () C:\Users\DzukelDomka\Desktop\AppsHat.lnk
2014-10-07 02:45 - 2014-10-07 02:45 - 00002117 _____ () C:\Users\Dzipak\Desktop\AppsHat.lnk
2014-10-07 02:45 - 2014-10-07 02:45 - 00000000 ____D () C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-10-07 02:12 - 2013-07-14 09:58 - 00058264 ____N (Exent Technologies Ltd.) C:\Windows\ExentInfo.exe
2014-10-07 02:11 - 2014-10-07 02:11 - 00001342 _____ () C:\Users\Dzipak\Desktop\Continue JewelQuest.lnk
2014-10-07 02:06 - 2014-10-07 02:06 - 00003586 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-10-07 02:06 - 2014-10-07 02:06 - 00001949 _____ () C:\Users\Dzipak\Desktop\YTDownloader.lnk
2014-10-07 02:04 - 2014-10-07 02:04 - 00307192 _____ () C:\Users\Dzipak\Downloads\FLVPlayer_downloader-Nfj0Lh7XF.exe
2014-09-28 20:41 - 2014-09-28 20:41 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

Task: {479C0101-D045-46E4-A49B-3A07527FAA53} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {AD964B29-9893-423B-A981-AA861536C23D} - System32\Tasks\Open Chrome => Chrome.exe --new-window http://toolbar.avg.com/almost-done?pid= ... rowser=all
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job => C:\Users\DzukelDomka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe

REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Users\\Dzipak\\AppData\\Roaming\\Seznam.cz\\bin\\szndesktop.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Users\\Dzipak\\Desktop\\adwcleaner_3.311.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\Renesas Electronics\\USB 3.0 Host Controller Driver\\Application\\nusb3mon.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncrnrmSrv => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncqtveySrv => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncnaqaSrv => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => value deleted successfully.
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\Software\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => value deleted successfully.
HKU\S-1-5-21-714635507-2199221034-3097845752-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender => value deleted successfully.
AlternateShell: => Error: No automatic fix found for this entry.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
vToolbarUpdater18.1.9 => Service deleted successfully.
catchme => Service deleted successfully.
MBAMSwissArmy => Service stopped successfully.
MBAMSwissArmy => Service deleted successfully.
X5XSEx_Pr143 => Service deleted successfully.
"C:\Program Files (x86)\YTDownloader" => File/Directory not found.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
C:\Windows\inf\mncrnrm.vbe => Moved successfully.
C:\Windows\SysWOW64\mncnaqa.vbe => Moved successfully.
C:\Windows\SysWOW64\mncqtvey.vbe => Moved successfully.
C:\Users\Dzipak\Downloads\MicrosoftFixit50362.msi => Moved successfully.
C:\Users\Dzipak\Downloads\MicrosoftFixit.wu.LB.128336229114357388.1.1.Run.exe => Moved successfully.
C:\Users\Dzipak\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe => Moved successfully.
C:\Windows\system32\MRT.exe => Moved successfully.
C:\Users\Dzipak\Downloads\WindowsUpdateAgent30-x86.exe => Moved successfully.
C:\Users\Dzipak\Downloads\MicrosoftFixit.wu.LB.223336227610340612.1.1.Run.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Dzipak\Desktop\adwcleaner_3.311.exe => Moved successfully.
C:\Users\Dzipak\Downloads\adwcleaner_3.311.exe => Moved successfully.
C:\Users\Dzipak\Desktop\COMBOFIX.txt => Moved successfully.
C:\ComboFix.txt => Moved successfully.
C:\yumiy.pif => Moved successfully.
C:\Windows\erdnt => Moved successfully.
C:\ComboFix => Moved successfully.
C:\Users\Dzipak\Downloads\ComboFix.exe => Moved successfully.
"C:\Users\Dzipak\Desktop\Nepotvrdené 5531.crdownload" => File/Directory not found.
C:\Users\Dzipak\Desktop\Rkill.txt => Moved successfully.
C:\Users\Dzipak\Desktop\rkill64.com => Moved successfully.
C:\Users\Dzipak\Downloads\rkill.com => Moved successfully.
C:\Users\Dzipak\Desktop\rkill.com => Moved successfully.
C:\Users\Dzipak\AppData\Local\Resmon.ResmonCfg => Moved successfully.
C:\Users\Dzipak\Desktop\Addition.rar => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Dzipak\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Dzipak\Desktop\RSITx64.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
"C:\Users\Dzipak\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (14).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (13).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (12).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (11).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (10).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (9).exe => Moved successfully.
C:\Users\Dzipak\Downloads\FLVPlayer-Chrome (1).exe => Moved successfully.
C:\Users\Dzipak\Downloads\FLVPlayer-Chrome.exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (8).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (7).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (6).exe => Moved successfully.
"C:\Users\Dzipak\Desktop\wmpChrome.crx" => File/Directory not found.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (5).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (4).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (3).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (2).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh (1).exe => Moved successfully.
C:\Users\Dzipak\Downloads\yet_another_cleaner_reh.exe => Moved successfully.
C:\awhC1D8.tmp => Moved successfully.
C:\awh3600.tmp => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat => Moved successfully.
C:\Users\DzukelDomka\Desktop\AppsHat.lnk => Moved successfully.
"C:\Users\Dzipak\Desktop\AppsHat.lnk" => File/Directory not found.
"C:\Users\Dzipak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat" => File/Directory not found.
C:\Windows\ExentInfo.exe => Moved successfully.
"C:\Users\Dzipak\Desktop\Continue JewelQuest.lnk" => File/Directory not found.
C:\Windows\System32\Tasks\YTDownloaderUpd => Moved successfully.
"C:\Users\Dzipak\Desktop\YTDownloader.lnk" => File/Directory not found.
C:\Users\Dzipak\Downloads\FLVPlayer_downloader-Nfj0Lh7XF.exe => Moved successfully.
C:\Windows\system32\Drivers\avgtpx64.sys => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{479C0101-D045-46E4-A49B-3A07527FAA53}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{479C0101-D045-46E4-A49B-3A07527FAA53}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTDownloaderUpd not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD964B29-9893-423B-A981-AA861536C23D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD964B29-9893-423B-A981-AA861536C23D}" => Key deleted successfully.
C:\Windows\System32\Tasks\Open Chrome => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Open Chrome" => Key deleted successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714635507-2199221034-3097845752-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Open Chrome.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Users\\Dzipak\\AppData\\Roaming\\Seznam.cz\\bin\\szndesktop.exe" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Users\\Dzipak\\Desktop\\adwcleaner_3.311.exe" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\Renesas Electronics\\USB 3.0 Host Controller Driver\\Application\\nusb3mon.exe" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 680.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Virus 100% vyuz. processora

#14 Příspěvek od vyosek »

Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“