Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola logu Rsit

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola logu Rsit

#16 Příspěvek od Márty84 »

Vsechny nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej se zaridime dale.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#17 Příspěvek od PredyP »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.12.2014
Čas skenování: 11:47:31
Protokol: log.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.26.06
Databáze rootkitů: v2014.12.23.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 632814
Uplynulý čas: 1 hod, 43 min, 46 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 1
Trojan.Agent.CK, C:\$Recycle.Bin\S-1-5-21-3916526061-3565650022-3371009464-1001\$RW0YJXQ.rar, , [8de1d295dca0d0662986d4db3ac817e9],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola logu Rsit

#18 Příspěvek od Márty84 »

Nalez hodte do karanteny.


:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#19 Příspěvek od PredyP »

Tak to zůstane a nic to nedělá
Mám combofix spustit v nouzovém režimu?
Přílohy
Bez názvu.jpg
Bez názvu.jpg (58.64 KiB) Zobrazeno 2478 x
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola logu Rsit

#20 Příspěvek od Márty84 »

PredyP píše:Mám combofix spustit v nouzovém režimu?
Ano :thumbsup:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#21 Příspěvek od PredyP »

ComboFix 14-12-25.01 - Petr 26.12.2014 22:42:36.1.2 - x64 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8191.7324 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: COMODO Firewall *Enabled* {C8870897-C358-086B-2944-184866CC6D0A}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Comodo Defense+ *Disabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Petr\AppData\Roaming\inst.exe
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-26 do 2014-12-26 )))))))))))))))))))))))))))))))
.
.
2014-12-25 10:40 . 2014-12-25 10:40 -------- d-----w- c:\programdata\Shared Space
2014-12-25 10:39 . 2014-12-25 10:39 -------- d-----w- c:\programdata\Comodo Downloader
2014-12-25 10:38 . 2014-12-25 10:41 -------- d-----w- c:\programdata\Comodo
2014-12-24 19:33 . 2014-12-26 20:01 -------- d-----r- c:\users\Public
2014-12-24 19:23 . 2014-12-24 19:23 -------- d-----w- c:\programdata\ATI
2014-12-24 11:59 . 2014-12-24 11:59 -------- d-----w- c:\program files (x86)\AMD
2014-12-24 11:58 . 2014-12-24 11:59 -------- d-----w- c:\programdata\Package Cache
2014-12-24 11:57 . 2014-12-24 19:29 -------- d-----w- c:\program files\AMD
2014-12-24 11:50 . 2014-12-24 11:50 -------- d-----w- c:\users\Petr\AMD-Catalyst-Omega-14.12-With-DOTNet45-Win7-32bit
2014-12-23 19:06 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D360C70-5B21-49C3-A531-1493463E8B3C}\mpengine.dll
2014-12-23 18:23 . 2014-12-23 18:23 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-23 17:30 . 2014-12-23 17:30 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-12-23 17:30 . 2014-12-23 17:30 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-12-18 12:26 . 2014-12-18 12:26 -------- d-----w- c:\program files\Defraggler
2014-12-18 08:34 . 2014-12-18 08:34 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 08:34 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-10 06:51 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 06:51 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 06:47 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 06:47 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-08 23:20 . 2014-12-08 23:20 792648 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2014-12-08 23:20 . 2014-12-08 23:20 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2014-12-08 23:20 . 2014-12-08 23:20 20184 ----a-w- c:\windows\system32\drivers\cmderd.sys
2014-12-08 23:20 . 2014-12-08 23:20 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2014-12-08 23:20 . 2014-12-08 23:20 437792 ----a-w- c:\windows\system32\guard64.dll
2014-12-08 23:20 . 2014-12-08 23:20 40736 ----a-w- c:\windows\system32\cmdcsr.dll
2014-12-08 23:20 . 2014-12-08 23:20 352272 ----a-w- c:\windows\SysWow64\guard32.dll
2014-12-08 23:20 . 2014-12-08 23:20 354520 ----a-w- c:\windows\system32\cmdvrt64.dll
2014-12-08 23:20 . 2014-12-08 23:20 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2014-12-08 23:20 . 2014-12-08 23:20 286424 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2014-12-08 23:20 . 2014-12-08 23:20 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2014-12-03 15:17 . 2014-12-03 15:17 -------- d-----w- c:\users\Petr\AppData\Local\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-23 18:22 . 2011-03-23 23:53 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-23 18:21 . 2013-12-27 14:56 3293136 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-23 18:21 . 2013-12-27 14:57 18594432 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-12-23 18:21 . 2013-12-27 21:47 17264312 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-12-23 18:21 . 2013-10-27 08:12 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-23 17:30 . 2013-12-27 21:47 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-12-23 08:39 . 2013-12-27 19:54 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-23 08:39 . 2013-12-27 19:54 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-18 09:02 . 2013-06-20 09:42 140456 ----a-w- c:\windows\SysWow64\MicrosoftUpdateCatalogWebControl.dll
2014-12-16 08:21 . 2013-12-27 15:17 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 08:03 . 2011-03-23 23:53 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2011-03-23 23:52 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2011-03-23 23:53 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2011-03-23 23:53 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 08:03 . 2011-03-23 23:53 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-13 00:12 . 2014-06-04 21:19 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-12-13 00:12 . 2013-12-27 21:50 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:12 . 2014-06-04 21:19 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-12-13 00:12 . 2013-12-27 21:50 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-12-12 23:11 . 2013-12-27 16:40 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2014-12-10 06:53 . 2013-12-27 15:20 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-22 07:43 . 2013-12-27 18:22 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-13 00:20 . 2014-11-20 17:17 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-11-20 17:17 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-12 17:42 . 2014-11-12 17:42 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-12 17:42 . 2014-04-20 07:29 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-12 17:42 . 2013-12-27 18:22 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-12 17:42 . 2013-12-27 18:22 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-12 17:42 . 2013-12-27 18:22 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-12 17:42 . 2013-12-27 18:22 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-12 17:42 . 2013-12-27 18:22 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-12 17:42 . 2014-11-12 17:42 43152 ----a-w- c:\windows\avastSS.scr
2014-11-12 17:42 . 2013-12-27 18:22 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-11 03:08 . 2014-11-19 16:17 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 16:17 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 16:17 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 16:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-04 00:04 . 2014-11-10 20:27 1876296 ----a-w- c:\windows\system32\nvdispco6434465.dll
2014-11-04 00:04 . 2014-11-10 20:27 1539272 ----a-w- c:\windows\system32\nvdispgenco6434465.dll
2014-10-30 04:53 . 2014-11-06 15:22 1876296 ----a-w- c:\windows\system32\nvdispco6434460.dll
2014-10-30 04:53 . 2014-11-06 15:22 1539272 ----a-w- c:\windows\system32\nvdispgenco6434460.dll
2014-10-30 02:03 . 2014-12-10 06:49 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-12 16:39 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 16:39 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 16:36 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 16:36 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-16 16:54 . 2014-10-25 08:17 1876296 ----a-w- c:\windows\system32\nvdispco6434448.dll
2014-10-16 16:54 . 2014-10-25 08:17 1539272 ----a-w- c:\windows\system32\nvdispgenco6434448.dll
2014-10-15 17:16 . 2014-09-10 17:43 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-10-15 17:16 . 2014-09-10 17:43 320936 ----a-w- c:\windows\system32\javaws.exe
2014-10-15 17:16 . 2014-09-10 17:43 191400 ----a-w- c:\windows\system32\javaw.exe
2014-10-15 17:16 . 2014-09-10 17:43 190888 ----a-w- c:\windows\system32\java.exe
2014-10-14 02:16 . 2014-11-12 16:39 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 16:39 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 16:38 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 16:39 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 16:39 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 16:39 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 16:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 16:38 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 16:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 16:39 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 16:39 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 16:39 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 02:12 . 2014-11-12 16:40 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-12 16:40 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-12 16:40 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-12 16:40 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-12 16:40 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-12 16:40 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-12 16:40 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-12 16:40 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-23 7394584]
"ConMet"="c:\program files (x86)\ConMet\ConMet.exe" [2013-12-27 4483584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-06-24 5199984]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-12 5227112]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-12-24 767176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files (x86)\APC\APC PowerChute Personal Edition\Display.exe [2014-8-14 221295]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-12-6 565464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
R2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;g:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;g:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;f:\ntiolib_x64.sys;f:\NTIOLib_X64.sys [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-09 19:08 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-12 17:42 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-23 2531472]
"COMODO Internet Security"="g:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-12-08 1297112]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.2
TCP: Interfaces\{E1DD0153-82AA-485F-A002-2D35ADD074BB}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\8b3usp8o.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3916526061-3565650022-3371009464-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3916526061-3565650022-3371009464-1001)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3916526061-3565650022-3371009464-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-3916526061-3565650022-3371009464-1001)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2014-12-26 22:48:29
ComboFix-quarantined-files.txt 2014-12-26 21:48
.
Před spuštěním: Volných bajtů: 23 951 966 208
Po spuštění: Volných bajtů: 23 819 554 816
.
- - End Of File - - 403CF1031674BF254BEEC1EF6E932047
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola logu Rsit

#22 Příspěvek od Márty84 »

:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=-
"ConMet"=-

RegLock::
[HKEY_USERS\S-1-5-21-3916526061-3565650022-3371009464-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-3916526061-3565650022-3371009464-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
!SASCORE

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#23 Příspěvek od PredyP »

zase se to kousne a stojí
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#24 Příspěvek od PredyP »

Znovu to jinak nešlo jen v nouzovém režimu.

ComboFix 14-12-25.01 - Petr 26.12.2014 23:49:09.2.2 - x64 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8191.6918 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: COMODO Firewall *Enabled* {C8870897-C358-086B-2944-184866CC6D0A}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Comodo Defense+ *Disabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_!SASCORE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-26 do 2014-12-26 )))))))))))))))))))))))))))))))
.
.
2014-12-25 10:40 . 2014-12-25 10:40 -------- d-----w- c:\programdata\Shared Space
2014-12-25 10:39 . 2014-12-25 10:39 -------- d-----w- c:\programdata\Comodo Downloader
2014-12-25 10:38 . 2014-12-25 10:41 -------- d-----w- c:\programdata\Comodo
2014-12-24 19:33 . 2014-12-26 21:48 -------- d-----r- c:\users\Public
2014-12-24 19:23 . 2014-12-24 19:23 -------- d-----w- c:\programdata\ATI
2014-12-24 11:59 . 2014-12-24 11:59 -------- d-----w- c:\program files (x86)\AMD
2014-12-24 11:58 . 2014-12-24 11:59 -------- d-----w- c:\programdata\Package Cache
2014-12-24 11:57 . 2014-12-24 19:29 -------- d-----w- c:\program files\AMD
2014-12-24 11:50 . 2014-12-24 11:50 -------- d-----w- c:\users\Petr\AMD-Catalyst-Omega-14.12-With-DOTNet45-Win7-32bit
2014-12-23 19:06 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D360C70-5B21-49C3-A531-1493463E8B3C}\mpengine.dll
2014-12-23 18:23 . 2014-12-23 18:23 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-23 17:30 . 2014-12-23 17:30 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-12-23 17:30 . 2014-12-23 17:30 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-12-18 12:26 . 2014-12-18 12:26 -------- d-----w- c:\program files\Defraggler
2014-12-18 08:34 . 2014-12-18 08:34 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 08:34 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-10 06:51 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 06:51 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 06:47 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 06:47 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-08 23:20 . 2014-12-08 23:20 792648 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2014-12-08 23:20 . 2014-12-08 23:20 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2014-12-08 23:20 . 2014-12-08 23:20 20184 ----a-w- c:\windows\system32\drivers\cmderd.sys
2014-12-08 23:20 . 2014-12-08 23:20 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2014-12-08 23:20 . 2014-12-08 23:20 437792 ----a-w- c:\windows\system32\guard64.dll
2014-12-08 23:20 . 2014-12-08 23:20 40736 ----a-w- c:\windows\system32\cmdcsr.dll
2014-12-08 23:20 . 2014-12-08 23:20 352272 ----a-w- c:\windows\SysWow64\guard32.dll
2014-12-08 23:20 . 2014-12-08 23:20 354520 ----a-w- c:\windows\system32\cmdvrt64.dll
2014-12-08 23:20 . 2014-12-08 23:20 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2014-12-08 23:20 . 2014-12-08 23:20 286424 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2014-12-08 23:20 . 2014-12-08 23:20 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2014-12-03 15:17 . 2014-12-03 15:17 -------- d-----w- c:\users\Petr\AppData\Local\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-23 18:22 . 2011-03-23 23:53 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-23 18:21 . 2013-12-27 14:56 3293136 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-23 18:21 . 2013-12-27 14:57 18594432 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-12-23 18:21 . 2013-12-27 21:47 17264312 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-12-23 18:21 . 2013-10-27 08:12 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-23 17:30 . 2013-12-27 21:47 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-12-23 08:39 . 2013-12-27 19:54 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-23 08:39 . 2013-12-27 19:54 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-18 09:02 . 2013-06-20 09:42 140456 ----a-w- c:\windows\SysWow64\MicrosoftUpdateCatalogWebControl.dll
2014-12-16 08:21 . 2013-12-27 15:17 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 08:03 . 2011-03-23 23:53 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2011-03-23 23:52 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2011-03-23 23:53 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2011-03-23 23:53 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 08:03 . 2011-03-23 23:53 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-13 00:12 . 2014-06-04 21:19 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-12-13 00:12 . 2013-12-27 21:50 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:12 . 2014-06-04 21:19 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-12-13 00:12 . 2013-12-27 21:50 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-12-12 23:11 . 2013-12-27 16:40 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2014-12-10 06:53 . 2013-12-27 15:20 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-22 07:43 . 2013-12-27 18:22 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-13 00:20 . 2014-11-20 17:17 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-11-20 17:17 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-12 17:42 . 2014-11-12 17:42 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-12 17:42 . 2014-04-20 07:29 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-12 17:42 . 2013-12-27 18:22 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-12 17:42 . 2013-12-27 18:22 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-12 17:42 . 2013-12-27 18:22 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-12 17:42 . 2013-12-27 18:22 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-12 17:42 . 2013-12-27 18:22 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-12 17:42 . 2014-11-12 17:42 43152 ----a-w- c:\windows\avastSS.scr
2014-11-12 17:42 . 2013-12-27 18:22 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-11 03:08 . 2014-11-19 16:17 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 16:17 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 16:17 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 16:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-04 00:04 . 2014-11-10 20:27 1876296 ----a-w- c:\windows\system32\nvdispco6434465.dll
2014-11-04 00:04 . 2014-11-10 20:27 1539272 ----a-w- c:\windows\system32\nvdispgenco6434465.dll
2014-10-30 04:53 . 2014-11-06 15:22 1876296 ----a-w- c:\windows\system32\nvdispco6434460.dll
2014-10-30 04:53 . 2014-11-06 15:22 1539272 ----a-w- c:\windows\system32\nvdispgenco6434460.dll
2014-10-30 02:03 . 2014-12-10 06:49 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-12 16:39 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 16:39 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 16:36 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 16:36 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-16 16:54 . 2014-10-25 08:17 1876296 ----a-w- c:\windows\system32\nvdispco6434448.dll
2014-10-16 16:54 . 2014-10-25 08:17 1539272 ----a-w- c:\windows\system32\nvdispgenco6434448.dll
2014-10-15 17:16 . 2014-09-10 17:43 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-10-15 17:16 . 2014-09-10 17:43 320936 ----a-w- c:\windows\system32\javaws.exe
2014-10-15 17:16 . 2014-09-10 17:43 191400 ----a-w- c:\windows\system32\javaw.exe
2014-10-15 17:16 . 2014-09-10 17:43 190888 ----a-w- c:\windows\system32\java.exe
2014-10-14 02:16 . 2014-11-12 16:39 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 16:39 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 16:38 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 16:39 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 16:39 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 16:39 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 16:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 16:38 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 16:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 16:39 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 16:39 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 16:39 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 02:12 . 2014-11-12 16:40 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-12 16:40 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-12 16:40 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-12 16:40 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-12 16:40 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-12 16:40 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-12 16:40 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-12 16:40 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-06-24 5199984]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-12 5227112]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-12-24 767176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files (x86)\APC\APC PowerChute Personal Edition\Display.exe [2014-8-14 221295]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-12-6 565464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;g:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;g:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;f:\ntiolib_x64.sys;f:\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-09 19:08 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-12 17:42 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-23 2531472]
"COMODO Internet Security"="g:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-12-08 1297112]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.2
TCP: Interfaces\{E1DD0153-82AA-485F-A002-2D35ADD074BB}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\8b3usp8o.default\
FF - prefs.js: browser.search.selectedEngine -
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
.
**************************************************************************
.
Celkový čas: 2014-12-27 00:03:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-26 23:03
ComboFix2.txt 2014-12-26 21:48
.
Před spuštěním: Volných bajtů: 21 897 293 824
Po spuštění: Volných bajtů: 21 606 912 000
.
- - End Of File - - 423DA1843E546F6FBC2F025503864C27
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola logu Rsit

#25 Příspěvek od Márty84 »

:arrow: Dejte novy log z RSIT

a k tomu

:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#26 Příspěvek od PredyP »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2014-12-29 14:53:33
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 19 GB (19%) free of 100 GB
Total RAM: 8191 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:53:35, on 29.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Users\Petr\Desktop\OTL.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 8893321921
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1DD0153-82AA-485F-A002-2D35ADD074BB}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - G:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - G:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9199 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"G:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
taskeng.exe {A160436A-AD79-4A49-A957-BF614FDAA4D4}
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"G:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
"C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss eccb626f-8c95-462e-b10f-516976846c55 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "2011441330-549545201825424516-1743719064-80356772420468689281557211801995631068
\??\C:\Windows\system32\conhost.exe "-9880588318082036326362402341952029872-15550166231216426890448706579674860573
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3560
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
ngservice.exe pipeserver
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"G:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"G:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Users\Petr\Desktop\OTL.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\8b3usp8o.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-15 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-15 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28 6126680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28 4438104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-12-13 2824504]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-23 2531472]
"COMODO Internet Security"=G:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09 1297112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-23 7394584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-24 5199984]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-12 5227112]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-12-24 767176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-12-29 14:52:37 ----D---- C:\rsit
2014-12-27 00:03:51 ----SHD---- C:\$RECYCLE.BIN
2014-12-27 00:03:39 ----A---- C:\ComboFix.txt
2014-12-26 23:53:22 ----D---- C:\Windows\temp
2014-12-26 22:41:09 ----A---- C:\Windows\zip.exe
2014-12-26 22:41:09 ----A---- C:\Windows\SWSC.exe
2014-12-26 22:41:09 ----A---- C:\Windows\SWREG.exe
2014-12-26 22:41:09 ----A---- C:\Windows\sed.exe
2014-12-26 22:41:09 ----A---- C:\Windows\PEV.exe
2014-12-26 22:41:09 ----A---- C:\Windows\NIRCMD.exe
2014-12-26 22:41:09 ----A---- C:\Windows\MBR.exe
2014-12-26 22:41:09 ----A---- C:\Windows\grep.exe
2014-12-26 22:36:29 ----D---- C:\Qoobox
2014-12-26 22:36:13 ----D---- C:\Windows\erdnt
2014-12-26 22:35:35 ----A---- C:\Windows\ntbtlog.txt
2014-12-25 11:40:26 ----D---- C:\ProgramData\Shared Space
2014-12-25 11:39:51 ----D---- C:\ProgramData\Comodo Downloader
2014-12-25 11:38:37 ----D---- C:\ProgramData\Comodo
2014-12-24 20:23:16 ----D---- C:\ProgramData\ATI
2014-12-24 12:59:22 ----D---- C:\Program Files (x86)\AMD
2014-12-24 12:58:36 ----D---- C:\ProgramData\Package Cache
2014-12-24 12:57:51 ----D---- C:\Program Files\AMD
2014-12-23 19:23:05 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-12-23 19:20:31 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-12-23 19:20:31 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-12-23 19:20:31 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-12-23 19:20:31 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-12-23 19:20:31 ----A---- C:\Windows\system32\nvopencl.dll
2014-12-23 19:20:31 ----A---- C:\Windows\system32\nvhdap64.dll
2014-12-23 19:20:31 ----A---- C:\Windows\system32\nvhdagenco64.dll
2014-12-23 19:20:31 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-12-23 19:20:30 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\nvoglv64.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\nvinitx.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\NvIFR64.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\NvFBC64.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\nvdispgenco6434709.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\nvdispco6434709.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\nvcuvid.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\nvcuda.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\nvcompiler.dll
2014-12-23 19:20:30 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-12-23 18:30:04 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-12-23 18:30:04 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-12-18 13:26:33 ----D---- C:\Program Files\Defraggler
2014-12-18 09:34:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 09:34:09 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 07:51:54 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-10 07:51:54 ----A---- C:\Windows\system32\mf.dll
2014-12-10 07:49:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 07:49:51 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 07:49:51 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 07:49:51 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 07:49:51 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 07:49:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 07:49:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 07:49:50 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 07:49:50 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 07:49:50 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 07:49:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 07:49:50 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 07:49:50 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 07:49:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 07:49:48 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 07:49:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 07:49:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 07:49:48 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 07:49:48 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 07:49:48 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 07:49:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 07:49:47 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 07:49:47 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 07:49:47 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 07:49:47 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 07:49:47 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 07:49:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 07:49:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 07:49:46 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 07:49:46 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 07:49:45 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 07:49:44 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 07:49:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 07:49:44 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 07:49:44 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 07:49:44 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 07:49:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 07:49:44 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 07:49:43 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 07:49:43 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 07:49:43 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 07:49:42 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 07:49:42 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 07:49:42 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 07:49:42 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 07:49:41 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 07:49:41 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 07:49:41 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 07:49:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 07:49:40 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 07:49:21 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 07:49:21 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 07:49:15 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 07:49:14 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 07:49:14 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 07:49:13 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 07:49:13 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 07:49:12 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 07:49:12 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 07:49:12 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 07:49:12 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-10 07:49:12 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 07:49:12 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 07:49:12 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:49:12 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 07:47:53 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-10 07:47:53 ----A---- C:\Windows\system32\tzres.dll
2014-12-09 02:34:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-09 00:20:34 ----A---- C:\Windows\system32\drivers\inspect.sys
2014-12-09 00:20:34 ----A---- C:\Windows\system32\drivers\cmdhlp.sys
2014-12-09 00:20:34 ----A---- C:\Windows\system32\drivers\cmdguard.sys
2014-12-09 00:20:34 ----A---- C:\Windows\system32\drivers\cmderd.sys
2014-12-09 00:20:22 ----A---- C:\Windows\SYSWOW64\guard32.dll
2014-12-09 00:20:22 ----A---- C:\Windows\system32\guard64.dll
2014-12-09 00:20:22 ----A---- C:\Windows\system32\cmdcsr.dll
2014-12-09 00:20:18 ----A---- C:\Windows\system32\cmdvrt64.dll
2014-12-09 00:20:16 ----A---- C:\Windows\system32\cmdkbd64.dll
2014-12-09 00:20:12 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2014-12-09 00:20:10 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll

======List of files/folders modified in the last 1 month======

2014-12-29 14:53:35 ----D---- C:\Program Files\trend micro
2014-12-29 14:53:07 ----D---- C:\Windows\Prefetch
2014-12-29 13:57:36 ----SHD---- C:\System Volume Information
2014-12-29 12:46:44 ----D---- C:\Users\Petr\AppData\Roaming\.minecraft
2014-12-29 11:19:36 ----D---- C:\Windows\system32\config
2014-12-29 11:06:11 ----D---- C:\Windows\System32
2014-12-29 11:05:12 ----D---- C:\ProgramData\NVIDIA
2014-12-29 02:41:39 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2014-12-29 01:36:01 ----D---- C:\Windows\inf
2014-12-29 01:36:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-28 23:47:09 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2014-12-27 00:03:47 ----D---- C:\Windows\system32\drivers
2014-12-26 23:57:41 ----D---- C:\Windows
2014-12-26 23:57:41 ----A---- C:\Windows\system.ini
2014-12-26 23:57:17 ----D---- C:\Windows\system32\drivers\etc
2014-12-26 23:52:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-26 23:52:06 ----D---- C:\Windows\SysWOW64
2014-12-26 23:52:06 ----D---- C:\Windows\AppPatch
2014-12-26 23:52:06 ----D---- C:\Program Files (x86)\Common Files
2014-12-26 23:46:11 ----D---- C:\Users\Petr\AppData\Roaming\ConMet
2014-12-26 23:46:11 ----D---- C:\ProgramData\ConMet
2014-12-26 20:51:15 ----RD---- C:\Program Files (x86)
2014-12-26 20:51:15 ----D---- C:\ProgramData
2014-12-26 12:03:53 ----D---- C:\Users\Petr\AppData\Roaming\TeamViewer
2014-12-26 11:57:33 ----D---- C:\Program Files (x86)\TeamViewer
2014-12-26 11:44:09 ----D---- C:\Windows\Web
2014-12-25 11:41:23 ----SHD---- C:\Windows\Installer
2014-12-25 11:41:14 ----D---- C:\Windows\system32\Tasks
2014-12-25 11:41:00 ----D---- C:\Windows\system32\DriverStore
2014-12-25 11:27:28 ----D---- C:\Program Files
2014-12-24 20:33:16 ----RD---- C:\Users
2014-12-24 14:48:06 ----D---- C:\Windows\Microsoft.NET
2014-12-24 13:01:11 ----D---- C:\ProgramData\AMD
2014-12-24 13:00:22 ----D---- C:\Program Files\ATI Technologies
2014-12-24 10:48:14 ----D---- C:\Windows\Tasks
2014-12-23 19:22:18 ----A---- C:\Windows\system32\nvvsvc.exe
2014-12-23 19:21:31 ----A---- C:\Windows\system32\nvapi64.dll
2014-12-23 19:21:29 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-12-23 19:21:27 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-12-23 19:21:24 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-12-23 18:30:09 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-12-23 09:39:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-23 09:29:39 ----D---- C:\Program Files\CCleaner
2014-12-20 08:31:07 ----D---- C:\Windows\system32\catroot2
2014-12-18 22:28:27 ----RD---- C:\Program Files (x86)\Skype
2014-12-18 22:28:24 ----D---- C:\ProgramData\Skype
2014-12-18 18:01:29 ----D---- C:\Windows\system32\NDF
2014-12-18 10:43:58 ----D---- C:\Windows\debug
2014-12-18 10:02:07 ----D---- C:\Windows\Downloaded Program Files
2014-12-18 10:02:07 ----A---- C:\Windows\SYSWOW64\MicrosoftUpdateCatalogWebControl.dll
2014-12-18 09:34:53 ----D---- C:\Windows\winsxs
2014-12-16 09:21:25 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-13 09:03:15 ----A---- C:\Windows\system32\nvsvc64.dll
2014-12-13 09:03:15 ----A---- C:\Windows\system32\nvcpl.dll
2014-12-13 09:03:13 ----A---- C:\Windows\system32\nvsvcr.dll
2014-12-13 09:03:13 ----A---- C:\Windows\system32\nvshext.dll
2014-12-13 09:03:13 ----A---- C:\Windows\system32\nvmctray.dll
2014-12-13 01:12:24 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-12-13 01:12:24 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-12-13 01:12:12 ----A---- C:\Windows\system32\nvspcap64.dll
2014-12-13 01:12:12 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-12-11 07:45:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 14:15:31 ----D---- C:\Windows\rescache
2014-12-10 07:59:43 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 07:59:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 07:59:43 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 07:59:43 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 07:59:43 ----D---- C:\Program Files\Internet Explorer
2014-12-10 07:59:42 ----D---- C:\Windows\system32\en-US
2014-12-10 07:59:42 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 07:57:59 ----D---- C:\ProgramData\Microsoft Help
2014-12-10 07:57:07 ----D---- C:\Windows\system32\MRT
2014-12-10 07:53:19 ----A---- C:\Windows\system32\MRT.exe
2014-12-07 19:06:02 ----D---- C:\ProgramData\CanonIJPLM
2014-12-06 23:45:57 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2014-12-03 10:36:33 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-12 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-12 267632]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-06-16 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-12 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-12 436624]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-12-09 20184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-12-09 792648]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-12-09 45880]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-05-07 283064]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-12-09 104608]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-12 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-12 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-12 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-12 271752]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-08-11 104560]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-12-23 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-12-23 38032]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-06-14 2159728]
S2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-12-24 344064]
R2 APC UPS Service;APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [2004-07-21 176241]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-12 50344]
R2 CmdAgent;COMODO Internet Security Helper Service; G:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-12-09 7618952]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-23 1148560]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-23 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-23 19823248]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-23 935240]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-04 76888]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-23 410768]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-18 5426448]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-06-14 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-12 4012248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; G:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-12-09 2265304]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-27 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#27 Příspěvek od PredyP »

Je to velké zabalil jsem to do rar.
Přílohy
OTL.rar
(90.98 KiB) Staženo 53 x
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#28 Příspěvek od PredyP »

OTL Extras logfile created on: 29.12.2014 13:55:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 6,45 Gb Available Physical Memory | 80,66% Memory free
16,00 Gb Paging File | 14,30 Gb Available in Paging File | 89,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 19,98 Gb Free Space | 20,48% Space Free | Partition Type: NTFS
Drive D: | 73,14 Gb Total Space | 24,07 Gb Free Space | 32,90% Space Free | Partition Type: NTFS
Drive E: | 858,27 Gb Total Space | 98,90 Gb Free Space | 11,52% Space Free | Partition Type: NTFS
Drive G: | 833,85 Gb Total Space | 218,64 Gb Free Space | 26,22% Space Free | Partition Type: NTFS

Computer Name: PETR-PC | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3916526061-3565650022-3371009464-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C10BFBD-C02B-456B-9489-FC7B7E7C7931}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1D35005F-B1F7-443C-BE1F-554D7B73A467}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{2D9C14B5-E9CB-47C6-8F07-D5FBC6671863}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{304AFF73-8B11-40BB-AE98-974E69CE419F}" = lport=139 | protocol=6 | dir=in | app=system |
"{3099918E-2681-4960-BD13-A4D4E7639584}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{341973D0-FE38-4880-9DDC-E8A69A235DA1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4827D5A8-B148-4A26-AD43-120FAE444C9B}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{55E4E13A-5182-4551-A8A1-32967AC01362}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{5838F149-AD69-4B17-9B64-AED4E0CD0830}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{58595BEA-E5F6-48B5-A38E-F52A24DA328B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C529611-8665-4398-97EC-318D7A46D573}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5CD601A2-A009-4751-AB9A-F248B9B013D2}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{640D1E25-C232-4D2B-B41F-91CE8A76B239}" = lport=445 | protocol=6 | dir=in | app=system |
"{8C7E78DA-4E41-46B3-A5BB-8D4D7BA6D44C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8F7DBE70-8980-45DD-873A-1E05541BE995}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8F9D7597-8EFA-496C-81CE-20B084E339EA}" = rport=445 | protocol=6 | dir=out | app=system |
"{9ABB6446-6058-4B1C-88A4-0CB949702344}" = lport=138 | protocol=17 | dir=in | app=system |
"{9BB76F57-6D5B-478D-9A27-A193D1FE0CC0}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A5D9C2CA-2CEF-40CB-92F0-A6F1B7619F7B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AD9247E2-2A70-4A22-A483-6CEA4BC5D33B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B657DE12-FD9D-426E-BDEE-07F70A347945}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BB436F64-A6A4-44CF-B6E6-0DE7284293CA}" = lport=137 | protocol=17 | dir=in | app=system |
"{C9BD129B-65D1-448C-B0EA-6331DF407699}" = rport=139 | protocol=6 | dir=out | app=system |
"{D7DFC600-A3CE-4B2B-A9E2-2BAD750979D8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D9EFD6E9-5549-4712-A293-D8E7C89E7CE4}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E1390313-E30A-4CC2-93C9-E5771A9AB75B}" = rport=138 | protocol=17 | dir=out | app=system |
"{E687D468-D20D-484E-BEBE-EDE69BE92228}" = rport=137 | protocol=17 | dir=out | app=system |
"{EF8010AA-B8C8-490A-9299-2F3A30567A1C}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2101895F-3793-46E5-ADA9-47C3FED8398D}" = protocol=6 | dir=in | app=g:\games\assassin's creed iv - black flag\ac4bfsp.exe |
"{2EE9705A-87CF-450E-8C59-2631BA4AF9AA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3F7936DC-1D27-49D8-96D7-9D8D15FD6AA2}" = protocol=17 | dir=in | app=g:\program files (x86)\nero\km\kwikmedia.exe |
"{444E285E-7806-47A9-91FF-6EE7F6E10204}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{4473D4A3-350F-4C24-A173-A36DAC19BBB5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{483DA729-4C5C-4CF0-B5B1-1638D616A19F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{55BAD1E6-5EF5-4CDF-9B5E-A2FBEF7E1963}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{56AA9D8F-55B8-4725-81B8-893073A8FB68}" = protocol=6 | dir=in | app=g:\program files (x86)\nero\km\kwikmedia.exe |
"{5887C102-B235-4A24-AC63-E4C145C7799A}" = protocol=17 | dir=in | app=g:\program files\origin\battlefield 3\bf3.exe |
"{5A763281-E132-4851-B411-30DA7DBC2841}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{60A012A8-AB05-4EDF-B31A-85C03688B494}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{68726B5E-D0FF-46E0-87F7-5705291A535D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{7266F4FB-7E92-4F46-9757-37B5FE206522}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7ED16B04-4F78-4635-A423-5F4E84B982F3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{844D3E1D-8D6E-432B-B368-3755F930DA28}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{84F9518D-0682-4B2F-9C67-1A597A5EBE0B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{85CB2CFA-5B2D-4650-BA5C-37812907E6D0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{86C65380-7187-454F-81B5-8DA59B1060B4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9348AF70-A40A-4EBD-8845-BD8ED7D51884}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{99731ECD-FDFF-49EA-8CE0-AFB6388AE9FE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{9BDA21F0-1FF1-46D4-86B6-A1A4D8E9F029}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A1A70A00-3EA1-4011-9CAB-1B569400590B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A1B65010-99DE-4BC1-BB30-BC9225D0C304}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A33BBA0C-6085-4C5D-AAC1-FB78957A2F21}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AB1BBD37-1205-45E0-BF17-C79C7B2B501B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B29DA244-9D51-4D5F-AF41-CC558DAA9149}" = protocol=6 | dir=in | app=g:\program files\origin\battlefield 3\bf3.exe |
"{C85F59E8-A1F6-48C3-BEA8-2481F81EACEB}" = dir=in | app=c:\users\petr\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{D2D0B96B-8AAC-4418-8C9D-933BBD3BE5CC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D6E0EABC-A989-4FD7-A597-EAEBC999C5A1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DBEF69D9-E163-4EDE-A287-ADAEB81E66BD}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{DE1FBF36-40C8-4C04-9111-3FC691991B78}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F72B1739-E79A-465A-A7A3-DCF23A691613}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FE31D78F-04AA-4277-8985-5540FAA0038F}" = protocol=17 | dir=in | app=g:\games\assassin's creed iv - black flag\ac4bfsp.exe |
"TCP Query User{30E0239E-1AF8-408F-89C4-73B81351465F}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{31EFB8B2-ACF2-4C5D-8D07-D9ABAECC97A1}C:\program files\java\jre1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_25\bin\javaw.exe |
"TCP Query User{472025BF-CF3C-4EE9-93EF-F9C6E7CEA42B}C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe |
"TCP Query User{7B112074-BF8F-4BD5-B20E-474EF4462D1F}G:\daniel\program files\counter strike source 2010\hl2.exe" = protocol=6 | dir=in | app=g:\daniel\program files\counter strike source 2010\hl2.exe |
"TCP Query User{A1AE6BFF-A48D-4C2C-9E9C-DE59FE80FC49}G:\daniel\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=g:\daniel\program files\warcraft iii\war3.exe |
"TCP Query User{D177B003-EF23-45B8-BA18-417ED2492229}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{E604AE51-3CF7-48DE-B97D-B8E604D5F2D0}G:\denisa\wot\worldoftanks.exe" = protocol=6 | dir=in | app=g:\denisa\wot\worldoftanks.exe |
"TCP Query User{F857D338-40AA-447A-BAF2-40EC80A44FB1}G:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=g:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{F96B0072-60AE-460D-8F3B-A767761750E7}G:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=g:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{FF3EFD8B-836B-4FD9-BB38-773305C87CD1}G:\denisa\wot\wotlauncher.exe" = protocol=6 | dir=in | app=g:\denisa\wot\wotlauncher.exe |
"UDP Query User{09FAEA8F-00AC-4EA7-81CE-523CBF808691}G:\denisa\wot\wotlauncher.exe" = protocol=17 | dir=in | app=g:\denisa\wot\wotlauncher.exe |
"UDP Query User{163CF581-9074-46B5-B76F-8FF2705B9269}G:\daniel\program files\counter strike source 2010\hl2.exe" = protocol=17 | dir=in | app=g:\daniel\program files\counter strike source 2010\hl2.exe |
"UDP Query User{39860C52-5B7A-409A-96DD-40C928B6783E}G:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=g:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{4C46429B-F34B-41E3-B157-2608C0D5DE1C}G:\daniel\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=g:\daniel\program files\warcraft iii\war3.exe |
"UDP Query User{7CBCB586-D3F3-4AA1-9460-BD962D45F433}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{8EB6EEE8-BF99-4D08-9F3A-80DCFB8AB13A}G:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=g:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{9DFA2B0F-E30F-45F9-9345-50110838AEAC}C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe |
"UDP Query User{A49E690B-12A7-4EE0-A723-EE5D8A11D07D}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{C1CD4A39-8ED0-4A25-9948-65FAB0606A50}C:\program files\java\jre1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_25\bin\javaw.exe |
"UDP Query User{C385E369-B785-49FD-850F-B3AD9CA313C6}G:\denisa\wot\worldoftanks.exe" = protocol=17 | dir=in | app=g:\denisa\wot\worldoftanks.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series" = Canon MG2200 series MP Drivers
"{18F14F4B-D8A9-4309-817E-3BC0B7664E53}" = COMODO Firewall
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter
"{26A24AE4-039D-4CA4-87B4-2F86418025F0}" = Java 8 Update 25 (64-bit)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 347.09
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 16.18.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.18.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DBAFD1B4-DDC5-DD01-D1C4-E7AEB5139097}" = AMD Fuel
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F2A7CE36-57BF-5C86-952D-90DBF3746D82}" = AMD Catalyst Install Manager
"{F7FE0989-5F4C-3499-B78F-A63E942D100B}" = ccc-utility64
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"WinRAR archiver" = WinRAR 5.01 (64-bit)
"ZonerPhotoStudio13_CZ_is1" = Zoner Photo Studio 13

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{0FE3F13F-8A37-46BA-F973-762F81E833C3}" = CCC Help French
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1543E140-FADF-9E99-D388-4435C2FBC55E}" = CCC Help Chinese Standard
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{238BE990-A412-4129-A434-D03B1A9E396E}" = PdfMerge
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2C9A2369-162D-7AD7-D50F-5F59CEC8A046}" = CCC Help Danish
"{2D61415B-F99C-8161-F452-760B6E441428}" = CCC Help Hungarian
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{339647D6-A277-974F-FF29-83CA6284559B}" = CCC Help German
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}" = Windows Live Mail
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BD8FB0D-9407-429D-C412-FAE0A318A8AE}" = CCC Help Polish
"{4D594F78-0C6D-1442-61CC-94D735FEC05D}" = CCC Help English
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5958C669-28BF-D667-A004-E6FBF448027D}" = CCC Help Spanish
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{637B1239-84B7-0B0F-2549-7020CA57C831}" = CCC Help Thai
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6AE0A655-9BB8-460E-1956-ED37E3B221FA}" = CCC Help Greek
"{6B254D2F-6F6F-5455-DD3B-E71E5C1C0C9A}" = AMD Catalyst Control Center
"{6B84E528-9705-4D36-9C97-97B8E23DAB75}" = League of Legends
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{7481E13B-EC16-1B14-0E32-E88165CD4C57}" = Catalyst Control Center Graphics Previews Common
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7ABA4B54-3672-0548-C1CC-97405F767061}" = CCC Help Russian
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7FE73251-50FA-E864-67EB-19C4BC7AA1C9}" = CCC Help Portuguese
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{894CBED0-8225-D59B-5632-D01B14C6D520}" = CCC Help Norwegian
"{8BD7C51C-0CC4-3E28-CFDC-F7D4C5583783}" = CCC Help Finnish
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8ECCC07B-83E3-3877-26DF-815CD2B30749}" = CCC Help Italian
"{900FD4B9-9C27-D907-36E7-E9CCF170E2FC}" = Catalyst Control Center InstallProxy
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1" = "Assassin's Creed IV - Black Flag"
"{988949CE-DE9A-D187-A010-22B9085FB813}" = CCC Help Swedish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A85092B2-8FB5-5A8C-B27A-69A3D78979D8}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Czech
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B1977E93-5FC0-0BA4-2D5A-D3E69870C7D4}" = CCC Help Chinese Traditional
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BBC9BF50-A35D-B0C2-9117-F3CA2F6BB64A}" = CCC Help Czech
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0FD2FF9-1BE9-E729-3878-9A603B5F1529}" = Catalyst Control Center Localization All
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D94F2DE6-55B4-B211-A381-54089BC791A0}" = CCC Help Japanese
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}" = Windows Live Writer Resources
"{EEFDBD75-0BD9-AC5F-8F61-903C6A19C0ED}" = CCC Help Dutch
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{FB415F81-DC5E-ED99-D2FE-3DC4D88BCA58}" = CCC Help Turkish
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Avast" = Avast Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Canon MG2200 series On-screen Manual" = Canon MG2200 series On-screen Manual
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"ConMet" = Connection Meter
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.0.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"League of Legends 3.0.1" = League of Legends
"Mozilla Firefox 34.0.5 (x86 cs)" = Mozilla Firefox 34.0.5 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Registrace uživatele zařízení Canon MG2200 series" = Registrace uživatele zařízení Canon MG2200 series
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"Stronghold Crusader 2_is1" = Stronghold Crusader 2
"SUPERAntiSpyware 5.7.1026" = SUPERAntiSpyware 5.7.1026
"TeamViewer" = TeamViewer 10
"The Elder Scrolls V Skyrim - Legendary Edition_is1" = The Elder Scrolls V Skyrim - Legendary Edition
"Thief_is1" = Thief
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3916526061-3565650022-3371009464-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26.12.2014 18:48:10 | Computer Name = Petr-PC | Source = VSS | ID = 18
Description =

Error - 26.12.2014 18:48:10 | Computer Name = Petr-PC | Source = VSS | ID = 8193
Description =

Error - 26.12.2014 18:48:10 | Computer Name = Petr-PC | Source = System Restore | ID = 8193
Description =

Error - 27.12.2014 10:17:12 | Computer Name = Petr-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: plugin-container.exe, verze: 34.0.5.5443,
časové razítko: 0x5475dd5d Název chybujícího modulu: mozalloc.dll, verze: 34.0.5.5443,
časové razítko: 0x5475d664 Kód výjimky: 0x80000003 Posun chyby: 0x00001425 ID chybujícího
procesu: 0x107c Čas spuštění chybující aplikace: 0x01d021db2e79c643 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll ID zprávy: 0c469a66-8dd3-11e4-bb16-8c89a57d66c9

Error - 28.12.2014 10:57:33 | Computer Name = Petr-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files\CCleaner\CCleaner.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.12.2014 10:59:34 | Computer Name = Petr-PC | Source = SideBySide | ID = 16842787
Description = Generování kontextu aktivace pro g:\program files (x86)\Nero\Nero
12\nero burning rom\NeroCmd.exe.Manifest se nezdařilo. Chyba v souboru manifestu
nebo zásady g:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST
na řádku 3. Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované
komponenty. Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice
je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0". Podrobnější
diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 28.12.2014 10:59:42 | Computer Name = Petr-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro g:\program files (x86)\Nero\Nero
12\nero recode\NeroBRServer.exe.Manifest se nezdařilo. Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 28.12.2014 13:21:12 | Computer Name = Petr-PC | Source = Application Hang | ID = 1002
Description = Program IEXPLORE.EXE verze 11.0.9600.17496 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: b34 Čas spuštění: 01d022c2aab60fb7 Čas ukončení: 43 Cesta k aplikaci: C:\Program
Files (x86)\Internet Explorer\IEXPLORE.EXE ID hlášení:

Error - 29.12.2014 6:05:48 | Computer Name = Petr-PC | Source = NvStreamSvc | ID = 133073
Description =

Error - 29.12.2014 6:05:48 | Computer Name = Petr-PC | Source = NvStreamSvc | ID = 133073
Description =

Error - 29.12.2014 6:05:48 | Computer Name = Petr-PC | Source = NvStreamSvc | ID = 133073
Description =

[ COMODO Internet Security Events ]
Error - 5.7.2014 20:28:00 | Computer Name = Petr-PC | Source = cis | ID = 1
Description =

Error - 29.11.2014 12:00:15 | Computer Name = Petr-PC | Source = cis | ID = 1
Description =

Error - 12.12.2014 3:56:46 | Computer Name = Petr-PC | Source = cmdagent | ID = 1
Description =

[ System Events ]
Error - 26.12.2014 18:49:06 | Computer Name = Petr-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 26.12.2014 18:49:07 | Computer Name = Petr-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 26.12.2014 18:52:01 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 26.12.2014 18:53:25 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 26.12.2014 18:53:28 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 26.12.2014 18:54:16 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3

Error - 26.12.2014 19:11:18 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3

Error - 27.12.2014 9:24:04 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3

Error - 28.12.2014 9:28:03 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3

Error - 29.12.2014 6:05:22 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.01 neuspěla při spuštění v důsledku následující
chyby: %%3


< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola logu Rsit

#29 Příspěvek od Márty84 »

:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)


zkopirujete obsah toho poznamkoveho bloku http://leteckaposta.cz/371633764


Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1246
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Preventivní kontrola logu Rsit

#30 Příspěvek od PredyP »

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User

User: Petr
->Temp folder emptied: 118260817 bytes
->Temporary Internet Files folder emptied: 340341166 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 370712801 bytes
->Google Chrome cache emptied: 44494031 bytes
->Flash cache emptied: 5336 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 6512 bytes

Total Files Cleaned = 833,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Petr
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3916526061-3565650022-3371009464-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: false removed from browser.search.isUS
Prefs.js: "" removed from browser.search.selectedEngine
Prefs.js: "\"%2F*!%20serp-about%20-%20v0.1.10%20-%202014-04-07%2018%3A21%3A58%20*%2F%0D%0Avar%20u%20%3D%20%7B%7D%3B%0A%0Avar%20Util%20%3D%20%7B%0A%09debug%3A%20false%2C%0A%09extend%3A%20function(Child%2C%20Parent)%20%7B%0A%09%09var%20F%20%3D%20function()%20%7B%20%7D%3B%0A%09%09F.prototype%20%3D%20Parent.prototype%3B%0A%09%09Child.prototype%20%3D%20new%20F()%3B%0A%09%09Child.prototype.constructor%20%3D%20Child%3B%0A%09%09Child._super%20%3D%20Parent.prototype%3B%0A%09%7D%2C%0A%09log%3A%20function()%20%7B%0A%09%09if%20(Util.debug)%20%7B%0A%09%09%09var%20args%20%3D%20Array.prototype.slice.call(arguments)%3B%0A%09%09%09console.log.apply(console%2C%20args)%3B%0A%09%09%7D%0A%09%7D%0A%7D%3B%0A%2F%2Fshort%20alias%0Au%20%3D%20Util%3B%0A%0Afunction%20ENGINE%20()%20%7B%7D%0Afunction%20GoogleChrome%20()%20%7B%7D%0Afunction%20CORE()%20%7B%7D%0Afunction%20Firefox%20()%20%7B%7D%0Afunction%20IE%20()%20%7B%7D%0A%0AUtil.extend(ENGINE%2C%20CORE)%3B%0AUtil.extend(GoogleChrome%2C%20ENGINE)%3 removed from extensions.trusted-ads.serp_about
Prefs.js: "\"%2F*!%20serp-ask%20-%20v0.1.8%20-%202014-04-07%2018%3A21%3A58%20*%2F%0D%0Avar%20u%20%3D%20%7B%7D%3B%0A%0Avar%20Util%20%3D%20%7B%0A%09debug%3A%20false%2C%0A%09extend%3A%20function(Child%2C%20Parent)%20%7B%0A%09%09var%20F%20%3D%20function()%20%7B%20%7D%3B%0A%09%09F.prototype%20%3D%20Parent.prototype%3B%0A%09%09Child.prototype%20%3D%20new%20F()%3B%0A%09%09Child.prototype.constructor%20%3D%20Child%3B%0A%09%09Child._super%20%3D%20Parent.prototype%3B%0A%09%7D%2C%0A%09log%3A%20function()%20%7B%0A%09%09if%20(Util.debug)%20%7B%0A%09%09%09var%20args%20%3D%20Array.prototype.slice.call(arguments)%3B%0A%09%09%09console.log.apply(console%2C%20args)%3B%0A%09%09%7D%0A%09%7D%0A%7D%3B%0A%2F%2Fshort%20alias%0Au%20%3D%20Util%3B%0A%0Afunction%20ENGINE%20()%20%7B%7D%0Afunction%20GoogleChrome%20()%20%7B%7D%0Afunction%20CORE()%20%7B%7D%0Afunction%20Firefox%20()%20%7B%7D%0Afunction%20IE%20()%20%7B%7D%0A%0AUtil.extend(ENGINE%2C%20CORE)%3B%0AUtil.extend(GoogleChrome%2C%20ENGINE)%3B%0AU removed from extensions.trusted-ads.serp_ask
Prefs.js: "\"%2F*!%20serp-bing%20-%20v0.2.4%20-%202014-04-07%2018%3A21%3A58%20*%2F%0D%0Avar%20u%20%3D%20%7B%7D%3B%0A%0Avar%20Util%20%3D%20%7B%0A%09debug%3A%20false%2C%0A%09extend%3A%20function(Child%2C%20Parent)%20%7B%0A%09%09var%20F%20%3D%20function()%20%7B%20%7D%3B%0A%09%09F.prototype%20%3D%20Parent.prototype%3B%0A%09%09Child.prototype%20%3D%20new%20F()%3B%0A%09%09Child.prototype.constructor%20%3D%20Child%3B%0A%09%09Child._super%20%3D%20Parent.prototype%3B%0A%09%7D%2C%0A%09log%3A%20function()%20%7B%0A%09%09if%20(Util.debug)%20%7B%0A%09%09%09var%20args%20%3D%20Array.prototype.slice.call(arguments)%3B%0A%09%09%09console.log.apply(console%2C%20args)%3B%0A%09%09%7D%0A%09%7D%0A%7D%3B%0A%2F%2Fshort%20alias%0Au%20%3D%20Util%3B%0A%0Afunction%20ENGINE%20()%20%7B%7D%0Afunction%20GoogleChrome%20()%20%7B%7D%0Afunction%20CORE()%20%7B%7D%0Afunction%20Firefox%20()%20%7B%7D%0Afunction%20IE%20()%20%7B%7D%0A%0AUtil.extend(ENGINE%2C%20CORE)%3B%0AUtil.extend(GoogleChrome%2C%20ENGINE)%3B%0 removed from extensions.trusted-ads.serp_bing
Prefs.js: "\"%2F*!%20serp-google%20-%20v1.7.0.3%20-%202014-04-07%2018%3A21%3A58%20*%2F%0D%0Avar%20u%20%3D%20%7B%7D%3B%0A%0Avar%20Util%20%3D%20%7B%0A%09debug%3A%20false%2C%0A%09extend%3A%20function(Child%2C%20Parent)%20%7B%0A%09%09var%20F%20%3D%20function()%20%7B%20%7D%3B%0A%09%09F.prototype%20%3D%20Parent.prototype%3B%0A%09%09Child.prototype%20%3D%20new%20F()%3B%0A%09%09Child.prototype.constructor%20%3D%20Child%3B%0A%09%09Child._super%20%3D%20Parent.prototype%3B%0A%09%7D%2C%0A%09log%3A%20function()%20%7B%0A%09%09if%20(Util.debug)%20%7B%0A%09%09%09var%20args%20%3D%20Array.prototype.slice.call(arguments)%3B%0A%09%09%09console.log.apply(console%2C%20args)%3B%0A%09%09%7D%0A%09%7D%0A%7D%3B%0A%2F%2Fshort%20alias%0Au%20%3D%20Util%3B%0A%0Afunction%20ENGINE%20()%20%7B%7D%0Afunction%20GoogleChrome%20()%20%7B%7D%0Afunction%20CORE()%20%7B%7D%0Afunction%20Firefox%20()%20%7B%7D%0Afunction%20IE%20()%20%7B%7D%0A%0AUtil.extend(ENGINE%2C%20CORE)%3B%0AUtil.extend(GoogleChrome%2C%20ENGINE removed from extensions.trusted-ads.serp_google
Prefs.js: "\"%2F*!%20serp-whitepages%20-%20v0.2.3%20-%202014-04-07%2018%3A21%3A58%20*%2F%0D%0Avar%20u%20%3D%20%7B%7D%3B%0A%0Avar%20Util%20%3D%20%7B%0A%09debug%3A%20false%2C%0A%09extend%3A%20function(Child%2C%20Parent)%20%7B%0A%09%09var%20F%20%3D%20function()%20%7B%20%7D%3B%0A%09%09F.prototype%20%3D%20Parent.prototype%3B%0A%09%09Child.prototype%20%3D%20new%20F()%3B%0A%09%09Child.prototype.constructor%20%3D%20Child%3B%0A%09%09Child._super%20%3D%20Parent.prototype%3B%0A%09%7D%2C%0A%09log%3A%20function()%20%7B%0A%09%09if%20(Util.debug)%20%7B%0A%09%09%09var%20args%20%3D%20Array.prototype.slice.call(arguments)%3B%0A%09%09%09console.log.apply(console%2C%20args)%3B%0A%09%09%7D%0A%09%7D%0A%7D%3B%0A%2F%2Fshort%20alias%0Au%20%3D%20Util%3B%0A%0Afunction%20ENGINE%20()%20%7B%7D%0Afunction%20GoogleChrome%20()%20%7B%7D%0Afunction%20CORE()%20%7B%7D%0Afunction%20Firefox%20()%20%7B%7D%0Afunction%20IE%20()%20%7B%7D%0A%0AUtil.extend(ENGINE%2C%20CORE)%3B%0AUtil.extend(GoogleChrome%2C%20 removed from extensions.trusted-ads.serp_whitepages
Prefs.js: "\"%2F*!%20serp-yellowpages%20-%20v0.1.9%20-%202014-04-07%2018%3A21%3A58%20*%2F%0D%0Avar%20u%20%3D%20%7B%7D%3B%0A%0Avar%20Util%20%3D%20%7B%0A%09debug%3A%20false%2C%0A%09extend%3A%20function(Child%2C%20Parent)%20%7B%0A%09%09var%20F%20%3D%20function()%20%7B%20%7D%3B%0A%09%09F.prototype%20%3D%20Parent.prototype%3B%0A%09%09Child.prototype%20%3D%20new%20F()%3B%0A%09%09Child.prototype.constructor%20%3D%20Child%3B%0A%09%09Child._super%20%3D%20Parent.prototype%3B%0A%09%7D%2C%0A%09log%3A%20function()%20%7B%0A%09%09if%20(Util.debug)%20%7B%0A%09%09%09var%20args%20%3D%20Array.prototype.slice.call(arguments)%3B%0A%09%09%09console.log.apply(console%2C%20args)%3B%0A%09%09%7D%0A%09%7D%0A%7D%3B%0A%2F%2Fshort%20alias%0Au%20%3D%20Util%3B%0A%0Afunction%20ENGINE%20()%20%7B%7D%0Afunction%20GoogleChrome%20()%20%7B%7D%0Afunction%20CORE()%20%7B%7D%0Afunction%20Firefox%20()%20%7B%7D%0Afunction%20IE%20()%20%7B%7D%0A%0AUtil.extend(ENGINE%2C%20CORE)%3B%0AUtil.extend(GoogleChrome%2C% removed from extensions.trusted-ads.serp_yellowpages
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP200F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP75EA.tmp\ehRecObj.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP75EA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP95E8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9C22.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB46.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE87A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP17F3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2210.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP69AB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6E01.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB51B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCB4A.tmp\System.Data.SqlXml.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCB4A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDDE4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC81.tmp\System.Data.Entity.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEC81.tmp folder deleted successfully.
C:\Windows\Installer\MSI267.tmp deleted successfully.
C:\Windows\Installer\MSI2893.tmp deleted successfully.
C:\Windows\Installer\MSI3CE.tmp deleted successfully.
C:\Windows\Installer\MSI5E40.tmp deleted successfully.
C:\Windows\Installer\MSI65DF.tmp deleted successfully.
C:\Windows\Installer\MSI6D9D.tmp deleted successfully.
C:\Windows\Installer\MSI7D8E.tmp deleted successfully.
C:\Windows\Installer\MSI81AB.tmp deleted successfully.
C:\Windows\Installer\MSIA537.tmp deleted successfully.
C:\Windows\Installer\MSIA5EE.tmp deleted successfully.
C:\Windows\Installer\MSIA811.tmp deleted successfully.
C:\Windows\Installer\MSIAAA7.tmp deleted successfully.
C:\Windows\Installer\MSIAEEC.tmp deleted successfully.
C:\Windows\Installer\MSIB074.tmp deleted successfully.
C:\Windows\Installer\MSIB2A2.tmp deleted successfully.
C:\Windows\Installer\MSIB2F2.tmp deleted successfully.
C:\Windows\Installer\MSIC542.tmp deleted successfully.
C:\Windows\Installer\MSIC62D.tmp deleted successfully.
C:\Windows\Installer\MSIC737.tmp deleted successfully.
C:\Windows\Installer\MSICDE4.tmp deleted successfully.
C:\Windows\Installer\MSICF3C.tmp deleted successfully.
C:\Windows\Installer\MSID3B0.tmp deleted successfully.
C:\Windows\Installer\MSIDB0C.tmp deleted successfully.
C:\Windows\Installer\MSIE25D.tmp deleted successfully.
C:\Windows\Installer\MSIE902.tmp deleted successfully.
C:\Windows\Installer\MSIEA4B.tmp deleted successfully.
C:\Windows\Installer\MSIF62E.tmp deleted successfully.
C:\Windows\Installer\MSIF890.tmp deleted successfully.
Unable to delete ADS C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_11.2.9600.17509_none_11ac2db52f16b27a\ieUnatt.exe:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvwgf2um.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvumdshim.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvStreaming.exe:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvopencl.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvoglv32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvoglshim32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvinit.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\NvIFR.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\NvFBC.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvd3dum.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvcuvid.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvcuda.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvcompiler.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvaudcap32v.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\nvapi.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\MicrosoftUpdateCatalogWebControl.dll:$CmdTcID .
Unable to delete ADS C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_Plugin.exe:$CmdTcID .
Unable to delete ADS C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_ActiveX.exe:$CmdTcID .
Unable to delete ADS C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe:$CmdTcID .
Unable to delete ADS C:\Windows\SysWow64\FlashPlayerApp.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvwgf2um.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvumdshim.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvStreaming.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvopencl.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvoglv32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvoglshim32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvinit.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\NvIFR.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\NvFBC.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvd3dum.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvcuvid.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvcuda.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvcompiler.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvaudcap32v.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\nvapi.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\MicrosoftUpdateCatalogWebControl.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_235_Plugin.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_235_ActiveX.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\FlashPlayerApp.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvvad.inf_amd64_neutral_25d3b9b9169d137c\nvvad64v.sys:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvvad.inf_amd64_neutral_25d3b9b9169d137c\nvaudcap64v.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvvad.inf_amd64_neutral_25d3b9b9169d137c\nvaudcap32v.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvswcfilter.inf_amd64_neutral_f020300087aff008\WdfCoInstaller0100964.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvswcfilter.inf_amd64_neutral_f020300087aff008\nvswcfilter64.sys:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvstusb.inf_amd64_neutral_f4d6f2f1f5de12e3\nvstusb64.sys:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvstusb.inf_amd64_neutral_f4d6f2f1f5de12e3\nvir3dgenco64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_7067b71099d0d027\nvhdap64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_7067b71099d0d027\nvhdagenco64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_7067b71099d0d027\nvhda64v.sys:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_7067b71099d0d027\nvhda64.sys:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\OpenCL64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\OpenCL32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvwgf2umx.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvwgf2um.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvumdshimx.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvumdshim.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvopencl64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvopencl32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvoglv64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvoglv32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvoglshim64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvoglshim32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvml.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvmcumd.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvlddmkm.sys:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvinitx.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvinit.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\NvIFROpenGL64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\NvIFROpenGL32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\NvIFR64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\NvIFR.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvidia-smi.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\NvFBC64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\NvFBC.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvEncodeAPI64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvEncodeAPI.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvdxgiwrapx.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvdxgiwrap.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvdispgenco64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvdispco64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvdetx.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvdet.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvdebugdump.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvd3dumx.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvd3dum.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\Nvd3d9wrapx.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\Nvd3d9wrap.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvcuvid64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvcuvid32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvcuda64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvcuda32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\NvCplSetupInt.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvcompiler32.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvcompiler.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvapi64.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\nvapi.dll:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\MCU.exe:$CmdTcID .
Unable to delete ADS C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_f08c9118ec1f4261\dbInstaller.exe:$CmdTcID .
Unable to delete ADS C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe:$CmdTcID .
Unable to delete ADS C:\Users\Petr\Desktop\OTL.exe:$CmdTcID .
Unable to delete ADS C:\Users\Petr\Desktop\ComboFix.exe:$CmdTcID .
Unable to delete ADS C:\Program Files\CCleaner\CCleaner64.exe:$CmdTcID .
Unable to delete ADS C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe:$CmdTcID .
Unable to delete ADS C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe:$CmdTcID .
Unable to delete ADS \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MPF4OG23\loader[1].js:$CmdTcID .
Unable to delete ADS \Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R0BXWP24\AdLoader-288a31a04e1398b1a794975bf93ce9a4.min[1].js:$CmdTcID .
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
ADS C:\Users\Petr\Desktop\terezka.jpg:$CmdZnID deleted successfully.
ADS C:\Users\Petr\Desktop\OTL.exe:$CmdZnID deleted successfully.
Unable to delete ADS C:\Users\Petr\Desktop\ComboFix.exe:$CmdZnID .
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 12302014_112248

Files\Folders moved on Reboot...
C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\d7d3d739e92c4c369646f953c2baf35f_fce8395c8fd8a860_81e62caf6a93968d_0_0.bin moved successfully.
C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\d7d3d739e92c4c369646f953c2baf35f_fce8395c8fd8a860_81e62caf6a93968d_0_0.toc moved successfully.
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\eb36b8051af6133d3ee4e767d98e7437_fce8395c8fd8a860_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\eb36b8051af6133d3ee4e767d98e7437_fce8395c8fd8a860_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Petr\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Petr\AppData\Local\Temp\~DF2C667865F90539B1.TMP not found!
File\Folder C:\Users\Petr\AppData\Local\Temp\~DF520C8DCB631E7592.TMP not found!
File\Folder C:\Users\Petr\AppData\Local\Temp\~DFE4E7421F9BC35A63.TMP not found!
File\Folder C:\Users\Petr\AppData\Local\Temp\~DFF1DBE0FB6A3A7CA7.TMP not found!
File\Folder C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\49YI1FD3\tracker[1].js not found!
C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“