Prosim o kontrolu

Zpráva

extreme41 · #1 Příspěvek od **extreme41** » 25 pro 2014 17:30

Dobry den prikladam log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Robo at 2014-12-25 17:29:14
Microsoft Windows 7 Professional N Service Pack 1
System drive C: has 40 GB (28%) free of 141 GB
Total RAM: 6007 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:29:20, on 25. 12. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\trend micro\Robo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [MuteSync] c:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programy\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programy\Vmware\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Programy\Vmware\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11530 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 23553248
\??\C:\Windows\system32\conhost.exe "28185221318308973824511812421412893832-9166860301048015269-15613123911696892982
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Programy\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 154ca904-93f4-4e57-8883-362029aac42a 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-102280341720081835-957094488-1587539058-79024731129050645910580306092067077388
\??\C:\Windows\system32\conhost.exe "-1066426695-15121748622914636351909492286162952954-170229679214446691591451868334
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
C:\Programy\Vmware\vmware-authd.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000005c0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
WLIDSvcM.exe 2580
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Programy\Vmware\vmware-hostd.exe -u "C:\ProgramData\VMware\hostd\config.xml"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
igfxHK.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Robo\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job - c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job - c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate

=========Mozilla firefox=========

ProfilePath - C:\Users\Robo\AppData\Roaming\Mozilla\Firefox\Profiles\mbpuxf6t.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.20.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.20.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Programy\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Programy\MICROS~1\Office15\NPSPWRAP.DLL

C:\Users\Robo\AppData\Roaming\Mozilla\Firefox\Profiles\mbpuxf6t.default\extensions\
abs@avira.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-09-29 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Programy\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-09-29 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-05 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-05 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2014-04-27 8071680]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2014-04-27 6193152]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-12-13 2824504]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Programy\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Programy\CCleaner\CCleaner64.exe [2014-09-26 6482200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch]
C:\Program Files (x86)\Connectify\DispatchUI.exe autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot]
C:\Program Files (x86)\Connectify\Connectify.exe autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-12-23 7780120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-27 291608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray.exe]
C:\Programy\Vmware\vmware-tray.exe [2013-10-18 111696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\Programy\Lenovo\BLUETO~1\BTTray.exe [2012-02-01 1380128]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2011-06-01 506712]
"MuteSync"=c:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [2012-02-03 343040]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-12-11 702768]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-11-20 126200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Programy\Lenovo\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-25 17:29:15 ----D---- C:\Program Files\trend micro
2014-12-25 17:29:14 ----D---- C:\rsit
2014-12-25 17:13:58 ----SHD---- C:\Config.Msi
2014-12-20 17:51:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-20 17:51:46 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-18 22:36:48 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-12-18 22:36:48 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-12-16 17:13:21 ----D---- C:\Windows\system32\appraiser
2014-12-16 16:38:39 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-16 16:38:39 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-16 16:38:39 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-16 16:38:39 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-16 16:38:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-16 16:38:39 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-16 16:38:39 ----A---- C:\Windows\system32\mfps.dll
2014-12-16 16:38:39 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-16 16:38:39 ----A---- C:\Windows\system32\mferror.dll
2014-12-16 16:38:39 ----A---- C:\Windows\system32\mf.dll
2014-12-16 16:37:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-16 16:37:20 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-16 16:37:20 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-16 16:37:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-16 16:37:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-16 16:37:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-16 16:37:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-16 16:37:19 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-16 16:37:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-16 16:37:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-16 16:37:19 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-16 16:37:19 ----A---- C:\Windows\system32\iernonce.dll
2014-12-16 16:37:19 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-16 16:37:19 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-16 16:37:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-16 16:37:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-16 16:37:18 ----A---- C:\Windows\system32\urlmon.dll
2014-12-16 16:37:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-16 16:37:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-16 16:37:17 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-16 16:37:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-16 16:37:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-16 16:37:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-16 16:37:17 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-16 16:37:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-16 16:37:17 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-16 16:37:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-16 16:37:17 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-16 16:37:16 ----A---- C:\Windows\system32\iesetup.dll
2014-12-16 16:37:16 ----A---- C:\Windows\system32\iertutil.dll
2014-12-16 16:37:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-16 16:37:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-16 16:37:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-16 16:37:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-16 16:37:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-16 16:37:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-16 16:37:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-16 16:37:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-16 16:37:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-16 16:37:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-16 16:37:14 ----A---- C:\Windows\system32\ieui.dll
2014-12-16 16:37:14 ----A---- C:\Windows\system32\ieframe.dll
2014-12-16 16:37:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-16 16:37:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-16 16:37:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-16 16:37:13 ----A---- C:\Windows\system32\msrating.dll
2014-12-16 16:37:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-16 16:37:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-16 16:37:13 ----A---- C:\Windows\system32\jscript9.dll
2014-12-16 16:37:12 ----A---- C:\Windows\system32\mshtml.dll
2014-12-16 16:36:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-16 16:36:37 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-16 16:36:37 ----A---- C:\Windows\system32\appraiser.dll
2014-12-16 16:36:37 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-16 16:36:37 ----A---- C:\Windows\system32\aepic.dll
2014-12-16 16:36:37 ----A---- C:\Windows\system32\aeinv.dll
2014-12-16 16:36:36 ----A---- C:\Windows\system32\invagent.dll
2014-12-16 16:36:36 ----A---- C:\Windows\system32\generaltel.dll
2014-12-16 16:36:36 ----A---- C:\Windows\system32\devinv.dll
2014-12-16 16:36:36 ----A---- C:\Windows\system32\aepdu.dll
2014-12-16 16:36:35 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-16 16:36:34 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-16 16:36:34 ----A---- C:\Windows\system32\charmap.exe
2014-12-16 16:35:32 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-16 16:35:32 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-16 16:35:32 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-16 16:35:32 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-16 16:35:32 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-16 16:35:32 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-16 16:35:32 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-16 16:35:32 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-16 16:35:32 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-16 16:35:32 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-16 16:35:16 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-16 16:35:16 ----A---- C:\Windows\system32\tzres.dll
2014-12-13 20:44:42 ----D---- C:\Users\Robo\AppData\Roaming\TeamViewer
2014-12-08 17:11:49 ----D---- C:\ProgramData\Caphyon
2014-12-08 17:09:54 ----D---- C:\ProgramData\Atlassian
2014-12-08 16:38:37 ----D---- C:\Program Files (x86)\TeamViewer
2014-12-08 15:52:10 ----D---- C:\Users\Robo\AppData\Roaming\GitHub
2014-12-07 14:47:43 ----D---- C:\Users\Robo\AppData\Roaming\NVIDIA
2014-12-01 20:12:26 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-27 19:23:15 ----D---- C:\Windows\SYSWOW64\NV
2014-11-27 19:23:15 ----D---- C:\Windows\system32\NV
2014-11-27 19:08:53 ----D---- C:\Program Files (x86)\UEFI Winflash

======List of files/folders modified in the last 1 month======

2014-12-25 17:29:20 ----D---- C:\Windows\Prefetch
2014-12-25 17:29:17 ----D---- C:\Windows\Temp
2014-12-25 17:29:15 ----RD---- C:\Program Files
2014-12-25 17:25:25 ----D---- C:\Windows\system32\config
2014-12-25 17:22:36 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-25 17:21:14 ----D---- C:\Windows\Tasks
2014-12-25 17:19:30 ----D---- C:\ProgramData\VMware
2014-12-25 17:17:24 ----D---- C:\Windows\System32
2014-12-25 17:17:24 ----AD---- C:\Windows
2014-12-25 17:16:29 ----SHD---- C:\Windows\Installer
2014-12-25 17:16:01 ----D---- C:\ProgramData\Microsoft Help
2014-12-25 17:15:55 ----D---- C:\Windows\SysWOW64
2014-12-25 17:14:56 ----D---- C:\Windows\winsxs
2014-12-25 17:13:35 ----D---- C:\Windows\Microsoft.NET
2014-12-25 17:11:41 ----SHD---- C:\System Volume Information
2014-12-25 17:11:13 ----D---- C:\Users\Robo\AppData\Roaming\uTorrent
2014-12-25 17:10:17 ----D---- C:\Windows\system32\en-US
2014-12-25 14:31:05 ----D---- C:\Windows\inf
2014-12-25 14:31:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-25 01:50:59 ----D---- C:\Users\Robo\AppData\Roaming\vlc
2014-12-25 00:05:46 ----D---- C:\Windows\system32\Tasks
2014-12-23 00:09:53 ----D---- C:\Programy
2014-12-23 00:08:12 ----D---- C:\Windows\debug
2014-12-23 00:08:12 ----D---- C:\Users\Robo\AppData\Roaming\DAEMON Tools Lite
2014-12-20 17:49:27 ----D---- C:\Windows\system32\catroot
2014-12-20 15:39:43 ----D---- C:\Windows\rescache
2014-12-18 22:37:17 ----D---- C:\Windows\system32\DriverStore
2014-12-18 22:36:56 ----D---- C:\Windows\system32\drivers
2014-12-17 23:39:11 ----SD---- C:\Users\Robo\AppData\Roaming\Microsoft
2014-12-17 23:29:55 ----RSD---- C:\Windows\assembly
2014-12-17 23:14:56 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-12-17 23:14:42 ----RSD---- C:\Windows\Fonts
2014-12-17 23:13:21 ----D---- C:\Windows\ShellNew
2014-12-16 17:13:22 ----SD---- C:\Windows\system32\CompatTel
2014-12-16 17:13:22 ----D---- C:\Windows\AppCompat
2014-12-16 17:13:21 ----SD---- C:\ProgramData\Microsoft
2014-12-16 17:13:19 ----D---- C:\Program Files\Internet Explorer
2014-12-16 17:13:18 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-12-16 17:13:18 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-16 17:13:17 ----D---- C:\Windows\system32\sk-SK
2014-12-16 17:13:17 ----D---- C:\Windows\PolicyDefinitions
2014-12-16 17:13:15 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-16 16:43:13 ----D---- C:\Windows\system32\MRT
2014-12-16 16:39:34 ----A---- C:\Windows\system32\MRT.exe
2014-12-16 16:38:42 ----D---- C:\Windows\system32\catroot2
2014-12-13 01:12:24 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-12-13 01:12:24 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-12-13 01:12:12 ----A---- C:\Windows\system32\nvspcap64.dll
2014-12-13 01:12:12 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-12-10 18:17:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-09 13:44:37 ----D---- C:\ProgramData\Package Cache
2014-12-09 13:44:31 ----D---- C:\Program Files (x86)\Avira
2014-12-08 17:11:49 ----HD---- C:\ProgramData
2014-12-08 16:38:37 ----RD---- C:\Program Files (x86)
2014-12-07 21:16:33 ----D---- C:\Windows\Logs
2014-12-07 14:25:12 ----D---- C:\Program Files (x86)\Common Files
2014-12-07 14:24:27 ----D---- C:\Windows\SYSWOW64\directx
2014-12-07 13:50:38 ----D---- C:\Hry
2014-12-04 21:19:19 ----D---- C:\Users\Robo\AppData\Roaming\Skype
2014-12-01 20:12:15 ----D---- C:\Program Files\Common Files\DESIGNER
2014-12-01 20:10:11 ----D---- C:\Program Files (x86)\Microsoft Office
2014-11-27 20:43:37 ----D---- C:\Drivers
2014-11-27 19:26:15 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-27 19:23:13 ----D---- C:\ProgramData\NVIDIA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2014-04-27 39008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-11-13 31560]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2013-10-08 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2013-10-08 73296]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-09-24 131608]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-09-24 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-28 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-09-24 119272]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-10-09 53816]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-10-18 46160]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-10-18 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-10-18 64080]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi20-shared.sys [2013-02-22 33872]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2014-04-27 30816]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-09-26 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-09-29 454416]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2014-01-26 11521024]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-10-18 20560]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-10-24 313960]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vmusb;VMware USB Client Driver; C:\Windows\system32\DRIVERS\vmusb.sys [2013-10-09 38456]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-10-01 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-12-11 431920]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-12-11 431920]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-11-20 166192]
R2 btwdins;Bluetooth Service; C:\Programy\Lenovo\Bluetooth Software\btwdins.exe [2012-02-01 945440]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-08 631024]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-13 1148560]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-20 318568]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-08 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-08 277784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-13 19823248]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-08 154864]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-11-28 5419792]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
R2 VMAuthdService;VMware Authorization Service; C:\Programy\Vmware\vmware-authd.exe [2013-10-18 86096]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-10-18 358480]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-10-09 905272]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-10-18 437328]
R2 VMwareHostd;VMware Workstation Server; C:\Programy\Vmware\vmware-hostd.exe [2013-10-18 14405200]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-20 280680]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-08 284912]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2007-11-07 4466688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 25 pro 2014 18:35

Zdravim

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

extreme41 · #3 Příspěvek od **extreme41** » 25 pro 2014 23:23

O tom jednom co naslo viem.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25. 12. 2014
Čas skenování: 20:46:19
Protokol: aaaaa.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.25.12
Databáze rootkitů: v2014.12.23.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Robo

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 543556
Uplynulý čas: 2 hod, 35 min, 35 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 1
Trojan.AutoKMS, C:\Windows\AutoKMS\AutoKMS.exe, , [61af68ffb8c41a1c4956cc2078880bf5],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#4 Příspěvek od **Márty84** » 26 pro 2014 06:19

A jste si jisty, ze je ten crack cisty?

MBAM odinstalujte.

Je s pc nejaky konkretni problem, nebo jde ciste jen o prevenci?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

extreme41 · #5 Příspěvek od **extreme41** » 26 pro 2014 11:05

Ide len o prevenciu. S tym crackom som si nie 100% isty ale mal by byt cisty. Resp. mozem hodit nejaky iny.

# AdwCleaner v4.106 - Report created 26/12/2014 at 10:58:31
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Professional N Service Pack 1 (64 bits)
# Username : Robo - ROBO-PC
# Running from : C:\Users\Robo\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v28.0 (sk)

*************************

AdwCleaner[R0].txt - [766 octets] - [17/05/2014 15:50:42]
AdwCleaner[R1].txt - [868 octets] - [04/10/2014 17:56:30]
AdwCleaner[R2].txt - [918 octets] - [16/10/2014 19:37:10]
AdwCleaner[R3].txt - [984 octets] - [20/11/2014 18:39:20]
AdwCleaner[R4].txt - [1104 octets] - [25/12/2014 17:46:18]
AdwCleaner[R5].txt - [1164 octets] - [26/12/2014 10:56:46]
AdwCleaner[S0].txt - [928 octets] - [04/10/2014 17:57:28]
AdwCleaner[S1].txt - [1044 octets] - [20/11/2014 18:40:32]
AdwCleaner[S2].txt - [1086 octets] - [26/12/2014 10:58:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1146 octets] ##########

#6 Příspěvek od **Márty84** » 26 pro 2014 11:33

extreme41 píše:Resp. mozem hodit nejaky iny.

Tohle jsem jako nevidel

Jen tak mimochodem, cracky na office ted v sobe rady ukryvaji toho previta, co zasifruje veskere fotky a videa. Tak hodne stesti

Dejte jeste log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101

extreme41 · #7 Příspěvek od **extreme41** » 26 pro 2014 15:57

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Robo (administrator) on ROBO-PC on 26-12-2014 15:55:08
Running from C:\Users\Robo\Desktop
Loaded Profile: Robo (Available profiles: Robo)
Platform: Windows 7 Professional N Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Programy\SUPERAntiSpyware\SASCORE64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Programy\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(VMware, Inc.) C:\Programy\Vmware\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Programy\Vmware\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Mozilla Corporation) C:\Programy\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Programy\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(forum.viry.cz) C:\Users\Robo\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8071680 2014-04-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6193152 2014-04-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [MuteSync] => c:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-03] (Lenovo)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-237017333-692022921-2232855817-1000\...\MountPoints2: {d750d50a-ff72-11e3-bb97-047d7bf7058a} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Programy\Lenovo\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Programy\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programy\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1

FireFox:
========
FF ProfilePath: C:\Users\Robo\AppData\Roaming\Mozilla\Firefox\Profiles\mbpuxf6t.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Programy\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Robo\AppData\Roaming\Mozilla\Firefox\Profiles\mbpuxf6t.default\Extensions\abs@avira.com [2014-12-11]
FF Extension: Adblock Plus - C:\Users\Robo\AppData\Roaming\Mozilla\Firefox\Profiles\mbpuxf6t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-29]
FF StartMenuInternet: FIREFOX.EXE - C:\Programy\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Programy\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-10-01] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 btwdins; C:\Programy\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-20] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 VMAuthdService; C:\Programy\Vmware\vmware-authd.exe [86096 2013-10-18] (VMware, Inc.)
R2 VMwareHostd; C:\Programy\Vmware\vmware-hostd.exe [14405200 2013-10-18] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-28] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SASDIFSV; C:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 15:55 - 2014-12-26 15:55 - 00015767 _____ () C:\Users\Robo\Desktop\FRST.txt
2014-12-26 15:54 - 2014-12-26 15:55 - 00000000 ____D () C:\FRST
2014-12-26 15:53 - 2014-12-26 15:53 - 02122752 _____ (Farbar) C:\Users\Robo\Desktop\FRST64.exe
2014-12-26 15:53 - 2014-12-26 15:53 - 00112640 _____ (forum.viry.cz) C:\Users\Robo\Desktop\FRSTLauncher.exe
2014-12-26 15:00 - 2014-12-26 15:00 - 00383492 _____ () C:\Users\Robo\Desktop\useobjects_v0.8.3_java8.jar
2014-12-26 11:16 - 2014-12-26 11:16 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-12-26 11:16 - 2014-12-26 11:16 - 00000000 ____D () C:\Windows\system32\NV
2014-12-26 11:15 - 2014-12-26 11:15 - 00000000 ____D () C:\Windows\LastGood
2014-12-26 11:13 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-26 11:13 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-26 11:13 - 2014-12-13 11:08 - 00031376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-12-25 23:22 - 2014-12-25 23:22 - 00001188 _____ () C:\Users\Robo\Desktop\aaaaa.txt
2014-12-25 17:45 - 2014-12-25 17:45 - 02173952 _____ () C:\Users\Robo\Desktop\adwcleaner_4.106.exe
2014-12-25 17:29 - 2014-12-25 17:29 - 01222144 _____ () C:\Users\Robo\Desktop\RSITx64.exe
2014-12-25 17:29 - 2014-12-25 17:29 - 00000000 ____D () C:\rsit
2014-12-25 17:29 - 2014-12-25 17:29 - 00000000 ____D () C:\Program Files\trend micro
2014-12-25 17:17 - 2014-12-26 10:59 - 00002892 _____ () C:\Windows\PFRO.log
2014-12-23 00:58 - 2014-12-26 10:59 - 00001266 _____ () C:\Windows\setupact.log
2014-12-23 00:58 - 2014-12-23 00:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-22 13:14 - 2014-12-26 15:47 - 00000000 ____D () C:\Users\Robo\Desktop\analyza
2014-12-20 17:51 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-20 17:51 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 22:36 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-18 22:36 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-17 13:15 - 2014-12-17 14:50 - 00000000 ___HD () C:\Users\Robo\Desktop\StraplessDildo.14.06.29.Maria.Pie.And.Mia.Maria.Pie.Can.Barely.Sit.Still.For.Her.Realdoe.Fucking.XXX.1080p.MP4-KTR[rarbg]
2014-12-17 08:49 - 2014-12-20 17:05 - 00000000 ____D () C:\Users\Robo\Desktop\robota
2014-12-16 17:13 - 2014-12-16 17:13 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-16 16:38 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-16 16:38 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-16 16:38 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-16 16:38 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-16 16:38 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-16 16:38 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-16 16:38 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-16 16:38 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-16 16:38 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-16 16:38 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-16 16:37 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-16 16:37 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-16 16:37 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-16 16:37 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-16 16:37 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-16 16:37 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-16 16:37 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-16 16:37 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-16 16:37 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-16 16:37 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-16 16:37 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-16 16:37 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-16 16:37 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-16 16:37 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-16 16:37 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-16 16:37 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-16 16:37 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-16 16:37 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-16 16:37 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-16 16:37 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-16 16:37 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-16 16:37 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-16 16:37 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-16 16:37 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-16 16:37 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-16 16:37 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-16 16:37 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-16 16:37 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-16 16:37 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-16 16:37 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-16 16:37 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-16 16:37 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-16 16:37 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-16 16:37 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-16 16:37 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-16 16:37 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-16 16:37 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-16 16:37 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-16 16:37 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-16 16:37 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-16 16:37 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-16 16:37 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-16 16:37 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-16 16:37 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-16 16:37 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-16 16:37 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-16 16:37 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-16 16:37 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-16 16:37 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-16 16:37 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-16 16:37 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-16 16:37 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-16 16:37 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-16 16:37 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-16 16:36 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-16 16:36 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-16 16:36 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-16 16:36 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-16 16:36 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-16 16:36 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-16 16:36 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-16 16:36 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-16 16:36 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-16 16:36 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-16 16:36 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-16 16:36 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-16 16:36 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-16 16:35 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-16 16:35 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-16 16:35 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-16 16:35 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-16 16:35 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-16 16:35 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-16 16:35 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-16 16:35 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-16 16:35 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-16 16:35 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-16 16:35 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-16 16:35 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-13 22:56 - 2014-12-13 22:56 - 00000828 _____ () C:\Users\Robo\Documents\cc_20141213_225653.reg
2014-12-13 20:44 - 2014-12-13 21:59 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\TeamViewer
2014-12-08 23:58 - 2014-12-08 23:58 - 00000000 ____D () C:\Users\Robo\Desktop\Ine Kafe - Nevhodny typ
2014-12-08 17:39 - 2014-12-08 20:59 - 00000000 ____D () C:\Users\Robo\Documents\vsa-projekt1
2014-12-08 17:29 - 2014-12-08 21:47 - 00000000 ____D () C:\Users\Robo\Documents\NazovProjektuNaKtoromPracujes
2014-12-08 17:16 - 2014-12-08 17:16 - 00000068 _____ () C:\Users\Robo\mercurial.ini
2014-12-08 17:13 - 2014-12-08 17:13 - 00000000 ____D () C:\Users\Robo\AppData\Local\Atlassian
2014-12-08 17:11 - 2014-12-08 17:11 - 00000000 ____D () C:\ProgramData\Caphyon
2014-12-08 17:09 - 2014-12-08 17:22 - 00000000 ____D () C:\ProgramData\Atlassian
2014-12-08 16:38 - 2014-12-08 18:23 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-12-08 16:38 - 2014-12-08 16:38 - 00001043 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-08 16:38 - 2014-12-08 16:38 - 00001031 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2014-12-08 15:56 - 2014-12-09 00:18 - 00000000 ____D () C:\Users\Robo\Documents\vsa-projekt
2014-12-08 15:56 - 2014-12-09 00:18 - 00000000 ____D () C:\Users\Robo\Documents\GitHub
2014-12-08 15:55 - 2014-12-08 17:26 - 00000000 ____D () C:\Users\Robo\.ssh
2014-12-08 15:52 - 2014-12-08 16:52 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\GitHub
2014-12-08 15:52 - 2014-12-08 16:52 - 00000000 ____D () C:\Users\Robo\AppData\Local\GitHub
2014-12-08 15:52 - 2014-12-08 15:52 - 00002131 _____ () C:\Users\Robo\Desktop\Git Shell.lnk
2014-12-08 15:51 - 2014-12-08 15:52 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2014-12-08 15:51 - 2014-12-08 15:51 - 00000308 _____ () C:\Users\Robo\Desktop\GitHub.appref-ms
2014-12-08 15:49 - 2014-12-09 07:16 - 00000000 ____D () C:\Users\Robo\AppData\Local\Deployment
2014-12-08 15:49 - 2014-12-08 15:49 - 00000000 ____D () C:\Users\Robo\AppData\Local\Apps\2.0
2014-12-07 14:47 - 2014-12-07 14:47 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\NVIDIA
2014-12-07 14:46 - 2014-12-07 15:31 - 00000000 ____D () C:\Users\Robo\Documents\BioWare
2014-12-07 14:22 - 2014-12-07 14:22 - 00002216 _____ () C:\Users\Public\Desktop\Mass Effect 3.Deluxe Edition.v 1.5.5427.124 + 14 DLC.lnk
2014-12-07 14:22 - 2014-12-07 14:22 - 00002182 _____ () C:\Users\Public\Desktop\Mass Effect 3.(Íŕńňđîéęč).lnk
2014-12-07 14:22 - 2014-12-07 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repack by Fenixx
2014-12-06 19:19 - 2014-12-06 19:19 - 00000000 ____D () C:\Users\Robo\Desktop\ME3editor
2014-12-06 16:18 - 2014-12-06 15:06 - 00008583 _____ () C:\Users\Robo\Desktop\ZAD4.jar
2014-12-06 13:44 - 2014-12-06 13:44 - 00000000 ____D () C:\Users\Robo\Desktop\Zoči Voči (2014) - Audioheroín
2014-12-03 20:40 - 2014-12-03 20:40 - 00000000 ____D () C:\Users\Robo\Documents\Telltale Games
2014-12-02 19:12 - 2014-12-17 14:59 - 00000000 ____D () C:\Users\Robo\Desktop\OS
2014-12-01 20:20 - 2014-12-01 20:20 - 00000000 ___SD () C:\Users\Robo\Documents\My Shapes
2014-12-01 20:12 - 2014-12-25 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-27 20:28 - 2014-11-27 20:30 - 00000000 _____ () C:\Users\Robo\cd
2014-11-27 19:08 - 2014-11-27 20:45 - 00000000 ____D () C:\Program Files (x86)\UEFI Winflash

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 15:08 - 2014-04-28 09:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 15:06 - 2014-04-27 22:03 - 02052009 _____ () C:\Windows\WindowsUpdate.log
2014-12-26 14:44 - 2014-04-27 22:50 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-12-26 14:35 - 2009-07-14 06:12 - 00853842 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 13:11 - 2014-04-28 12:01 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\vlc
2014-12-26 11:16 - 2014-04-28 09:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-26 11:06 - 2009-07-14 05:50 - 00028160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-26 11:06 - 2009-07-14 05:50 - 00028160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-26 11:01 - 2014-10-22 18:02 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-12-26 11:01 - 2014-04-29 10:33 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-12-26 11:01 - 2014-04-27 22:50 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-12-26 11:00 - 2014-10-04 17:10 - 00000000 ____D () C:\ProgramData\VMware
2014-12-26 10:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-26 10:58 - 2014-05-17 15:50 - 00000000 ____D () C:\AdwCleaner
2014-12-26 10:56 - 2014-04-28 10:00 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\uTorrent
2014-12-25 21:24 - 2014-06-24 23:11 - 00000721 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-12-25 20:45 - 2014-04-28 12:58 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-25 20:45 - 2014-04-28 12:57 - 00000832 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-25 20:45 - 2014-04-28 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-25 20:04 - 2014-04-28 14:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-25 17:41 - 2014-09-24 08:47 - 00000000 ____D () C:\Program Files\Java
2014-12-25 17:41 - 2014-04-28 09:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-25 17:37 - 2014-08-05 21:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-25 17:37 - 2014-08-05 21:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-25 17:34 - 2014-05-12 13:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-25 17:27 - 2014-04-28 14:27 - 00007593 _____ () C:\Users\Robo\AppData\Local\Resmon.ResmonCfg
2014-12-23 00:09 - 2014-04-28 09:20 - 00000000 ____D () C:\Programy
2014-12-23 00:08 - 2014-04-28 14:35 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\DAEMON Tools Lite
2014-12-20 15:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-17 23:30 - 2014-04-28 09:26 - 00087696 _____ () C:\Users\Robo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-17 23:20 - 2009-07-14 05:50 - 00368544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-17 23:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-17 23:13 - 2011-04-12 14:39 - 00000000 ____D () C:\Windows\ShellNew
2014-12-17 16:09 - 2014-09-22 23:17 - 00000000 ____D () C:\Users\Robo\Desktop\THE PARANOID - Sedem (SK 2014)_[MP3.CBR.320]
2014-12-17 14:59 - 2014-11-19 13:47 - 00000000 ____D () C:\Users\Robo\Desktop\OOP
2014-12-16 17:13 - 2014-04-29 11:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-16 17:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-12-16 17:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-12-16 17:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-16 17:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-16 16:43 - 2014-04-27 23:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-16 16:39 - 2014-04-27 23:36 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-15 17:09 - 2014-10-01 20:33 - 00000600 _____ () C:\Users\Robo\AppData\Local\PUTTY.RND
2014-12-13 11:08 - 2014-04-28 10:04 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2014-04-28 10:04 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-13 11:08 - 2013-12-26 18:42 - 03293136 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-12-13 11:08 - 2013-12-26 18:42 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-13 11:08 - 2013-12-26 18:42 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-13 11:08 - 2013-12-26 18:42 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-13 11:08 - 2013-12-26 18:42 - 00027983 _____ () C:\Windows\system32\nvinfo.pb
2014-12-13 09:03 - 2014-04-28 09:44 - 06859408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-12-13 09:03 - 2014-04-28 09:44 - 03513488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-04-28 09:44 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-04-28 09:44 - 01097360 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-12-13 09:03 - 2014-04-28 09:44 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-04-28 09:44 - 00628040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2014-12-13 09:03 - 2014-04-28 09:44 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-12-13 09:03 - 2014-04-28 09:44 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-12-13 09:03 - 2014-04-28 09:44 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-13 01:12 - 2014-08-29 22:16 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-08-29 22:16 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2014-04-28 10:09 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-04-28 10:09 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2014-04-28 09:44 - 04151176 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-12 17:05 - 2014-07-16 16:53 - 00000353 _____ () C:\Users\Robo\Desktop\Nový textový dokument (3).txt
2014-12-11 21:48 - 2014-09-24 08:55 - 00000000 ____D () C:\Users\Robo\Documents\NetBeansProjects
2014-12-10 18:17 - 2014-04-28 09:55 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 18:17 - 2014-04-28 09:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 18:17 - 2014-04-28 09:55 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 13:44 - 2014-10-24 10:03 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-09 13:44 - 2014-10-24 10:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-09 13:44 - 2014-10-24 10:03 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-09 13:44 - 2014-04-28 09:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-08 17:16 - 2014-04-27 22:10 - 00000000 ____D () C:\Users\Robo
2014-12-07 21:07 - 2014-11-03 14:57 - 00000000 ____D () C:\Users\Robo\Desktop\vsa1
2014-12-07 14:24 - 2014-05-09 23:10 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-07 13:50 - 2014-04-28 17:42 - 00000000 ____D () C:\Hry
2014-12-04 21:19 - 2014-06-19 18:45 - 00000000 ____D () C:\Users\Robo\AppData\Roaming\Skype
2014-12-03 12:18 - 2014-10-17 17:30 - 00000000 ____D () C:\Users\Robo\Desktop\dbs
2014-12-02 16:03 - 2014-04-28 14:46 - 00000000 ____D () C:\Users\Robo\AppData\Local\Microsoft Help
2014-12-01 20:12 - 2014-06-27 13:04 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-12-01 20:10 - 2014-04-28 14:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-27 19:26 - 2014-05-06 20:44 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

Some content of TEMP:
====================
C:\Users\Robo\AppData\Local\Temp\avgnt.exe
C:\Users\Robo\AppData\Local\Temp\Quarantine.exe
C:\Users\Robo\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-20 15:30

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:137.37 GB) (Free:38.48 GB) NTFS
Drive d: () (Fixed) (Total:774.41 GB) (Free:90.89 GB) NTFS

Available physical RAM: 3789.09 MB
Total physical RAM: 6007.38 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AC5A9DEA)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=137.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=774.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

==================== Security Center ==================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Robo\Desktop" je 3542 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Programy\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Programy\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch
C:\Program Files (x86)\Connectify\DispatchUI.exe autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot
C:\Program Files (x86)\Connectify\Connectify.exe autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray.exe
"C:\Programy\Vmware\vmware-tray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\Programy\Lenovo\BLUETO~1\BTTray.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **Márty84** » 26 pro 2014 16:26

extreme41 píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Robo\Desktop" je 3542 MB.

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

R2 !SASCORE; C:\Programy\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-10-01] (SUPERAntiSpyware.com)
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

extreme41 · #9 Příspěvek od **extreme41** » 26 pro 2014 18:03

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-12-2014
Ran by Robo at 2014-12-26 17:44:48 Run:1
Running from C:\Users\Robo\Desktop
Loaded Profile: Robo (Available profiles: Robo)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

R2 !SASCORE; C:\Programy\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-10-01] (SUPERAntiSpyware.com)
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
!SASCORE => Service stopped successfully.
!SASCORE => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => Moved successfully.
C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Oper cia sa Łspeçne dokonźila.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========

Oper cia sa Łspeçne dokonźila.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f =========

Oper cia sa Łspeçne dokonźila.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch" /f =========

Oper cia sa Łspeçne dokonźila.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot" /f =========

Oper cia sa Łspeçne dokonźila.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Oper cia sa Łspeçne dokonźila.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f =========

Oper cia sa Łspeçne dokonźila.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 466.4 MB temporary data.

The system needed a reboot.

==== End of Fixlog 17:46:47 ====

#10 Příspěvek od **Márty84** » 26 pro 2014 18:15

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remote disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

extreme41 · #11 Příspěvek od **extreme41** » 27 pro 2014 18:38

Hotovo. Vyzera ze slape rychlejsie. Dakujem pekne za vas cas

#12 Příspěvek od **Márty84** » 27 pro 2014 19:09

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Prosim o kontrolu

Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu