Prosím o kontrolu, pc neustále něco stahuje.

[impedance]

Za čtvrt hodinky mě pc stáhl sám od sebe 50 Mb z netu a tak to pokračuje dál a dál. Teď už to je 200Mb. Zjistil jsem to v programu winbox, který můj zprostředkovatel používá k nastavování naší sítě. příkaz netstat -b ukázal jen pingování maxthonu což si myslím, že je ok.
Já jako laik, tomu moc nerozumím. Jen pro upozornění.
Tady je log z FRSTlauncheru:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Pepsimaxzu (administrator) on PEPSIMAXZU-PC on 30-12-2014 09:38:12
Running from C:\Users\Pepsimaxzu\Desktop
Loaded Profile: Pepsimaxzu (Available profiles: Pepsimaxzu)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Maxthon)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
() C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(forum.viry.cz) C:\Users\Pepsimaxzu\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-03-06] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2039192 2014-11-24] (APN)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-07] ()
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [DAEMON Tools Lite] => C:\Programy\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [NvLedServiceHost] => C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe [86160 2014-11-06] ()
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe [3543040 2010-12-18] ()
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [OscarKeyboard] => C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe [3543040 2010-12-18] ()
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\MountPoints2: {44fd8ec0-e5c6-11e3-bc4e-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-14] (Microsoft Corporation)
AppInit_DLLs-x32:  => "" File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3496424538-795965940-1266878977-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN11459&gct=hp&d=488-101&v=n12521-384&t=4
SearchScopes: HKU\S-1-5-21-3496424538-795965940-1266878977-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={F6F7302C-088C-4D95-9F04-1CDC236DAEC2}&mid=39bc0caddafd47d284e00a02dc1554e9-5e25fda710abd01e94da8b08949c9d3e8fd815ab&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-07 16:07:47&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
BHO-x32: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 192.168.3.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-10-30] (APN LLC.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-11-07] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-23] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-02] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-07] (AVG Secure Search)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-14] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-11-07] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-30] (Disc Soft Ltd)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 RTCore64; C:\Programy\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-26] (Duplex Secure Ltd.)
U3 abrwk5le; C:\Windows\System32\Drivers\abrwk5le.sys [0 ] (Advanced Micro Devices)
S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Programy\Live Update\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-30 09:38 - 2014-12-30 09:38 - 00016044 _____ () C:\Users\Pepsimaxzu\Desktop\FRST.txt
2014-12-30 09:36 - 2014-12-30 09:38 - 00000000 ____D () C:\FRST
2014-12-30 09:36 - 2014-12-30 09:36 - 00112640 _____ (forum.viry.cz) C:\Users\Pepsimaxzu\Desktop\FRSTLauncher.exe
2014-12-30 09:35 - 2014-12-30 09:35 - 02123264 _____ (Farbar) C:\Users\Pepsimaxzu\Desktop\FRST64.exe
2014-12-27 22:14 - 2014-12-27 22:14 - 00000000 ____D () C:\ProgramData\NovaTech Network
2014-12-27 22:13 - 2014-12-27 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaBench
2014-12-25 09:08 - 2014-12-25 09:08 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 19:01 - 2014-12-23 21:14 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Local\DayZ
2014-12-23 19:01 - 2014-12-23 19:43 - 00000000 ____D () C:\Users\Pepsimaxzu\Documents\DayZ
2014-12-23 14:28 - 2014-12-23 14:28 - 00000219 _____ () C:\Users\Pepsimaxzu\Desktop\DayZ.url
2014-12-22 19:13 - 2014-12-22 19:13 - 10370965 _____ () C:\Users\Pepsimaxzu\Desktop\p250.rar
2014-12-21 20:23 - 2014-12-30 09:06 - 00002856 _____ () C:\Windows\setupact.log
2014-12-21 20:23 - 2014-12-21 20:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-18 18:20 - 2014-12-18 18:20 - 00012255 _____ () C:\Users\Pepsimaxzu\Desktop\[CzT]Predestination_2014_CZ_.torrent
2014-12-18 18:19 - 2014-12-18 18:19 - 00011429 _____ () C:\Users\Pepsimaxzu\Desktop\[CzT]Expendables_Postradatelni_3_The_Expendables_3_2014_CZ_.torrent
2014-12-18 16:38 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 16:38 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-13 20:17 - 2014-12-13 20:20 - 00000000 ____D () C:\Users\Pepsimaxzu\Desktop\Nová složka (4)
2014-12-13 09:15 - 2014-12-13 09:15 - 00000000 __SHD () C:\Users\Pepsimaxzu\AppData\Local\EmieBrowserModeList
2014-12-12 11:51 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-12 11:51 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 11:51 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 11:51 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 11:51 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 11:51 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 11:51 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-12 11:51 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 11:51 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-12 11:51 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-12 11:51 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 11:51 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-12 11:51 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 11:51 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-12 11:51 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 11:51 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-12 11:51 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 11:51 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 11:51 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 11:51 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 11:51 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 11:51 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-12 11:51 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 11:51 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 11:51 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-12 11:51 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 11:51 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 11:51 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 11:51 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 11:51 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 11:51 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-12 11:51 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 11:51 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 11:51 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 11:51 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-12 11:51 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-12 11:51 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 11:51 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 11:51 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 11:51 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 11:51 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-12 11:51 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 11:51 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 11:51 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 11:51 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 11:51 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 11:51 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 11:51 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 11:51 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 11:51 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 11:51 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-12 11:51 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 11:51 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 11:51 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 11:51 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 11:51 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 19:03 - 2014-12-09 19:03 - 03540144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-08 15:48 - 2014-12-30 09:06 - 00000364 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rmv.job
2014-12-08 15:48 - 2014-12-30 09:06 - 00000364 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rel.job
2014-12-08 15:48 - 2014-12-16 15:50 - 00000000 ____D () C:\ProgramData\Avg_Update_1214tb
2014-12-08 15:48 - 2014-12-08 15:48 - 00002658 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_1214tb_rmv
2014-12-08 15:48 - 2014-12-08 15:48 - 00002656 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_1214tb_rel
2014-12-06 19:09 - 2014-12-05 21:37 - 1417518867 _____ () C:\Users\Pepsimaxzu\Desktop\Atlantis.S02E03.Telemon.720p.WEB-DL.AAC2.0.H.264-Coo7.mkv

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-30 09:16 - 2014-06-27 17:16 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Local\Adobe
2014-12-30 09:12 - 2009-07-14 16:18 - 00668542 _____ () C:\Windows\system32\perfh005.dat
2014-12-30 09:12 - 2009-07-14 16:18 - 00141202 _____ () C:\Windows\system32\perfc005.dat
2014-12-30 09:12 - 2009-07-14 06:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-30 09:11 - 2014-05-26 16:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-30 09:11 - 2014-05-24 20:26 - 01118383 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 09:07 - 2014-11-16 12:11 - 00000000 ____D () C:\Users\Pepsimaxzu\Documents\Assassin's Creed Unity
2014-12-30 09:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-29 22:34 - 2009-07-14 05:45 - 00022160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-29 22:34 - 2009-07-14 05:45 - 00022160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-29 22:03 - 2014-06-12 16:17 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-29 20:35 - 2014-09-13 16:11 - 00000000 ____D () C:\Users\Pepsimaxzu\Steam
2014-12-29 12:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-28 13:27 - 2014-05-26 16:03 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Local\Avg2014
2014-12-28 13:25 - 2014-05-30 15:52 - 00000000 ____D () C:\Hry
2014-12-28 00:57 - 2014-10-28 15:22 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Roaming\TS3Client
2014-12-27 22:13 - 2014-05-26 16:34 - 00000000 ____D () C:\Programy
2014-12-23 14:28 - 2014-09-13 16:30 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-22 19:14 - 2014-09-20 21:06 - 00000000 ____D () C:\Users\Pepsimaxzu\Desktop\cosworkbench
2014-12-21 19:17 - 2014-06-20 19:13 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Roaming\uTorrent
2014-12-21 16:32 - 2014-06-20 19:15 - 00000000 ____D () C:\torrenty
2014-12-13 10:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 09:10 - 2014-06-27 17:03 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-13 09:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 00:42 - 2014-06-15 11:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 00:41 - 2014-06-15 11:07 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 21:17 - 2014-10-14 16:35 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-12-09 19:03 - 2014-06-12 16:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 19:03 - 2014-06-12 16:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 19:03 - 2014-06-12 16:17 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 15:48 - 2014-11-07 16:07 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-12-02 16:42 - 2014-10-26 15:20 - 00002541 _____ () C:\Users\Pepsimaxzu\Desktop\stilo.txt

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rel.job => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rmv.job => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pepsimaxzu\Desktop" je 259372 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================

[motji]

¨Zdravím,
pěkně zavirované

Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

[impedance]

Napoprvé po kliknutí na clean program spadl. Postup jsem opakoval a zdá se, že vše proběhlo jak má. Zde je tedy log po restartu.

Kód: Vybrat vše

# AdwCleaner v4.106 - Report created 30/12/2014 at 18:08:40
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Pepsimaxzu - PEPSIMAXZU-PC
# Running from : C:\Users\Pepsimaxzu\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : PanService
Service Deleted : vToolbarUpdater18.1.10

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Browser Tab Search by Ask
Folder Deleted : C:\Program Files (x86)\PANDORA.TV
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\PEPSIM~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Pepsimaxzu\AppData\Local\AskPartnerNetwork

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5637-4300-76A7-7A786E7484D7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5637-4300-76A7-7A786E7484D7}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

*************************

AdwCleaner[R0].txt - [11015 octets] - [30/12/2014 18:06:44]
AdwCleaner[R1].txt - [11111 octets] - [30/12/2014 18:08:02]
AdwCleaner[S0].txt - [369 octets] - [30/12/2014 18:07:39]
AdwCleaner[S1].txt - [10635 octets] - [30/12/2014 18:08:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10696 octets] ##########

[motji]

Hezké , jedeme dál. prosím nedávejte logy do code, špatně se to čte. Díky

Stahněte MBAM http://forum.viry.cz/viewtopic.php?f=29&t=137928
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[impedance]

zde je tedy log.

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 31.12.2014
Scan Time: 17:26:08
Logfile: log3.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.31.04
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Pepsimaxzu

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 319258
Time Elapsed: 5 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[motji]

Poprosím o nový log z Frstu. Ještě pc něco stahuje?

[impedance]

pc teď průměrně stahuje 90kbps. Což je asi ok?

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Pepsimaxzu (administrator) on PEPSIMAXZU-PC on 01-01-2015 11:34:31
Running from C:\Users\Pepsimaxzu\Desktop
Loaded Profile: Pepsimaxzu (Available profiles: Pepsimaxzu)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Maxthon)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
() C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Maxthon International ltd.) C:\Programy\Maxthon\Bin\Maxthon.exe
(forum.viry.cz) C:\Users\Pepsimaxzu\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-03-06] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [DAEMON Tools Lite] => C:\Programy\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [NvLedServiceHost] => C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe [86160 2014-11-06] ()
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe [3543040 2010-12-18] ()
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [OscarKeyboard] => C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe [3543040 2010-12-18] ()
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\MountPoints2: {44fd8ec0-e5c6-11e3-bc4e-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-14] (Microsoft Corporation)
AppInit_DLLs-x32: => "" File Not Found

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 192.168.3.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-11-07] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-23] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-02] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-14] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-11-07] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-30] (Disc Soft Ltd)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 RTCore64; C:\Programy\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-26] (Duplex Secure Ltd.)
U3 a3nmvvtd; C:\Windows\System32\Drivers\a3nmvvtd.sys [0 ] (Advanced Micro Devices)
S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Programy\Live Update\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 22:32 - 2014-12-31 22:32 - 00037162 _____ () C:\Users\Pepsimaxzu\Desktop\arrow.s01e11.hdtv.x264-lol.srt
2014-12-31 21:15 - 2014-12-31 21:15 - 00036814 _____ () C:\Users\Pepsimaxzu\Desktop\arrow.s01e12.hdtv.x264-lol.srt
2014-12-31 21:14 - 2014-12-31 21:14 - 00037621 _____ () C:\Users\Pepsimaxzu\Desktop\arrow.s01e10.hdtv.x264-lol.srt
2014-12-31 17:16 - 2014-12-31 17:26 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 17:16 - 2014-12-31 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-31 17:16 - 2014-12-31 17:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-31 17:16 - 2014-12-31 17:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-31 17:16 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-31 17:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-31 17:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-30 18:09 - 2015-01-01 10:41 - 00000686 _____ () C:\Windows\PFRO.log
2014-12-30 18:06 - 2014-12-30 18:08 - 00000000 ____D () C:\AdwCleaner
2014-12-30 18:05 - 2014-12-30 18:05 - 02173952 _____ () C:\Users\Pepsimaxzu\Desktop\AdwCleaner.exe
2014-12-30 13:58 - 2014-12-30 13:58 - 00034854 _____ () C:\Users\Pepsimaxzu\Desktop\atlantis.s01e10.720p.hdtv.x264-tla.srt
2014-12-30 13:58 - 2014-12-30 13:58 - 00025382 _____ () C:\Users\Pepsimaxzu\Desktop\atlantis.s01e11.720p.hdtv.x264-tla.srt
2014-12-30 13:57 - 2014-12-30 13:57 - 00012317 _____ () C:\Users\Pepsimaxzu\Desktop\Atlantis.2013.1x01.The.Earth.Bull.HDTV.x264-FoV.zip
2014-12-30 09:38 - 2015-01-01 11:34 - 00011985 _____ () C:\Users\Pepsimaxzu\Desktop\FRST.txt
2014-12-30 09:36 - 2015-01-01 11:34 - 00000000 ____D () C:\FRST
2014-12-30 09:36 - 2014-12-30 09:36 - 00112640 _____ (forum.viry.cz) C:\Users\Pepsimaxzu\Desktop\FRSTLauncher.exe
2014-12-30 09:35 - 2014-12-30 09:35 - 02123264 _____ (Farbar) C:\Users\Pepsimaxzu\Desktop\FRST64.exe
2014-12-27 22:14 - 2014-12-27 22:14 - 00000000 ____D () C:\ProgramData\NovaTech Network
2014-12-27 22:13 - 2014-12-27 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaBench
2014-12-25 09:08 - 2014-12-25 09:08 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 19:01 - 2014-12-23 21:14 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Local\DayZ
2014-12-23 19:01 - 2014-12-23 19:43 - 00000000 ____D () C:\Users\Pepsimaxzu\Documents\DayZ
2014-12-23 14:28 - 2014-12-23 14:28 - 00000219 _____ () C:\Users\Pepsimaxzu\Desktop\DayZ.url
2014-12-22 19:13 - 2014-12-22 19:13 - 10370965 _____ () C:\Users\Pepsimaxzu\Desktop\p250.rar
2014-12-21 20:23 - 2015-01-01 10:43 - 00005100 _____ () C:\Windows\setupact.log
2014-12-21 20:23 - 2014-12-21 20:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-18 16:38 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 16:38 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-13 20:17 - 2014-12-13 20:20 - 00000000 ____D () C:\Users\Pepsimaxzu\Desktop\Nová složka (4)
2014-12-13 09:15 - 2014-12-13 09:15 - 00000000 __SHD () C:\Users\Pepsimaxzu\AppData\Local\EmieBrowserModeList
2014-12-12 11:51 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-12 11:51 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 11:51 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 11:51 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 11:51 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 11:51 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 11:51 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-12 11:51 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 11:51 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-12 11:51 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-12 11:51 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 11:51 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-12 11:51 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 11:51 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-12 11:51 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 11:51 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-12 11:51 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 11:51 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 11:51 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 11:51 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 11:51 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 11:51 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-12 11:51 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 11:51 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 11:51 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-12 11:51 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 11:51 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 11:51 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 11:51 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 11:51 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 11:51 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-12 11:51 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 11:51 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 11:51 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 11:51 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-12 11:51 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-12 11:51 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 11:51 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 11:51 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 11:51 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 11:51 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-12 11:51 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 11:51 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 11:51 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 11:51 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 11:51 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 11:51 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 11:51 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 11:51 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 11:51 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 11:51 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-12 11:51 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 11:51 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 11:51 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 11:51 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 11:51 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 19:03 - 2014-12-09 19:03 - 03540144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-08 15:48 - 2015-01-01 10:41 - 00000364 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rmv.job
2014-12-08 15:48 - 2015-01-01 10:41 - 00000364 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rel.job
2014-12-08 15:48 - 2014-12-16 15:50 - 00000000 ____D () C:\ProgramData\Avg_Update_1214tb
2014-12-08 15:48 - 2014-12-08 15:48 - 00002658 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_1214tb_rmv
2014-12-08 15:48 - 2014-12-08 15:48 - 00002656 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_1214tb_rel
2014-12-06 19:09 - 2014-12-05 21:37 - 1417518867 _____ () C:\Users\Pepsimaxzu\Desktop\Atlantis.S02E03.Telemon.720p.WEB-DL.AAC2.0.H.264-Coo7.mkv

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-01 11:03 - 2014-06-12 16:17 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-01 10:51 - 2014-06-27 17:16 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Local\Adobe
2015-01-01 10:47 - 2014-05-26 16:03 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-01 10:47 - 2009-07-14 16:18 - 00668542 _____ () C:\Windows\system32\perfh005.dat
2015-01-01 10:47 - 2009-07-14 16:18 - 00141202 _____ () C:\Windows\system32\perfc005.dat
2015-01-01 10:47 - 2009-07-14 06:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-01 10:46 - 2014-05-24 20:26 - 01164200 _____ () C:\Windows\WindowsUpdate.log
2015-01-01 10:43 - 2014-11-16 12:11 - 00000000 ____D () C:\Users\Pepsimaxzu\Documents\Assassin's Creed Unity
2015-01-01 10:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-01 01:10 - 2014-09-13 16:11 - 00000000 ____D () C:\Users\Pepsimaxzu\Steam
2015-01-01 01:10 - 2009-07-14 05:45 - 00022160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-01 01:10 - 2009-07-14 05:45 - 00022160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-31 16:19 - 2014-06-20 19:13 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Roaming\uTorrent
2014-12-30 16:05 - 2014-06-20 19:15 - 00000000 ____D () C:\torrenty
2014-12-30 12:06 - 2014-06-18 15:43 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-30 12:06 - 2014-06-18 10:46 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-29 12:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-28 13:27 - 2014-05-26 16:03 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Local\Avg2014
2014-12-28 13:25 - 2014-05-30 15:52 - 00000000 ____D () C:\Hry
2014-12-28 00:57 - 2014-10-28 15:22 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Roaming\TS3Client
2014-12-27 22:13 - 2014-05-26 16:34 - 00000000 ____D () C:\Programy
2014-12-23 14:28 - 2014-09-13 16:30 - 00000000 ____D () C:\Users\Pepsimaxzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-22 19:14 - 2014-09-20 21:06 - 00000000 ____D () C:\Users\Pepsimaxzu\Desktop\cosworkbench
2014-12-13 10:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 09:10 - 2014-06-27 17:03 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-13 09:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 00:42 - 2014-06-15 11:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 00:41 - 2014-06-15 11:07 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 21:17 - 2014-10-14 16:35 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-12-09 19:03 - 2014-06-12 16:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 19:03 - 2014-06-12 16:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 19:03 - 2014-06-12 16:17 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 15:48 - 2014-11-07 16:07 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-12-02 16:42 - 2014-10-26 15:20 - 00002541 _____ () C:\Users\Pepsimaxzu\Desktop\stilo.txt

Some content of TEMP:
====================
C:\Users\Pepsimaxzu\AppData\Local\Temp\KMP_3.9.1.131.exe
C:\Users\Pepsimaxzu\AppData\Local\Temp\Quarantine.exe
C:\Users\Pepsimaxzu\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 11:42




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:931.41 GB) (Free:72.57 GB) NTFS
Drive h: (vivik) (Removable) (Total:14.47 GB) (Free:4.72 GB) NTFS

Available physical RAM: 5958.79 MB
Total physical RAM: 8079.14 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B94CD7AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.5 GB) (Disk ID: 00000000)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rel.job => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rmv.job => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pepsimaxzu\Desktop" je 259364 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Pepsimaxzu at 2015-01-01 11:34:43
Running from C:\Users\Pepsimaxzu\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3496424538-795965940-1266878977-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizace NVIDIA 16.13.65 (Version: 16.13.65 - NVIDIA Corporation) Hidden
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C1500}) (Version: 12.21.0.128 - APN, LLC) <==== ATTENTION
Assassin's Creed Unity (HKLM-x32\...\Assassin's Creed Unity_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4794 - AVG Technologies CZ, s.r.o.)
AVG 2014 (Version: 14.0.4253 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2014 (Version: 14.0.4794 - AVG Technologies CZ, s.r.o.) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bioshock Infinite 1.1.21.26939 (HKLM-x32\...\Bioshock Infinite_is1) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dishonored verze 1.2 (HKLM-x32\...\{E52B76E9-F6DE-4EF1-BAFD-1684B037C7FA}_is1) (Version: 1.2 - tomi2k9)
EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
Far Cry 3 v1.01 (HKLM-x32\...\Far Cry 3_is1) (Version: - )
Far Cry 4 (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
GamePark (HKLM-x32\...\GameParkClient_is1) (Version: - GamePark)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.19 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
LTspice IV (HKLM-x32\...\LTspice IV) (Version: - )
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 3 1.5 (HKLM-x32\...\Mass Effect 3_is1) (Version: - )
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.300 - Maxthon International Limited)
Medal of Honor Warfighter v1.0.0.3 (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}_is1) (Version: 1.0.0.3 - EA Games)
Metro Last Light 1.0.0.14 (HKLM-x32\...\Metro Last Light_is1) (Version: - )
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Mirror's Edge_is1) (Version: - )
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.18 - MSI)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{fbd55c4e-e884-4210-a79b-5f158834b133}) (Version: 4.4.0.103 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.4.0.103 - Intel Corporation) Hidden
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
NovaBench 3.0.4 (HKLM-x32\...\{88603FC0-6B3C-442D-981E-E3D49F083548}_is1) (Version: - Novawave Inc.)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
Pandora Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - Pandora.TV) <==== ATTENTION
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.55 - KMP Media co., Ltd)
The Walking Dead Epizody 1-5 verze 1.0 (HKLM-x32\...\{65BE85A8-13BB-4B4A-B1AF-EC6054292C00}_is1) (Version: 1.0 - Telltale Games)
The Walking Dead: Season 2 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
Tomb Raider verze 1.0.716.5 (HKLM-x32\...\Tomb Raider_is1) (Version: 1.0.716.5 - Square Enix)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
X7 Oscar Keyboard Editor (HKLM-x32\...\InstallShield_{AB363F8A-FE88-4188-9D4F-B9014989A7E7}) (Version: 10.12.0003 - A4TECH)
X7 Oscar Keyboard Editor (x32 Version: 10.12.0003 - A4TECH) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3496424538-795965940-1266878977-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

13-12-2014 00:40:23 Windows Update
18-12-2014 19:58:46 Windows Update
26-12-2014 22:23:13 Naplánovaný kontrolní bod
27-12-2014 22:13:27 Nainstalováno rozhraní DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {087ADED4-DFCC-4C1C-AA1C-EC3E2AA60149} - System32\Tasks\{197F1605-70E6-484F-95C3-290F5D951EAE} => C:\Hry\Bioshock Infinite\Binaries\Win32\BioShockInfinite.exe [2013-04-12] (Irrational Games)
Task: {83435B9F-7F9D-4F1A-9619-A309C6C6E07E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {885B3D9B-6AC3-48AD-B013-3B294AFA32AC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {AC0A9C5A-F427-4530-AF51-9544B68A6FC0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C4059192-2280-4DC0-B51C-2ECD615B9CB9} - System32\Tasks\AVG-Secure-Search-Update_1214tb_rel => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe [2014-12-08] ()
Task: {C5369C96-DC4E-4DC3-A0A5-2B2302EA1A54} - System32\Tasks\Maxthon Update => C:\Programy\Maxthon\Bin\mxup.exe [2014-12-10] (Maxthon International ltd.)
Task: {F8B20C2C-069E-460D-ACD2-4906D3000C9B} - System32\Tasks\AVG-Secure-Search-Update_1214tb_rmv => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe [2014-12-08] ()
Task: {FDE988E3-BB85-4C54-96F5-52C9C8C69C91} - System32\Tasks\AdobeAAMUpdater-1.0-Pepsimaxzu-PC-Pepsimaxzu => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rel.job => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_1214tb_rmv.job => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe

==================== Loaded Modules (whitelisted) =============

2014-05-26 15:57 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-18 10:46 - 2014-08-02 16:52 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-08 15:48 - 2014-12-08 15:48 - 02794520 _____ () C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe
2014-09-15 15:42 - 2010-09-06 17:21 - 00538435 _____ () C:\Programy\JpegResampler2010\JRcm64.dll
2014-05-26 15:58 - 2014-11-06 18:06 - 00086160 _____ () C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
2010-12-18 09:11 - 2010-12-18 09:11 - 03543040 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe
2014-10-09 20:44 - 2014-10-09 20:44 - 00504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 09315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-05-26 15:58 - 2014-11-06 18:06 - 00622400 _____ () C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvGpuInterface.dll
2010-12-02 16:56 - 2010-12-02 16:56 - 00815104 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\Data\X7_Keyboard\Forms\OSD_Text\OSD_Text.dll
2010-10-11 09:13 - 2010-10-11 09:13 - 00087040 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\DLL\DLL_MouseDeviceManager.dll
2010-12-02 19:01 - 2010-12-02 19:01 - 00994304 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\Data\X7_Keyboard\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-12-02 18:29 - 2010-12-02 18:29 - 00900608 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\Data\X7_Keyboard\Forms\ProfileHint\ProfileHint.dll
2010-12-03 13:43 - 2010-12-03 13:43 - 00943104 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\Data\X7_Keyboard\Forms\KeySettingRemind\KeySettingRemind.dll
2010-09-20 13:18 - 2010-09-20 13:18 - 00085504 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\DLL\DLL_ZoomControl.dll
2010-09-20 13:18 - 2010-09-20 13:18 - 00054272 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\DLL\DLL_ScrollbarControl.dll
2010-09-20 13:19 - 2010-09-20 13:19 - 00062976 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 19:16 - 2010-11-01 19:16 - 00062976 _____ () C:\Program Files (x86)\X7 Oscar Keyboard Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2014-06-12 18:33 - 2014-03-24 07:16 - 00258944 _____ () C:\Programy\Maxthon\bin\Maxzlib.dll
2014-06-12 18:33 - 2014-03-24 07:16 - 00258944 _____ () C:\Programy\Maxthon\Bin\maxzlib.dll
2014-06-12 18:33 - 2014-04-22 02:46 - 00247096 _____ () C:\Programy\Maxthon\Addons\Mobile\MxMobile.dll
2014-06-12 18:33 - 2014-03-24 07:16 - 00887064 _____ () C:\Programy\Maxthon\Core\Webkit\libglesv2.dll
2014-06-12 18:33 - 2014-03-24 07:16 - 00109336 _____ () C:\Programy\Maxthon\Core\Webkit\libegl.dll
2014-06-12 18:33 - 2014-03-24 07:16 - 02128152 _____ () C:\Programy\Maxthon\Core\Webkit\ffmpegsumo.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3496424538-795965940-1266878977-500 - Administrator - Disabled)
Guest (S-1-5-21-3496424538-795965940-1266878977-501 - Limited - Disabled)
Pepsimaxzu (S-1-5-21-3496424538-795965940-1266878977-1000 - Administrator - Enabled) => C:\Users\Pepsimaxzu

==================== Faulty Device Manager Devices =============

Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/30/2014 06:07:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AdwCleaner.exe, verze: 4.1.0.6, časové razítko: 0x5496eddb
Název chybujícího modulu: AdwCleaner.exe, verze: 4.1.0.6, časové razítko: 0x5496eddb
Kód výjimky: 0xc0000005
Posun chyby: 0x00020ce1
ID chybujícího procesu: 0x66c
Čas spuštění chybující aplikace: 0xAdwCleaner.exe0
Cesta k chybující aplikaci: AdwCleaner.exe1
Cesta k chybujícímu modulu: AdwCleaner.exe2
ID zprávy: AdwCleaner.exe3

Error: (12/30/2014 01:43:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program KMPlayer.exe verze 3.4.0.55 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1838

Čas spuštění: 01d0242e203867db

Čas ukončení: 1

Cesta k aplikaci: C:\Programy\The KMPlayer\KMPlayer.exe

ID hlášení:

Error: (12/29/2014 10:50:31 AM) (Source: PandoraService.exe) (EventID: 0) (User: )
Description: Socket Error # 11001
Host not found.

Error: (12/28/2014 09:47:33 AM) (Source: PandoraService.exe) (EventID: 0) (User: )
Description: Socket Error # 11001
Host not found.

Error: (12/26/2014 08:39:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DayZ.exe, verze: 0.52.126.10, časové razítko: 0x5493f5d5
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea8e7
Kód výjimky: 0xc0000005
Posun chyby: 0x00038cef
ID chybujícího procesu: 0x1bf4
Čas spuštění chybující aplikace: 0xDayZ.exe0
Cesta k chybující aplikaci: DayZ.exe1
Cesta k chybujícímu modulu: DayZ.exe2
ID zprávy: DayZ.exe3

Error: (12/26/2014 00:59:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DayZ.exe, verze: 0.52.126.10, časové razítko: 0x5493f5d5
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea8e7
Kód výjimky: 0xc0000005
Posun chyby: 0x00038cef
ID chybujícího procesu: 0x530
Čas spuštění chybující aplikace: 0xDayZ.exe0
Cesta k chybující aplikaci: DayZ.exe1
Cesta k chybujícímu modulu: DayZ.exe2
ID zprávy: DayZ.exe3

Error: (12/26/2014 01:42:46 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [18]

Error: (12/25/2014 07:08:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DayZ.exe, verze: 0.52.126.10, časové razítko: 0x5493f5d5
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea8e7
Kód výjimky: 0xc0000005
Posun chyby: 0x00038cef
ID chybujícího procesu: 0x828
Čas spuštění chybující aplikace: 0xDayZ.exe0
Cesta k chybující aplikaci: DayZ.exe1
Cesta k chybujícímu modulu: DayZ.exe2
ID zprávy: DayZ.exe3

Error: (12/25/2014 05:00:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DayZ.exe, verze: 0.52.126.10, časové razítko: 0x5493f5d5
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea8e7
Kód výjimky: 0xc0000005
Posun chyby: 0x00038cef
ID chybujícího procesu: 0xe9c
Čas spuštění chybující aplikace: 0xDayZ.exe0
Cesta k chybující aplikaci: DayZ.exe1
Cesta k chybujícímu modulu: DayZ.exe2
ID zprávy: DayZ.exe3

Error: (12/25/2014 01:00:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DayZ.exe, verze: 0.52.126.10, časové razítko: 0x5493f5d5
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea8e7
Kód výjimky: 0xc0000005
Posun chyby: 0x00038cef
ID chybujícího procesu: 0xf24
Čas spuštění chybující aplikace: 0xDayZ.exe0
Cesta k chybující aplikaci: DayZ.exe1
Cesta k chybujícímu modulu: DayZ.exe2
ID zprávy: DayZ.exe3


System errors:
=============
Error: (01/01/2015 10:44:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).

Error: (12/30/2014 06:08:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/30/2014 06:08:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/30/2014 06:08:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/30/2014 06:08:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Extreme Tuning Utility Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/30/2014 06:08:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BBUpdate byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/30/2014 06:08:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Integrated Clock Controller Service - Intel(R) ICCS byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/30/2014 06:08:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/30/2014 06:08:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/30/2014 06:08:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Microsoft Office Sessions:
=========================
Error: (12/30/2014 06:07:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AdwCleaner.exe4.1.0.65496eddbAdwCleaner.exe4.1.0.65496eddbc000000500020ce166c01d02452f66c7964C:\Users\Pepsimaxzu\Desktop\AdwCleaner.exeC:\Users\Pepsimaxzu\Desktop\AdwCleaner.exe5b95d741-9046-11e4-9c1f-74d43583b043

Error: (12/30/2014 01:43:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: KMPlayer.exe3.4.0.55183801d0242e203867db1C:\Programy\The KMPlayer\KMPlayer.exe

Error: (12/29/2014 10:50:31 AM) (Source: PandoraService.exe) (EventID: 0) (User: )
Description: Socket Error # 11001
Host not found.

Error: (12/28/2014 09:47:33 AM) (Source: PandoraService.exe) (EventID: 0) (User: )
Description: Socket Error # 11001
Host not found.

Error: (12/26/2014 08:39:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DayZ.exe0.52.126.105493f5d5ntdll.dll6.1.7601.18247521ea8e7c000000500038cef1bf401d0212cdd0ffd65C:\Users\Pepsimaxzu\Steam\steamapps\common\DayZ\DayZ.exeC:\Windows\SysWOW64\ntdll.dlldf67295d-8d36-11e4-8625-74d43583b043

Error: (12/26/2014 00:59:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DayZ.exe0.52.126.105493f5d5ntdll.dll6.1.7601.18247521ea8e7c000000500038cef53001d020f92f429ddbC:\Users\Pepsimaxzu\Steam\steamapps\common\DayZ\DayZ.exeC:\Windows\SysWOW64\ntdll.dllb5c9543e-8cf6-11e4-8625-74d43583b043

Error: (12/26/2014 01:42:46 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [18]

Error: (12/25/2014 07:08:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DayZ.exe0.52.126.105493f5d5ntdll.dll6.1.7601.18247521ea8e7c000000500038cef82801d0205bf05feb1aC:\Users\Pepsimaxzu\Steam\steamapps\common\DayZ\DayZ.exeC:\Windows\SysWOW64\ntdll.dllfb66170d-8c60-11e4-b0a5-74d43583b043

Error: (12/25/2014 05:00:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DayZ.exe0.52.126.105493f5d5ntdll.dll6.1.7601.18247521ea8e7c000000500038cefe9c01d0203a653fededC:\Users\Pepsimaxzu\Steam\steamapps\common\DayZ\DayZ.exeC:\Windows\SysWOW64\ntdll.dll2341e9b0-8c4f-11e4-b0a5-74d43583b043

Error: (12/25/2014 01:00:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DayZ.exe0.52.126.105493f5d5ntdll.dll6.1.7601.18247521ea8e7c000000500038ceff2401d0203257c8aaa2C:\Users\Pepsimaxzu\Steam\steamapps\common\DayZ\DayZ.exeC:\Windows\SysWOW64\ntdll.dll9c3e61fc-8c2d-11e4-b0a5-74d43583b043


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 26%
Total physical RAM: 8079.14 MB
Available physical RAM: 5958.79 MB
Total Pagefile: 16156.47 MB
Available Pagefile: 13919.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:72.57 GB) NTFS
Drive h: (vivik) (Removable) (Total:14.47 GB) (Free:4.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B94CD7AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

[motji]

Zapojte do pc všechny usb klíče, flashky...co používáte

Zazálohujte si důležitá data, pro jistotu

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[impedance]

log z combofixu:

ComboFix 15-01-02.01 - Pepsimaxzu 02.01.2015 10:08:53.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8079.6220 [GMT 1:00]
Spuštěný z: c:\users\Pepsimaxzu\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-02 do 2015-01-02 )))))))))))))))))))))))))))))))
.
.
2015-01-02 09:13 . 2015-01-02 09:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-31 16:16 . 2014-12-31 16:26 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-31 16:16 . 2014-12-31 16:16 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-31 16:16 . 2014-12-31 16:16 -------- d-----w- c:\programdata\Malwarebytes
2014-12-31 16:16 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-31 16:16 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-31 16:16 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-30 17:06 . 2014-12-30 17:08 -------- d-----w- C:\AdwCleaner
2014-12-30 08:36 . 2015-01-01 10:34 -------- d-----w- C:\FRST
2014-12-27 21:14 . 2014-12-27 21:14 -------- d-----w- c:\programdata\NovaTech Network
2014-12-23 18:01 . 2014-12-23 20:14 -------- d-----w- c:\users\Pepsimaxzu\AppData\Local\DayZ
2014-12-23 18:01 . 2014-12-23 18:01 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2014-12-18 15:38 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 15:38 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-13 08:15 . 2014-12-13 08:15 -------- d-sh--w- c:\users\Pepsimaxzu\AppData\Local\EmieBrowserModeList
2014-12-09 18:03 . 2014-12-09 18:03 3540144 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-12-08 14:48 . 2014-12-16 14:50 -------- d-----w- c:\programdata\Avg_Update_1214tb
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-30 11:06 . 2014-06-18 14:43 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-30 11:06 . 2014-06-18 09:46 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-12-12 23:41 . 2014-06-15 10:07 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-09 18:03 . 2014-06-12 15:17 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-09 18:03 . 2014-06-12 15:17 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-13 00:20 . 2014-11-26 16:43 871648 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-11-13 00:20 . 2014-11-26 16:43 352016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-11-13 00:20 . 2014-11-26 16:43 31893136 ----a-w- c:\windows\system32\nvoglv64.dll
2014-11-13 00:20 . 2014-11-26 16:43 303600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-11-13 00:20 . 2014-11-26 16:43 24557712 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-11-13 00:20 . 2014-11-26 16:43 18514616 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-11-13 00:20 . 2014-11-26 16:43 14032984 ----a-w- c:\windows\system32\nvopencl.dll
2014-11-13 00:20 . 2014-11-26 16:43 11397744 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-11-13 00:20 . 2014-11-26 16:43 964928 ----a-w- c:\windows\system32\NvIFR64.dll
2014-11-13 00:20 . 2014-11-26 16:43 935240 ----a-w- c:\windows\system32\NvFBC64.dll
2014-11-13 00:20 . 2014-11-26 16:43 923792 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-11-13 00:20 . 2014-11-26 16:43 900928 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-11-13 00:20 . 2014-11-26 16:43 500880 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-11-13 00:20 . 2014-11-26 16:43 4292416 ----a-w- c:\windows\system32\nvcuvid.dll
2014-11-13 00:20 . 2014-11-26 16:43 418112 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-11-13 00:20 . 2014-11-26 16:43 4011208 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-11-13 00:20 . 2014-11-26 16:43 393024 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-11-13 00:20 . 2014-11-26 16:43 348304 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-11-13 00:20 . 2014-11-26 16:43 20922512 ----a-w- c:\windows\system32\nvcompiler.dll
2014-11-13 00:20 . 2014-11-26 16:43 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-11-26 16:43 174856 ----a-w- c:\windows\system32\nvinitx.dll
2014-11-13 00:20 . 2014-11-26 16:43 17259664 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-11-13 00:20 . 2014-11-26 16:43 156840 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-11-13 00:20 . 2014-11-26 16:43 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-13 00:20 . 2014-11-26 16:43 13944952 ----a-w- c:\windows\system32\nvcuda.dll
2014-11-13 00:20 . 2014-11-26 16:43 13213512 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-11-13 00:20 . 2014-11-26 16:43 11336432 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-11-13 00:20 . 2014-05-26 14:56 989056 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-11-13 00:20 . 2014-05-26 14:56 3262784 ----a-w- c:\windows\system32\nvapi64.dll
2014-11-13 00:20 . 2014-05-26 14:56 2874456 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-11-13 00:20 . 2014-05-26 14:56 20986592 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-11-13 00:20 . 2014-05-26 14:56 19966344 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-11-13 00:20 . 2014-05-26 14:56 16884632 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-11-11 03:08 . 2014-11-19 14:54 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 14:54 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 14:54 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 14:54 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-07 15:07 . 2014-11-07 15:07 50976 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-11-06 17:06 . 2014-06-12 18:29 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-11-06 17:06 . 2014-05-26 14:58 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-11-06 17:06 . 2014-06-12 18:29 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-11-06 17:06 . 2014-05-26 14:58 2800296 ----a-w- c:\windows\system32\nvspcap64.dll
2014-11-04 00:04 . 2014-11-16 09:59 1876296 ----a-w- c:\windows\system32\nvdispco6434465.dll
2014-11-04 00:04 . 2014-11-16 09:59 1539272 ----a-w- c:\windows\system32\nvdispgenco6434465.dll
2014-10-29 20:03 . 2014-10-29 20:03 123672 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2014-10-25 01:57 . 2014-11-12 19:26 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 19:26 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-24 09:20 . 2014-10-24 09:20 237848 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2014-10-20 14:15 . 2014-10-20 14:15 269080 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2014-10-20 13:51 . 2014-06-18 09:46 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-10-18 02:05 . 2014-11-12 19:26 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 19:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 19:28 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 19:28 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:12 . 2014-11-12 19:28 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 19:28 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 19:28 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 19:28 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:49 . 2014-11-12 19:28 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 19:28 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 19:28 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 19:26 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-08 15:30 . 2014-10-08 15:30 39168 ----a-w- c:\windows\system32\drivers\SAlpham64.sys
2014-10-08 15:30 . 2014-10-08 15:30 146944 ----a-w- c:\windows\system32\drivers\SteelBus64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"NvLedServiceHost"="c:\program files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe" [2014-11-06 86160]
"OscarEditor"="c:\program files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe" [2010-12-18 3543040]
"OscarKeyboard"="c:\program files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe" [2010-12-18 3543040]
"SteelSeries Engine"="c:\program files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" [2014-10-09 87040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-03-06 292848]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-11-07 5188112]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\programy\Live Update\NTIOLib_X64.sys;c:\programy\Live Update\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\programy\MSI Afterburner\RTCore64.sys;c:\programy\MSI Afterburner\RTCore64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
S3 busenum;SteelBusSvc;c:\windows\system32\DRIVERS\SteelBus64.sys;c:\windows\SYSNATIVE\DRIVERS\SteelBus64.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys;c:\windows\SYSNATIVE\DRIVERS\SAlpham64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12 18:03]
.
2015-01-02 c:\windows\Tasks\AVG-Secure-Search-Update_1214tb_rel.job
- c:\program files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe [2014-12-08 14:48]
.
2015-01-02 c:\windows\Tasks\AVG-Secure-Search-Update_1214tb_rmv.job
- c:\program files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe [2014-12-08 14:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-11-06 2464072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-11-06 2800296]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-03-14 13671792]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.5.1 192.168.3.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - c:\program files (x86)\PANDORA.TV\PanService\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-01-02 10:14:31
ComboFix-quarantined-files.txt 2015-01-02 09:14
.
Před spuštěním: Volných bajtů: 79 391 944 704
Po spuštění: Volných bajtů: 79 798 005 760
.
- - End Of File - - B93E8D1A01F3F3D57D1984A7F1069A28
A36C5E4F47E84449FF07ED3517B43A31

[motji]

to vypadá dobře, ještě provedte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[impedance]

tak, tady to je.

Zoek.exe v5.0.0.0 Updated 31-12-2014
Tool run by Pepsimaxzu on ne 04.01.2015 at 20:19:58,71.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pepsimaxzu\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4.1.2015 20:20:47 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Samsung deleted successfully
C:\PROGRA~3\Oracle deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Pepsimaxzu\AppData\Local\AVG Web TuneUp deleted
C:\Users\Pepsimaxzu\AppData\Roaming\LTspiceIV.ini deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\Avg_Update_0814av deleted
C:\PROGRA~3\Avg_Update_1214tb deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Pepsimaxzu\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\tasks\AVG-Secure-Search-Update_1214tb_rel.job deleted
C:\Windows\tasks\AVG-Secure-Search-Update_1214tb_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_1214tb_rel deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_1214tb_rmv deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\PROGRA~2\AVG Web TuneUp\AVG-Secure-Search-Update_1214tb.exe" deleted
"C:\PROGRA~2\AVG Web TuneUp" not deleted

==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pepsimaxzu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pepsimaxzu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=222 folders=57 153216466 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Pepsimaxzu\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PEPSIM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\AVG Web TuneUp" not found

==== EOF on ne 04.01.2015 at 20:28:39,71 ======================

[motji]

Jak se chová pc?

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

[impedance]

hotovo

[motji]

A co na to pc?

[impedance]

zdá se, že pc už nic neodesílá.
t-cleaner chtěl potrvdit smazání zálohu registrů a bylo tam ještě neco o combofix, tak jsem to potvrdil. Vyčištění proběhlo a program jsem smazal.

Dá se tedy říci, že už je to vše?