Novoroční log

[toox]

Poprosím o kontrolu logu díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2015-01-04 13:49:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 594 GB (62%) free of 954 GB
Total RAM: 4087 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:08, on 4.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7421 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-10087302962014956977-11429161471529811202-1569626142336714663-1310276681-590096586
C:\Windows\system32\svchost.exe -k imgsvc
"c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ca281661-b3ba-4361-a706-5ebce6ef5e63 -SystemEventPortName:HostProcess-ef23097f-7c1f-4d47-8b0f-247d0b3b0cf2 -IoCancelEventPortName:HostProcess-d8a14b54-0102-4e72-bc26-56ab48021078 -NonStateChangingEventPortName:HostProcess-9555649d-30a4-4b00-9280-86666493ac64 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:41260214-ed5c-4e6d-b9ff-250a1e92e8f6 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 1728
"C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
C:\Windows\system32\vssvc.exe
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4312.1ce47c00.1832665866 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4312 "\\.\pipe\gecko-crash-server-pipe.4312" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe" --proxy-stub-channel=Flash3600.5E1A5348.11285 --host-broker-channel=Flash3600.5E1A5348.14652 --host-pid=3600 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe" --channel=1976.0062F7F0.611936025 --proxy-stub-channel=Flash3600.5E1A5348.11285 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll" --host-npapi-version=27 --type=renderer
taskeng.exe {518BDD46-FFE7-4F8B-8FA6-3ED109229125}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Honza\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\vbd0ljfs.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-22 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-22 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-14 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-14 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-02-05 1179576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"BitTorrent"=C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-11-25 1388888]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-12-06 20203904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-21 5226600]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-01-02 14:33:27 ----A---- C:\Windows\GTA-SA_Trn_Settings.ini
2014-12-28 13:01:13 ----D---- C:\Program Files (x86)\Rockstar Games
2014-12-27 20:08:32 ----D---- C:\Program Files (x86)\Microsoft Games
2014-12-22 11:46:41 ----D---- C:\Windows\SYSWOW64\vbox
2014-12-22 11:46:41 ----D---- C:\Windows\system32\vbox
2014-12-21 17:09:29 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-21 17:09:27 ----A---- C:\Windows\avastSS.scr
2014-12-05 14:51:49 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-01-04 13:49:08 ----D---- C:\Windows\Prefetch
2015-01-04 13:49:07 ----D---- C:\Program Files\trend micro
2015-01-04 13:48:19 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2015-01-04 10:59:52 ----D---- C:\Windows\System32
2015-01-04 10:59:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-03 19:35:53 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2015-01-03 18:42:52 ----D---- C:\Windows\Temp
2015-01-02 21:45:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-02 14:33:27 ----D---- C:\Windows
2014-12-29 09:27:16 ----D---- C:\Windows\system32\config
2014-12-28 13:15:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-28 13:15:17 ----D---- C:\Windows\system32\catroot2
2014-12-28 13:15:11 ----SHD---- C:\System Volume Information
2014-12-28 13:01:13 ----RD---- C:\Program Files (x86)
2014-12-27 20:19:07 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2014-12-27 20:10:20 ----SHD---- C:\Windows\Installer
2014-12-27 20:10:19 ----D---- C:\Config.Msi
2014-12-27 20:10:17 ----D---- C:\Windows\winsxs
2014-12-27 20:08:34 ----D---- C:\Windows\SysWOW64
2014-12-27 19:48:30 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2014-12-27 19:15:16 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-12-27 15:24:38 ----D---- C:\Program Files
2014-12-22 18:19:06 ----D---- C:\ProgramData\Skype
2014-12-22 18:19:02 ----RD---- C:\Program Files (x86)\Skype
2014-12-22 11:42:19 ----D---- C:\Windows\system32\drivers
2014-12-22 11:42:19 ----D---- C:\Windows\Setup
2014-12-22 02:50:26 ----D---- C:\Users\Honza\AppData\Roaming\IrfanView
2014-12-21 17:09:38 ----D---- C:\Windows\system32\Tasks
2014-12-18 15:27:02 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-14 16:42:44 ----D---- C:\ProgramData\Oracle
2014-12-14 16:37:14 ----D---- C:\Program Files (x86)\Common Files
2014-12-14 16:36:46 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-12-14 16:36:30 ----D---- C:\Program Files (x86)\Java
2014-12-09 07:46:20 ----RSD---- C:\Windows\assembly
2014-12-09 07:45:19 ----D---- C:\Program Files\Sony
2014-12-09 07:45:04 ----D---- C:\Users\Honza\AppData\Roaming\Sony
2014-12-09 07:41:59 ----D---- C:\Windows\system32\NDF
2014-12-06 15:50:32 ----D---- C:\Users\Honza\AppData\Roaming\TeamViewer
2014-12-06 14:51:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-21 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-21 267632]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-21 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-21 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-21 436624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-21 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-21 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-21 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-12-21 271752]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 qcusbnet;Qualcomm USB-NDIS miniport; C:\Windows\system32\DRIVERS\innosusbnet.sys [2012-10-26 510976]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\innosusbser.sys [2012-10-26 369792]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-21 50344]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-04-10 76888]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-12-21 4012248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-02 267440]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-05 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Márty84]

Zdravim

Jde o prevenci, nebo je nejaky konkretni problem?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[toox]

preventivka

# AdwCleaner v4.106 - Report created 04/01/2015 at 21:19:48
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Downloads\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\8374544e840944ad
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Folder Deleted : C:\Users\Honza\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16483


-\\ Mozilla Firefox v34.0 (x86 cs)


-\\ Comodo Dragon v


*************************

AdwCleaner[R4].txt - [1083 octets] - [21/09/2014 16:39:46]
AdwCleaner[R5].txt - [1320 octets] - [04/01/2015 21:17:47]
AdwCleaner[S3].txt - [1149 octets] - [21/09/2014 16:41:32]
AdwCleaner[S4].txt - [1249 octets] - [04/01/2015 21:19:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1309 octets] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[toox]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5.1.2015
Scan Time: 10:30:03
Logfile: a.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.04.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Honza

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 395412
Time Elapsed: 14 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

To sice nebylo podle navodu, ale budiz

Dejte logy podle tohoto navodu a budem mazat http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[toox]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Honza (administrator) on HONZA-PC on 05-01-2015 10:54:27
Running from C:\Users\Honza\Desktop
Loaded Profile: Honza (Available profiles: Honza)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent Inc.) C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-21] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Run: [BitTorrent] => C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-25] (BitTorrent Inc.)
HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 62.129.50.20

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\vbd0ljfs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1379411598-525497723-484556184-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Honza\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1379411598-525497723-484556184-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Honza\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-1379411598-525497723-484556184-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll No File
FF Extension: MEGA - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\vbd0ljfs.default\Extensions\firefox@mega.co.nz.xpi [2014-11-12]
FF Extension: YouTube™ HD Plus - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\vbd0ljfs.default\Extensions\jid1-wkCmfgboni3B1Q@jetpack.xpi [2014-11-12]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\vbd0ljfs.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-12-14]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\vbd0ljfs.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-11-12]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\vbd0ljfs.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-11-12]
FF Extension: Adblock Plus - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\vbd0ljfs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-12]
FF HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector

Chrome:
=======
CHR HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-21] (Avast Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-10] ()
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2014-10-25] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-21] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-27] (DT Soft Ltd)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 qcusbnet; C:\Windows\System32\DRIVERS\innosusbnet.sys [510976 2012-10-26] (QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\System32\DRIVERS\innosusbser.sys [369792 2012-10-26] (QUALCOMM Incorporated)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-21] (Avast Software)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 10:54 - 2015-01-05 10:54 - 00013695 _____ () C:\Users\Honza\Desktop\FRST.txt
2015-01-05 10:54 - 2015-01-05 10:54 - 00000000 ____D () C:\FRST
2015-01-05 10:52 - 2015-01-05 10:52 - 02123776 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2015-01-05 08:51 - 2015-01-05 08:51 - 00000197 _____ () C:\Windows\system32\2015-01-05-07-51-19.052-AvastVBoxSVC.exe-3356.log
2015-01-04 21:24 - 2015-01-04 21:24 - 00000197 _____ () C:\Windows\system32\2015-01-04-20-24-09.090-AvastVBoxSVC.exe-3848.log
2015-01-04 21:17 - 2015-01-04 21:17 - 02173952 _____ () C:\Users\Honza\Downloads\adwcleaner_4.106.exe
2015-01-04 18:48 - 2015-01-05 09:30 - 00000000 ____D () C:\Users\Honza\Downloads\Honza
2015-01-04 18:13 - 2015-01-04 21:55 - 00000000 ____D () C:\Users\Honza\Downloads\Gangbang.Auditions.29.XXX.DVDRip.x264-Pr0nStarS
2015-01-04 13:48 - 2015-01-04 13:49 - 01222144 _____ () C:\Users\Honza\Downloads\RSITx64.exe
2015-01-04 10:56 - 2015-01-04 10:56 - 00000197 _____ () C:\Windows\system32\2015-01-04-09-56-32.056-AvastVBoxSVC.exe-3036.log
2015-01-04 02:11 - 2015-01-04 02:11 - 00000197 _____ () C:\Windows\system32\2015-01-04-01-11-11.048-AvastVBoxSVC.exe-3864.log
2015-01-03 12:30 - 2015-01-03 12:30 - 00000197 _____ () C:\Windows\system32\2015-01-03-11-30-52.031-AvastVBoxSVC.exe-2832.log
2015-01-02 17:12 - 2005-11-17 19:44 - 00635880 _____ () C:\Users\Honza\Desktop\GTASAcompleteCheats.txt
2015-01-02 14:33 - 2015-01-02 14:35 - 00000901 _____ () C:\Windows\GTA-SA_Trn_Settings.ini
2015-01-02 12:03 - 2015-01-02 12:03 - 00000197 _____ () C:\Windows\system32\2015-01-02-11-03-01.083-AvastVBoxSVC.exe-3448.log
2015-01-01 13:13 - 2015-01-01 13:13 - 00000877 _____ () C:\Users\Honza\Desktop\Grand theft auto SA.lnk
2015-01-01 12:03 - 2015-01-01 12:03 - 00000197 _____ () C:\Windows\system32\2015-01-01-11-03-04.088-AvastVBoxSVC.exe-3372.log
2014-12-31 10:58 - 2014-12-31 10:59 - 00000197 _____ () C:\Windows\system32\2014-12-31-09-58-47.092-AvastVBoxSVC.exe-2376.log
2014-12-30 09:35 - 2014-12-30 09:35 - 00000197 _____ () C:\Windows\system32\2014-12-30-08-35-12.036-AvastVBoxSVC.exe-3124.log
2014-12-29 10:43 - 2014-12-29 10:43 - 00000197 _____ () C:\Windows\system32\2014-12-29-09-43-16.081-AvastVBoxSVC.exe-3100.log
2014-12-29 08:01 - 2014-12-29 08:01 - 00000197 _____ () C:\Windows\system32\2014-12-29-07-01-36.017-AvastVBoxSVC.exe-3264.log
2014-12-28 13:08 - 2015-01-01 13:11 - 00000000 ____D () C:\Users\Honza\Downloads\GTA San Andreas
2014-12-28 13:04 - 2015-01-02 01:09 - 00000000 ____D () C:\Users\Honza\Documents\GTA San Andreas User Files
2014-12-28 13:01 - 2014-12-28 13:01 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-12-28 09:04 - 2014-12-28 09:04 - 00000197 _____ () C:\Windows\system32\2014-12-28-08-04-33.069-AvastVBoxSVC.exe-3036.log
2014-12-27 20:16 - 2014-12-27 20:17 - 00000197 _____ () C:\Windows\system32\2014-12-27-19-16-57.043-AvastVBoxSVC.exe-3836.log
2014-12-27 20:10 - 2014-12-28 13:12 - 00018773 _____ () C:\Windows\DirectX.log
2014-12-27 20:10 - 2014-12-27 20:10 - 00002153 _____ () C:\Users\Public\Desktop\Rise Of Legends.lnk
2014-12-27 20:10 - 2014-12-27 20:10 - 00000611 _____ () C:\Windows\KB842773.log
2014-12-27 20:10 - 2014-12-27 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-12-27 20:08 - 2014-12-27 20:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-12-27 20:03 - 2014-12-27 20:06 - 00000000 ____D () C:\Users\Honza\Downloads\ROL
2014-12-27 20:00 - 2011-09-04 18:39 - 2969731072 _____ () C:\Users\Honza\Downloads\RISE OF NATIONS - RISE OF LEGENDS.mdf
2014-12-27 15:25 - 2014-12-27 15:25 - 00000197 _____ () C:\Windows\system32\2014-12-27-14-25-51.013-AvastVBoxSVC.exe-3948.log
2014-12-27 10:21 - 2014-12-27 10:22 - 00000197 _____ () C:\Windows\system32\2014-12-27-09-21-51.021-AvastVBoxSVC.exe-3692.log
2014-12-26 17:46 - 2014-12-26 17:46 - 00000033 _____ () C:\Users\Honza\Downloads\radio rnb hip hop.m3u
2014-12-26 13:08 - 2014-12-26 13:08 - 00000000 ____D () C:\Users\Honza\Downloads\ornamental
2014-12-26 12:12 - 2014-12-26 12:12 - 00000197 _____ () C:\Windows\system32\2014-12-26-11-12-19.076-AvastVBoxSVC.exe-2124.log
2014-12-25 11:51 - 2014-12-25 11:52 - 00000197 _____ () C:\Windows\system32\2014-12-25-10-51-16.081-AvastVBoxSVC.exe-3324.log
2014-12-23 11:27 - 2014-12-23 11:28 - 00000197 _____ () C:\Windows\system32\2014-12-23-10-27-58.058-AvastVBoxSVC.exe-3580.log
2014-12-22 17:29 - 2014-12-22 17:29 - 00000197 _____ () C:\Windows\system32\2014-12-22-16-29-17.083-AvastVBoxSVC.exe-2424.log
2014-12-22 11:57 - 2014-12-22 11:57 - 00000247 _____ () C:\Windows\system32\2014-12-22-10-57-41.070-aswFe.exe-4596.log
2014-12-22 11:53 - 2014-12-22 11:57 - 00000247 _____ () C:\Windows\system32\2014-12-22-10-53-58.045-aswFe.exe-4984.log
2014-12-22 11:53 - 2014-12-22 11:53 - 00000197 _____ () C:\Windows\system32\2014-12-22-10-53-53.024-AvastVBoxSVC.exe-3580.log
2014-12-22 11:46 - 2014-12-22 11:46 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-22 11:46 - 2014-12-22 11:46 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-22 11:42 - 2015-01-05 08:48 - 00023144 _____ () C:\Windows\PFRO.log
2014-12-21 17:27 - 2014-12-20 16:56 - 00000000 ____D () C:\Users\Honza\Downloads\Instrumentals - Got Instrumentals 60 (DatPiff.com)
2014-12-21 17:09 - 2014-12-21 17:09 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-21 17:09 - 2014-12-21 17:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-21 17:09 - 2014-12-21 17:09 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-21 00:03 - 2014-12-21 00:04 - 00000000 ____D () C:\Users\Honza\Downloads\Kevin Gates - Luca Brasi 2 (DatPiff.com)
2014-12-21 00:03 - 2014-12-21 00:04 - 00000000 ____D () C:\Users\Honza\Downloads\French Montana - Mac Cheese 2
2014-12-18 00:39 - 2014-12-20 20:59 - 00000000 ____D () C:\Users\Honza\Downloads\Fury.2014.DVDScr.XviD.AC3
2014-12-10 18:56 - 2015-01-04 19:54 - 00000000 ____D () C:\Users\Honza\Documents\HyperCam3
2014-12-09 07:46 - 2014-12-09 07:46 - 00000998 _____ () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2014-12-09 07:45 - 2014-12-09 07:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-08 15:54 - 2014-12-08 15:54 - 00000000 ____D () C:\Users\Honza\Documents\Need for Speed World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 10:51 - 2013-07-22 19:17 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\BitTorrent
2015-01-05 10:47 - 2014-12-01 14:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-05 10:29 - 2014-08-02 11:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 10:24 - 2014-02-24 16:44 - 00000000 ____D () C:\ProgramData\Codemasters
2015-01-05 09:22 - 2009-07-14 16:18 - 10281746 _____ () C:\Windows\system32\perfh005.dat
2015-01-05 09:22 - 2009-07-14 16:18 - 03420510 _____ () C:\Windows\system32\perfc005.dat
2015-01-05 09:22 - 2009-07-14 06:13 - 00006440 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-05 09:21 - 2014-11-22 16:08 - 00021820 _____ () C:\Windows\setupact.log
2015-01-05 08:55 - 2009-07-14 05:45 - 00020448 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 08:55 - 2009-07-14 05:45 - 00020448 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 08:51 - 2013-08-02 18:42 - 01871544 _____ () C:\Windows\WindowsUpdate.log
2015-01-05 08:49 - 2013-11-19 16:07 - 00000000 ___RD () C:\Users\Honza\Documents\Disk Google
2015-01-05 08:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-04 22:37 - 2012-12-27 19:57 - 00000000 ___RD () C:\Users\Honza\Downloads\Ostatní
2015-01-04 21:19 - 2014-09-21 16:39 - 00000000 ____D () C:\AdwCleaner
2015-01-04 16:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization
2015-01-04 15:18 - 2013-01-05 19:40 - 00029696 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-04 13:49 - 2014-09-21 15:52 - 00000000 ____D () C:\Program Files\trend micro
2015-01-04 10:55 - 2012-12-27 19:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-03 19:35 - 2012-12-27 21:00 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Skype
2015-01-03 19:05 - 2014-05-02 23:25 - 00000000 ____D () C:\Users\Honza\AppData\Local\CrashDumps
2015-01-03 15:56 - 2013-03-29 16:17 - 00000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-02 21:45 - 2014-12-01 14:50 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-02 21:45 - 2014-11-12 17:50 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-02 21:45 - 2014-11-12 17:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-02 21:45 - 2014-07-22 22:22 - 00000000 ____D () C:\Users\Honza\AppData\Local\Adobe
2014-12-30 15:02 - 2012-12-27 19:24 - 00000000 ___RD () C:\Users\Honza\Documents\Ostatní dokumenty
2014-12-30 14:51 - 2014-10-05 09:03 - 00000000 ___RD () C:\Users\Honza\Downloads\Trap,Dirty South
2014-12-29 08:55 - 2014-03-05 21:38 - 00000000 ____D () C:\Users\Honza\Documents\FIFA 14
2014-12-28 13:15 - 2012-12-27 19:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-28 13:04 - 2014-05-08 14:06 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-27 20:19 - 2013-07-22 18:42 - 00000000 ____D () C:\Users\Honza\Documents\My Games
2014-12-27 20:15 - 2014-06-30 20:37 - 00108464 _____ () C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-27 20:15 - 2014-06-29 16:58 - 04993712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-27 19:48 - 2012-12-27 21:05 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2014-12-27 19:15 - 2013-01-12 19:59 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-27 19:15 - 2012-12-27 23:23 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-27 19:14 - 2012-12-27 23:23 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-22 18:19 - 2014-02-27 14:07 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 18:19 - 2012-12-27 21:00 - 00000000 ____D () C:\ProgramData\Skype
2014-12-22 11:42 - 2009-07-14 05:45 - 00000000 ____D () C:\Windows\Setup
2014-12-22 02:50 - 2012-12-27 20:36 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\IrfanView
2014-12-21 17:09 - 2014-07-20 19:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-21 17:09 - 2014-03-29 20:08 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-21 17:09 - 2013-03-22 20:50 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-21 17:09 - 2013-03-22 20:50 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-21 17:09 - 2012-12-27 19:32 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-21 17:09 - 2012-12-27 19:32 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-21 17:09 - 2012-12-27 19:32 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-21 17:09 - 2012-12-27 19:32 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-18 15:27 - 2014-08-02 11:00 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-18 15:27 - 2014-08-02 11:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-14 16:42 - 2014-01-23 16:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-14 16:36 - 2014-11-12 17:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-14 16:36 - 2013-08-09 15:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-09 07:45 - 2013-06-14 14:14 - 00000000 ____D () C:\Program Files\Sony
2014-12-09 07:45 - 2013-06-14 14:13 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Sony
2014-12-09 07:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-06 16:21 - 2012-12-27 19:57 - 00000724 _____ () C:\Users\Honza\Desktop\Poznámky.txt
2014-12-06 15:50 - 2014-08-10 19:06 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\TeamViewer
2014-12-06 14:51 - 2014-11-12 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\Quarantine.exe
C:\Users\Honza\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-26 16:34

==================== End Of Log ============================

[Márty84]

Ani tohle nebylo uplne podle navodu, ale co mam s vama delat


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Run: [BitTorrent] => C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-25] (BitTorrent Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-02 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 116648]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\TEMP:list3
AlternateDataStreams: C:\TEMP:pid1
AlternateDataStreams: C:\TEMP:pid2
AlternateDataStreams: C:\TEMP:rnd.dat

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[toox]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-01-2015
Ran by Honza at 2015-01-06 23:08:26 Run:1
Running from C:\Users\Honza\Desktop
Loaded Profile: Honza (Available profiles: Honza)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Run: [BitTorrent] => C:\Users\Honza\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-25] (BitTorrent Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-02 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-23 116648]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\TEMP:list3
AlternateDataStreams: C:\TEMP:pid1
AlternateDataStreams: C:\TEMP:pid2
AlternateDataStreams: C:\TEMP:rnd.dat

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
GGSAFERDriver => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\TEMP => ":list3" ADS removed successfully.
C:\TEMP => ":pid1" ADS removed successfully.
C:\TEMP => ":pid2" ADS removed successfully.
C:\TEMP => ":rnd.dat" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 6 GB temporary data.


The system needed a reboot.

==== End of Fixlog 23:12:37 ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[toox]

vypadá vše dobře, co jsme čistili?

[Márty84]

Havet tam nebyla, jen obvykle brzdy a zbytecnosti

Mejte se a treba zase nekdy