pomoc prosiim

[abdul99]

Dobryvecer, avast mi neustale hlasi zablokovanou hrozbu : Infekce URL:Mal


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Adrian (administrator) on OCHMANEK on 20-03-2015 21:11:54
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\6adcf4ac-be66-49d9-abfe-5b96e7204f69.exe [183232 2015-03-20] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-11-28] (Spotify Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-02-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {11f23432-9a92-11e4-8272-645a04383e85} - "E:\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {eb54649e-839d-11e4-8265-645a04383e85} - "E:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Startup: C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\90B0.lnk
ShortcutTarget: 90B0.lnk -> C:\ProgramData\{cc66dbcd-e7c8-a62a-cc66-6dbcde7c6f37}\90B0.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/symbaloo_c
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3809139199-386801105-3546470006-1002 -> DefaultScope {B50C194C-71C9-4891-857A-264839905C6A} URL =
SearchScopes: HKU\S-1-5-21-3809139199-386801105-3546470006-1002 -> {B50C194C-71C9-4891-857A-264839905C6A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-02] (AVAST Software)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO: SalePlus -> {f35d2ba6-4ebc-44ee-9e2d-17c6ddaa09b0} -> C:\Program Files (x86)\SalePlus\yASwRUQZki1lPi.x64.dll [2015-03-20] ()
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-02] (AVAST Software)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
BHO-x32: SalePlus -> {f35d2ba6-4ebc-44ee-9e2d-17c6ddaa09b0} -> C:\Program Files (x86)\SalePlus\yASwRUQZki1lPi.dll [2015-03-20] ()
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default
FF Homepage: seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Extension: SalePluuss - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\Extensions\eJs7P@h4je.com [2015-03-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-02]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-02] (Avast Software)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-01-08] (PS Media s.r.o.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-02] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2015-01-12] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-01-12] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-22] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-01-12] (Duplex Secure Ltd.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-02] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-20 21:11 - 2015-03-20 21:12 - 00017693 _____ () C:\Users\Adrian\Desktop\FRST.txt
2015-03-20 21:08 - 2015-03-20 21:08 - 02095616 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2015-03-20 21:00 - 2015-03-20 21:00 - 00000000 ____D () C:\ProgramData\{ed246866-b7f3-4517-ed24-46866b7fa19a}
2015-03-20 20:55 - 2015-03-20 20:56 - 00000000 ____D () C:\Program Files (x86)\SalePlus
2015-03-20 20:55 - 2015-03-20 20:55 - 00000000 ____D () C:\ProgramData\kapgoicnfdbmpaicfbdgniobhdpeojhf
2015-03-20 20:55 - 2015-03-20 20:55 - 00000000 ____D () C:\ProgramData\11588533591701164984
2015-03-20 20:55 - 2015-03-20 20:55 - 00000000 ____D () C:\Program Files (x86)\SalePluuss
2015-03-20 20:54 - 2015-03-20 20:54 - 00000000 ____D () C:\ProgramData\{e3a38b83-02cf-8851-e3a3-38b8302c2e0c}
2015-03-20 20:54 - 2015-03-20 20:54 - 00000000 ____D () C:\ProgramData\{cc66dbcd-e7c8-a62a-cc66-6dbcde7c6f37}
2015-03-20 20:33 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-20 20:33 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00032456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-02-26 23:13 - 2015-02-26 23:13 - 00001225 _____ () C:\Users\Adrian\Desktop\Format Factory.lnk
2015-02-26 23:13 - 2015-02-26 23:13 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-02-26 23:08 - 2015-02-27 09:43 - 00000000 ____D () C:\Users\Adrian\Desktop\navýpal
2015-02-26 03:06 - 2015-03-20 21:11 - 00000000 ____D () C:\FRST
2015-02-26 01:45 - 2015-02-26 01:45 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\7170
2015-02-23 18:38 - 2015-02-23 18:38 - 00001465 _____ () C:\Users\Adrian\Desktop\Cars_Mater – zástupce.lnk
2015-02-23 18:11 - 2015-02-23 18:11 - 00000000 ____D () C:\Users\Adrian\Documents\THQ
2015-02-23 18:09 - 2015-03-20 21:04 - 00000000 ____D () C:\Users\Adrian\AppData\Local\CrashDumps
2015-02-23 18:07 - 2015-02-23 18:07 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2015-02-23 18:06 - 2015-02-23 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-02-23 17:57 - 2015-02-23 17:57 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-02-22 13:14 - 2015-02-22 13:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2015-02-22 13:10 - 2015-02-22 13:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-02-18 16:17 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-18 16:17 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-18 16:05 - 2015-02-18 16:05 - 00000197 _____ () C:\Windows\system32\2015-02-18-15-05-17.002-AvastVBoxSVC.exe-2900.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-20 21:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-20 21:08 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-20 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-20 20:59 - 2014-12-14 20:46 - 00000000 ____D () C:\Users\Adrian\Documents\Torrent
2015-03-20 20:59 - 2014-12-14 20:22 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\uTorrent
2015-03-20 20:59 - 2014-12-10 21:13 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\ClassicShell
2015-03-20 20:58 - 2015-02-03 21:18 - 01303073 ____N () C:\Windows\WindowsUpdate.log
2015-03-20 20:36 - 2014-03-22 18:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-20 20:34 - 2014-03-22 18:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-20 20:22 - 2014-12-10 17:54 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809139199-386801105-3546470006-1002
2015-03-20 20:20 - 2014-12-10 18:08 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FE3A5D4E-4A52-446E-8C5A-03B0B574B1D7}
2015-03-13 20:41 - 2015-01-04 20:32 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 20:41 - 2014-03-22 18:45 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 20:41 - 2014-03-22 18:45 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-13 20:41 - 2014-03-22 18:45 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-13 20:41 - 2014-03-22 18:45 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-13 20:41 - 2014-03-22 18:45 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 17:16 - 2014-03-22 18:46 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-11 14:10 - 2014-03-22 18:46 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-26 02:47 - 2015-01-12 20:41 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
2015-02-23 17:57 - 2013-11-28 18:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-22 15:47 - 2014-12-10 22:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-22 15:44 - 2014-12-10 22:26 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-18 18:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-18 16:04 - 2015-01-08 01:26 - 00000000 _____ () C:\Windows\SysWOW64\sinstall.log
2015-02-18 16:04 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-18 16:04 - 2013-08-22 15:44 - 00337800 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\3B20.exe
C:\Users\Adrian\AppData\Local\Temp\90B0.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-27 02:03

==================== End Of Log ============================

[Márty84]

Zdravim

Stahl jste si tam broucka

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[abdul99]

# AdwCleaner v4.112 - Logfile created 21/03/2015 at 20:37:16
# Updated 09/03/2015 by Xplode
# Database : 2015-03-21.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Adrian - OCHMANEK
# Running from : C:\Users\Adrian\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\Users\Adrian\AppData\Roaming\quickclick
Folder Deleted : C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Deleted : C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
File Deleted : C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
File Deleted : C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v35.0.1 (x86 cs)

[idumb2aa.default\prefs.js] - Line Deleted : user_pref("extensions.fFWaWpbUMaVL1d95.scode", "(function(){try{if(window.self.location.href.indexOf(\"rHn7qjU8qTw8qds7rjrErTC9rY\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\"[...]

-\\ Comodo Dragon v

[C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2015-01-28&apn_dtid=%5ECMD127%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko

*************************

AdwCleaner[R0].txt - [2129 bytes] - [21/03/2015 20:31:43]
AdwCleaner[S0].txt - [2085 bytes] - [21/03/2015 20:37:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2144 bytes] ##########


Avast mi neustále houká jako pominutej..

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[abdul99]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22. 3. 2015
Čas skenování: 10:20:33
Protokol: mbam.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.03.22.03
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Adrian

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 582586
Uplynulý čas: 2 hod, 31 min, 7 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 17
PUP.Optional.Multiplug, HKU\S-1-5-21-3809139199-386801105-3546470006-1002_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [137871d72a60251116c245df6e957a86],
PUP.Optional.Multiplug, HKU\S-1-5-21-3809139199-386801105-3546470006-1002_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [137871d72a60251116c245df6e957a86],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{22D8077A-5A6B-4053-8799-8A288D60F8B8}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3429C8E8-686E-40FB-AB2E-1EE3A12ED764}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{968EDBEB-64FB-4E5F-9AB0-47B477C3AA7B}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEAE9EB9-883A-447D-A4E4-E3A3B5BAEA51}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{22D8077A-5A6B-4053-8799-8A288D60F8B8}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3429C8E8-686E-40FB-AB2E-1EE3A12ED764}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{968EDBEB-64FB-4E5F-9AB0-47B477C3AA7B}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEAE9EB9-883A-447D-A4E4-E3A3B5BAEA51}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{22D8077A-5A6B-4053-8799-8A288D60F8B8}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3429C8E8-686E-40FB-AB2E-1EE3A12ED764}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{968EDBEB-64FB-4E5F-9AB0-47B477C3AA7B}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EEAE9EB9-883A-447D-A4E4-E3A3B5BAEA51}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA}, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA}, , [7a115cec3951cc6a366f8418f90a52ae],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.SalePlus.A, C:\Program Files (x86)\SalePlus, , [7a115cec3951cc6a366f8418f90a52ae],

Soubory: 6
PUP.Optional.Multiplug, C:\Program Files (x86)\SalePlus\yASwRUQZki1lPi.dll, , [05866eda3e4cf14589bdd860b250c43c],
PUP.Optional.Bundler, C:\Users\Adrian\AppData\Local\Temp\3B20.exe, , [b6d595b3a0ea62d44aa438ffe919669a],
PUP.Optional.Bundler, C:\Users\Adrian\AppData\Local\Temp\90B0.exe, , [cfbcfa4edab087af6a84a88fd72bd729],
PUP.Riskware.Patcher, C:\Users\Adrian\Documents\Torrent\DVDFab.9.1.7.1CZ\Patch.exe, , [0e7d3b0d8ffbec4acfd431fc3ec3946c],
PUP.Optional.SalePlus.A, C:\Program Files (x86)\SalePlus\yASwRUQZki1lPi.dat, , [7a115cec3951cc6a366f8418f90a52ae],
PUP.Optional.SalePlus.A, C:\Program Files (x86)\SalePlus\yASwRUQZki1lPi.tlb, , [7a115cec3951cc6a366f8418f90a52ae],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Vsechny nalezy hodte do karanteny. Po dalsim restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[abdul99]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22. 3. 2015
Čas skenování: 17:57:07
Protokol: mbam 2.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.03.22.03
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Adrian

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 592500
Uplynulý čas: 2 hod, 1 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

MBAM muzete odinstalovat.


Postupujte podle navodu kolegy

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[abdul99]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.5 (03.17.2015:1)
OS: Windows 8.1 x64
Ran by Adrian on po 23. 03. 2015 at 0:19:38,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f35d2ba6-4ebc-44ee-9e2d-17c6ddaa09b0}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{f35d2ba6-4ebc-44ee-9e2d-17c6ddaa09b0}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f35d2ba6-4ebc-44ee-9e2d-17c6ddaa09b0}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{f35d2ba6-4ebc-44ee-9e2d-17c6ddaa09b0}



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\ASKPIP_FF_.EXE-C6484ED0.pf



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\kapgoicnfdbmpaicfbdgniobhdpeojhf
Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\Users\Adrian\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Program Files (x86)\simplitec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 23. 03. 2015 at 0:24:50,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[abdul99]

Zoek.exe v5.0.0.0 Updated 22-March-2015
Tool run by Adrian on po 23. 03. 2015 at 0:29:20,68.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Adrian\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23. 3. 2015 0:31:03 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~3\WinZip deleted successfully
C:\PROGRA~3\{e3a38b83-02cf-8851-e3a3-38b8302c2e0c} deleted successfully
C:\Users\Adrian\AppData\Roaming\30795 deleted successfully
C:\Users\Adrian\AppData\Roaming\AdobeUM deleted successfully
C:\Users\Adrian\AppData\Local\Adobe deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");

Added to C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default

user.js not found
---- Lines extensions.fFWaWpbUMaVL1d95 removed from prefs.js ----
user_pref("extensions.fFWaWpbUMaVL1d95.epoch", "1");
user_pref("extensions.fFWaWpbUMaVL1d95.scode", "void(0);");
user_pref("extensions.fFWaWpbUMaVL1d95.url", "http://northlist.in/sync/?q=C6qUojn8qja ... lNhd9FqjaH
---- FireFox user.js and prefs.js backups ----

prefs_201523.03._0041_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~3\{e3a38b83-02cf-8851-e3a3-38b8302c2e0c} not found
C:\PROGRA~3\Špidla Data Processing, s.r.o not found
C:\PROGRA~2\SalePluuss deleted
C:\PROGRA~3\{cc66dbcd-e7c8-a62a-cc66-6dbcde7c6f37} deleted
C:\PROGRA~3\11588533591701164984 deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\simplicheck.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 deleted
"C:\Windows\Installer\218d2.msi" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27. 01. 2015 21:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[02. 01. 2015 22:34]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02. 01. 2015 22:34]

Comodo Drag&Drop Service - Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Comodo Media Downloader - Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo

==== Chromium Fix ======================

C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo deleted successfully
C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn deleted successfully
C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo deleted successfully
C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf deleted successfully
C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully
C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage deleted successfully
C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Local Extension Settings\dihmnpngfonlhjmgkflpnibiaaliendo deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{B50C194C-71C9-4891-857A-264839905C6A} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\SearchScopes\{B50C194C-71C9-4891-857A-264839905C6A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B50C194C-71C9-4891-857A-264839905C6A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B50C194C-71C9-4891-857A-264839905C6A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adrian\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Adrian\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Adrian\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Adrian\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Adrian\AppData\Local\Mozilla\Firefox\Profiles\idumb2aa.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Adrian\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=202 folders=119 23994105 bytes)

==== Empty Temp Folders ======================

C:\Users\Adrian\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Adrian\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 23. 03. 2015 at 0:49:38,45 ======================

[Márty84]

Stale Avast neco hlasi?


Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=30&t=130787

[abdul99]

AVAST už nehlásí nic.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Adrian (administrator) on OCHMANEK on 23-03-2015 20:05:05
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-20] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-11-28] (Spotify Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {11f23432-9a92-11e4-8272-645a04383e85} - "E:\autorun.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {eb54649e-839d-11e4-8265-645a04383e85} - "E:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/symbaloo_c
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3809139199-386801105-3546470006-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-02] (AVAST Software)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-02] (AVAST Software)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-02]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-02] (Avast Software)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-01-08] (PS Media s.r.o.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-02] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2015-01-12] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-01-12] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-22] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-01-12] (Duplex Secure Ltd.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-02] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 20:05 - 2015-03-23 20:06 - 00016936 _____ () C:\Users\Adrian\Desktop\FRST.txt
2015-03-23 00:51 - 2015-03-23 00:52 - 00000197 _____ () C:\Windows\system32\2015-03-22-23-51-36.032-AvastVBoxSVC.exe-2960.log
2015-03-23 00:43 - 2015-03-23 00:29 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-23 00:30 - 2015-03-23 00:49 - 00010937 _____ () C:\zoek-results.log
2015-03-23 00:29 - 2015-03-23 00:42 - 00000000 ____D () C:\zoek_backup
2015-03-23 00:28 - 2015-03-23 00:29 - 01305600 _____ () C:\Users\Adrian\Desktop\zoek.exe
2015-03-23 00:24 - 2015-03-23 00:24 - 00001580 _____ () C:\Users\Adrian\Desktop\JRT.txt
2015-03-23 00:19 - 2015-03-23 00:19 - 01388672 _____ (Thisisu) C:\Users\Adrian\Desktop\JRT.exe
2015-03-22 17:56 - 2015-03-22 17:57 - 00000197 _____ () C:\Windows\system32\2015-03-22-16-56-48.047-AvastVBoxSVC.exe-3100.log
2015-03-22 10:34 - 2015-03-22 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-22 10:17 - 2015-03-22 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-21 22:16 - 2015-03-21 22:16 - 00001781 _____ () C:\Users\Adrian\Desktop\MusicMaker – zástupce.lnk
2015-03-21 22:13 - 2015-03-21 22:16 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\MAGIX
2015-03-21 21:51 - 2015-03-21 21:52 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2015-03-21 21:51 - 2015-03-21 21:51 - 00000000 ____D () C:\Users\Adrian\Documents\MAGIX_MusicEditor
2015-03-21 21:51 - 2015-03-21 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-03-21 21:48 - 2015-03-21 22:13 - 00000000 ___RD () C:\Users\Adrian\Documents\MAGIX
2015-03-21 21:47 - 2015-03-21 22:16 - 00000000 ____D () C:\ProgramData\MAGIX
2015-03-21 21:47 - 2015-03-21 21:48 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2015-03-21 21:47 - 2015-03-21 21:47 - 00001138 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2015-03-21 21:47 - 2015-03-21 21:47 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-03-21 20:41 - 2015-03-21 20:41 - 00000197 _____ () C:\Windows\system32\2015-03-21-19-41-34.093-AvastVBoxSVC.exe-2564.log
2015-03-21 20:38 - 2015-03-23 00:48 - 00005516 _____ () C:\Windows\PFRO.log
2015-03-21 20:31 - 2015-03-21 20:37 - 00000000 ____D () C:\AdwCleaner
2015-03-21 20:30 - 2015-03-21 20:30 - 02171392 _____ () C:\Users\Adrian\Desktop\adwcleaner_4.112.exe
2015-03-20 22:34 - 2015-03-20 22:34 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-03-20 22:34 - 2015-03-20 22:34 - 00000000 ____D () C:\Windows\system32\NV
2015-03-20 22:16 - 2015-03-23 00:49 - 00001044 _____ () C:\Windows\setupact.log
2015-03-20 22:16 - 2015-03-20 22:16 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-20 21:08 - 2015-03-20 21:08 - 02095616 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2015-03-20 21:00 - 2015-03-20 21:00 - 00000000 ____D () C:\ProgramData\{ed246866-b7f3-4517-ed24-46866b7fa19a}
2015-03-20 20:33 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-20 20:33 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-20 20:33 - 2015-03-13 20:41 - 00032456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-02-26 23:13 - 2015-02-26 23:13 - 00001225 _____ () C:\Users\Adrian\Desktop\Format Factory.lnk
2015-02-26 23:13 - 2015-02-26 23:13 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-02-26 03:06 - 2015-03-23 20:05 - 00000000 ____D () C:\FRST
2015-02-25 21:25 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 21:25 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-25 21:25 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 21:25 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-25 21:25 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-25 21:25 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-23 18:38 - 2015-02-23 18:38 - 00001465 _____ () C:\Users\Adrian\Desktop\Cars_Mater – zástupce.lnk
2015-02-23 18:11 - 2015-02-23 18:11 - 00000000 ____D () C:\Users\Adrian\Documents\THQ
2015-02-23 18:09 - 2015-03-23 00:47 - 00000000 ____D () C:\Users\Adrian\AppData\Local\CrashDumps
2015-02-23 18:07 - 2015-02-23 18:07 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2015-02-23 18:06 - 2015-02-23 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-02-23 17:57 - 2015-02-23 17:57 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-02-22 13:14 - 2015-02-22 13:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2015-02-22 13:10 - 2015-02-22 13:10 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 20:02 - 2015-02-03 21:18 - 01876716 _____ () C:\Windows\WindowsUpdate.log
2015-03-23 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-23 00:53 - 2014-12-10 21:13 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\ClassicShell
2015-03-23 00:49 - 2015-01-08 01:26 - 00000000 _____ () C:\Windows\SysWOW64\sinstall.log
2015-03-23 00:49 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-23 00:48 - 2015-01-08 01:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-23 00:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-23 00:47 - 2014-12-10 17:54 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3809139199-386801105-3546470006-1002
2015-03-23 00:15 - 2014-12-14 20:22 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\uTorrent
2015-03-22 22:26 - 2014-12-10 18:08 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FE3A5D4E-4A52-446E-8C5A-03B0B574B1D7}
2015-03-22 17:53 - 2013-08-22 15:44 - 00414488 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-21 21:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-03-21 21:26 - 2014-12-14 20:46 - 00000000 ____D () C:\Users\Adrian\Documents\Torrent
2015-03-21 20:51 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-20 22:20 - 2015-01-03 00:31 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-03-20 21:50 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-20 20:36 - 2014-03-22 18:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-20 20:34 - 2014-03-22 18:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-13 20:41 - 2015-01-04 20:32 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 20:41 - 2014-03-22 18:45 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 20:41 - 2014-03-22 18:45 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-13 20:41 - 2014-03-22 18:45 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-13 20:41 - 2014-03-22 18:45 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-13 20:41 - 2014-03-22 18:45 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 17:16 - 2014-03-22 18:46 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-03-13 17:16 - 2014-03-22 18:46 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-11 14:10 - 2014-03-22 18:46 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-26 02:47 - 2015-01-12 20:41 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
2015-02-23 17:57 - 2013-11-28 18:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-22 15:47 - 2014-12-10 22:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-22 15:44 - 2014-12-10 22:26 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-22 00:27

==================== End Of Log ============================

[abdul99]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Adrian at 2015-03-23 20:06:16
Running from C:\Users\Adrian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 6.0 CE (HKLM-x32\...\{AC76BA86-7AD7-1029-7646-CE0000000001}) (Version: 6.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Auta - Burakuv narodni sampionat (HKLM-x32\...\{62D64F27-745D-49C0-A308-B08DFF16ECA0}) (Version: 1.00.0000 - THQ\Disney-Pixar)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 9.1.7.1 (17/10/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Emergency 3 (HKLM-x32\...\{732B12A7-719E-433D-B7B1-24F51DDD0834}_is1) (Version: 1.02 - US - ACTION, s.r.o.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Heroes of Might and Magic V (HKLM-x32\...\{9B22D57A-5338-49A5-AC08-70FE3E8B878B}) (Version: 1.6 - Ubisoft)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
K-Lite Codec Pack 10.8.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.5 - )
Kobra 11 Nitro (HKLM-x32\...\{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1) (Version: 3.0.0.CZ - US - ACTION, s.r.o.)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MAGIX Burn routines (HKLM\...\{712D74A5-4C3D-41E6-A850-1696E54B28CD}) (Version: 11.0.0.237 - MAGIX AG)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Demo songs) (HKLM-x32\...\MX.{B807FEBE-E253-4B7E-B23F-364873478065}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Demo songs) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Introductory videos) (HKLM-x32\...\MX.{4BA5297E-60A6-4F18-9AAC-25A878C4E38C}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Introductory videos) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (Synthesizer and effects) (HKLM-x32\...\MX.{F33DA3A6-4AA8-4DCD-9707-944599BF54E2}) (Version: 1.0.1.0 - MAGIX Software GmbH)
MAGIX Music Maker 2014 Premium (Synthesizer and effects) (Version: 1.0.1.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2014 Premium (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (Visuals) (HKLM-x32\...\MX.{A6A5590A-0FF9-4FD9-AD8D-17B5BCBE06F5}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Visuals) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2014 Premium Update (Version: 20.0.4.49 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX AG) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 cs) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 cs)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
simplitec simplicheck (HKLM-x32\...\{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}) (Version: 1.3.10.0 - simplitec GmbH)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Vita 2 (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita 2 add-on content (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Drum Engine (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Electric Piano (Version: 1.0.2.0 - MAGIX AG) Hidden
Vita Jazz Drums (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Pop Brass (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Power Guitar (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Vintage Organ (Version: 1.0.1.0 - MAGIX AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

23-02-2015 17:56:15 Instalováno Auta - Burakuv narodni sampionat
20-03-2015 21:49:26 Instalační služba modulů systému Windows
23-03-2015 00:30:25 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-03-23 00:31 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1B5CC94F-674C-4D38-8F3B-436FF008C758} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-11-08] (TOSHIBA Corporation)
Task: {4273B9F3-99D3-47EE-B53F-2708E70A5A5C} - System32\Tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} => pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
Task: {5C6BFD7C-9657-4DE3-9130-CC7AE578DBA5} - System32\Tasks\{5C80C53B-17E5-411D-A22C-873754AE0D62} => pcalua.exe -a "C:\Program Files\Kobra 11 Nitro\C11_PC.exe" -d "C:\Program Files\Kobra 11 Nitro"
Task: {690D769E-589B-4363-B32D-F75103B7BCC1} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {87F4FA53-65ED-4513-BD38-A00C6A26050D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-22] (Microsoft Corporation)
Task: {AF7971B4-8C0B-49B2-938B-B9B0D49738AC} - \avastBCLRestartS-1-5-21-3809139199-386801105-3546470006-1002 No Task File <==== ATTENTION
Task: {BD5C89BF-7CE7-49EF-9A96-460681A85CEF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-11-14] ()
Task: {C7827A64-57E8-4438-9B86-983F29B9E5FA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {D831488A-92B6-49E4-B3CD-14443B685B14} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {ED01CA92-3060-444D-9129-FBF6744FD0B4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {FA7DCFA8-CBBB-4CF0-AFF2-647598F2A353} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-02] (AVAST Software)

==================== Loaded Modules (whitelisted) ==============

2013-03-27 20:53 - 2013-03-27 20:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-09-10 20:54 - 2013-09-10 20:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-01-02 22:34 - 2015-01-02 22:34 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-02 22:34 - 2015-01-02 22:34 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-22 18:45 - 2015-03-13 20:41 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-03-22 18:46 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-28 19:00 - 2013-09-13 09:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-03-22 21:54 - 2015-03-22 21:54 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15032201\algo.dll
2015-01-02 22:34 - 2015-01-02 22:34 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-03-22 18:38 - 2013-09-04 00:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-22 18:45 - 2015-03-13 20:41 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-14 09:19 - 2014-09-09 13:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2015-03-20 20:20 - 2015-03-20 20:20 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img10.jpg
DNS Servers: 192.168.15.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"

==================== Accounts: =============================

Administrator (S-1-5-21-3809139199-386801105-3546470006-500 - Administrator - Disabled)
Adrian (S-1-5-21-3809139199-386801105-3546470006-1002 - Administrator - Enabled) => C:\Users\Adrian
Guest (S-1-5-21-3809139199-386801105-3546470006-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/23/2015 00:47:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TCrdMain_Win8.exe, verze: 2.0.17.64, časové razítko: 0x520f4add
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17630, časové razítko: 0x54b0e17a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000312ec
ID chybujícího procesu: 0x1188
Čas spuštění chybující aplikace: 0xTCrdMain_Win8.exe0
Cesta k chybující aplikaci: TCrdMain_Win8.exe1
Cesta k chybujícímu modulu: TCrdMain_Win8.exe2
ID zprávy: TCrdMain_Win8.exe3
Úplný název chybujícího balíčku: TCrdMain_Win8.exe4
ID aplikace související s chybujícím balíčkem: TCrdMain_Win8.exe5


System errors:
=============
Error: (03/23/2015 00:41:09 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/23/2015 00:41:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/23/2015 00:41:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/23/2015 00:41:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/23/2015 00:41:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Microsoft Office Sessions:
=========================
Error: (03/23/2015 00:47:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TCrdMain_Win8.exe2.0.17.64520f4addntdll.dll6.3.9600.1763054b0e17ac000000500000000000312ec118801d064c0fa9b7b22C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exeC:\Windows\SYSTEM32\ntdll.dlld77ce51d-d0ed-11e4-8278-645a04383e85


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 35%
Total physical RAM: 3971.27 MB
Available physical RAM: 2577.98 MB
Total Pagefile: 4675.27 MB
Available Pagefile: 3119.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (TI31254900A) (Fixed) (Total:687.03 GB) (Free:398 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

[Márty84]

Ja chtel log z RSITx64. Tohle je FRST.

[abdul99]

A chyba, omlouvám se...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adrian at 2015-03-24 19:38:51
Microsoft Windows 8.1
System drive C: has 407 GB (58%) free of 704 GB
Total RAM: 3971 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:38:57, on 24. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\Adrian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10182 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 78e4f9f7-2e15-457d-9041-8d2b02e91620 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe -Embedding
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
taskhostex.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\Explorer.EXE

"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
ClassicStartMenu.exe -startup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
taskeng.exe {92AC0C16-41D3-44C6-A038-B0C33B0CD002}
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
wmiadap.exe /F /T /R
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580

"C:\Users\Adrian\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-02 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-02 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-20 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-20 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-20 769520]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-01-16 2585928]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-01-16 1514528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [2013-11-28 1199576]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2014-09-12 437248]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2002-04-12 383768]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-20 5227648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-09-16 623104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-24 19:38:51 ----D---- C:\rsit
2015-03-24 19:37:40 ----D---- C:\Users\Adrian\AppData\Roaming\16454
2015-03-23 20:56:32 ----D---- C:\ProgramData\WinZip
2015-03-23 20:53:22 ----D---- C:\Spidla
2015-03-23 00:49:43 ----SHD---- C:\$RECYCLE.BIN
2015-03-23 00:43:26 ----A---- C:\Windows\zoek-delete.exe
2015-03-23 00:43:25 ----D---- C:\Windows\Temp
2015-03-23 00:29:15 ----D---- C:\zoek_backup
2015-03-22 10:34:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-22 10:17:58 ----D---- C:\ProgramData\Malwarebytes
2015-03-21 22:13:38 ----D---- C:\Users\Adrian\AppData\Roaming\MAGIX
2015-03-21 21:47:21 ----D---- C:\Program Files (x86)\MAGIX
2015-03-21 21:47:05 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-03-21 21:47:00 ----D---- C:\ProgramData\MAGIX
2015-03-21 20:31:38 ----D---- C:\AdwCleaner
2015-03-20 22:34:13 ----D---- C:\Windows\SYSWOW64\NV
2015-03-20 22:34:13 ----D---- C:\Windows\system32\NV
2015-03-20 21:11:48 ----A---- C:\Windows\SYSWOW64\calc.exe
2015-03-20 21:11:48 ----A---- C:\Windows\system32\calc.exe
2015-03-20 21:11:42 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-03-20 21:11:41 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-03-20 21:11:41 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-03-20 21:11:38 ----A---- C:\Windows\system32\winshfhc.dll
2015-03-20 21:11:37 ----A---- C:\Windows\SYSWOW64\winshfhc.dll
2015-03-20 21:10:46 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2015-03-20 21:10:46 ----A---- C:\Windows\system32\SHCore.dll
2015-03-20 21:10:35 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2015-03-20 21:10:35 ----A---- C:\Windows\system32\photowiz.dll
2015-03-20 21:10:34 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-20 21:10:34 ----A---- C:\Windows\system32\win32k.sys
2015-03-20 21:10:34 ----A---- C:\Windows\system32\schannel.dll
2015-03-20 21:10:34 ----A---- C:\Windows\system32\msftedit.dll
2015-03-20 21:10:33 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-03-20 21:10:33 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-20 21:10:33 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-20 21:10:33 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-20 21:10:33 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-20 21:10:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-20 21:10:33 ----A---- C:\Windows\system32\lpk.dll
2015-03-20 21:10:33 ----A---- C:\Windows\system32\fontsub.dll
2015-03-20 21:10:33 ----A---- C:\Windows\system32\dciman32.dll
2015-03-20 21:10:33 ----A---- C:\Windows\system32\atmlib.dll
2015-03-20 21:10:33 ----A---- C:\Windows\system32\atmfd.dll
2015-03-20 21:10:29 ----A---- C:\Windows\system32\win32spl.dll
2015-03-20 21:10:29 ----A---- C:\Windows\system32\puiobj.dll
2015-03-20 21:10:29 ----A---- C:\Windows\system32\localspl.dll
2015-03-20 21:10:27 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2015-03-20 21:10:27 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2015-03-20 21:10:27 ----A---- C:\Windows\system32\DafPrintProvider.dll
2015-03-20 21:10:26 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2015-03-20 21:10:26 ----A---- C:\Windows\SYSWOW64\prnntfy.dll
2015-03-20 21:10:26 ----A---- C:\Windows\SYSWOW64\printui.exe
2015-03-20 21:10:26 ----A---- C:\Windows\SYSWOW64\findnetprinters.dll
2015-03-20 21:10:26 ----A---- C:\Windows\SYSWOW64\compstui.dll
2015-03-20 21:10:26 ----A---- C:\Windows\system32\puiapi.dll
2015-03-20 21:10:26 ----A---- C:\Windows\system32\prnntfy.dll
2015-03-20 21:10:26 ----A---- C:\Windows\system32\printui.exe
2015-03-20 21:10:26 ----A---- C:\Windows\system32\findnetprinters.dll
2015-03-20 21:10:26 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-03-20 21:10:26 ----A---- C:\Windows\system32\compstui.dll
2015-03-20 21:10:25 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-03-20 21:10:25 ----A---- C:\Windows\system32\fsquirt.exe
2015-03-20 21:10:25 ----A---- C:\Windows\system32\dwmcore.dll
2015-03-20 21:10:25 ----A---- C:\Windows\system32\drivers\hidbth.sys
2015-03-20 21:10:25 ----A---- C:\Windows\system32\drivers\bthport.sys
2015-03-20 21:10:24 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2015-03-20 21:10:24 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2015-03-20 21:10:24 ----A---- C:\Windows\system32\drivers\bthenum.sys
2015-03-20 21:10:23 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2015-03-20 21:10:23 ----A---- C:\Windows\system32\atlthunk.dll
2015-03-20 21:10:22 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2015-03-20 21:10:22 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2015-03-20 21:10:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2015-03-20 21:10:22 ----A---- C:\Windows\SYSWOW64\atlthunk.dll
2015-03-20 21:10:22 ----A---- C:\Windows\system32\mfc42u.dll
2015-03-20 21:10:21 ----A---- C:\Windows\system32\mfc42.dll
2015-03-20 21:10:20 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-03-20 21:10:20 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-20 21:10:20 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-03-20 21:10:20 ----A---- C:\Windows\system32\WSShared.dll
2015-03-20 21:10:20 ----A---- C:\Windows\system32\WSReset.exe
2015-03-20 21:10:20 ----A---- C:\Windows\system32\WSCollect.exe
2015-03-20 21:10:20 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-20 21:10:20 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-20 21:10:17 ----A---- C:\Windows\SYSWOW64\StorageContextHandler.dll
2015-03-20 21:10:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-03-20 21:10:17 ----A---- C:\Windows\system32\StorageContextHandler.dll
2015-03-20 21:10:17 ----A---- C:\Windows\system32\authui.dll
2015-03-20 21:10:16 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-03-20 21:10:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-20 21:10:16 ----A---- C:\Windows\system32\ntdll.dll
2015-03-20 21:10:11 ----A---- C:\Windows\system32\ubpm.dll
2015-03-20 21:10:11 ----A---- C:\Windows\system32\rfxvmt.dll
2015-03-20 21:10:11 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-20 21:10:11 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-20 21:10:11 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-03-20 21:10:10 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2015-03-20 21:10:10 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2015-03-20 21:10:10 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2015-03-20 21:10:10 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2015-03-20 21:10:10 ----A---- C:\Windows\system32\eapphost.dll
2015-03-20 21:10:10 ----A---- C:\Windows\system32\eappgnui.dll
2015-03-20 21:10:10 ----A---- C:\Windows\system32\eappcfg.dll
2015-03-20 21:10:10 ----A---- C:\Windows\system32\eapp3hst.dll
2015-03-20 21:10:09 ----A---- C:\Windows\SYSWOW64\eappprxy.dll
2015-03-20 21:10:09 ----A---- C:\Windows\system32\eappprxy.dll
2015-03-20 21:09:53 ----A---- C:\Windows\system32\mshtml.dll
2015-03-20 21:09:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-20 21:09:49 ----A---- C:\Windows\system32\jscript9.dll
2015-03-20 21:09:49 ----A---- C:\Windows\system32\ieframe.dll
2015-03-20 21:09:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-20 21:09:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-20 21:09:40 ----A---- C:\Windows\system32\wininet.dll
2015-03-20 21:09:40 ----A---- C:\Windows\system32\iertutil.dll
2015-03-20 21:09:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-20 21:09:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-20 21:09:39 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-03-20 21:09:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-20 21:09:39 ----A---- C:\Windows\system32\urlmon.dll
2015-03-20 21:09:39 ----A---- C:\Windows\system32\inetcomm.dll
2015-03-20 21:09:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-20 21:09:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-20 21:09:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-20 21:09:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-20 21:09:37 ----A---- C:\Windows\system32\vbscript.dll
2015-03-20 21:09:37 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-20 21:09:37 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-20 21:09:37 ----A---- C:\Windows\system32\iepeers.dll
2015-03-20 21:09:37 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-20 21:09:37 ----A---- C:\Windows\system32\actxprxy.dll
2015-03-20 21:09:36 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-03-20 21:09:36 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-20 21:09:36 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-03-20 21:09:36 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-03-20 21:09:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-20 21:09:36 ----A---- C:\Windows\system32\webcheck.dll
2015-03-20 21:09:36 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-20 21:09:36 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-20 21:09:36 ----A---- C:\Windows\system32\jscript.dll
2015-03-20 21:09:36 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-20 21:09:36 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-20 21:09:26 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-20 21:09:26 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-20 21:09:26 ----A---- C:\Windows\system32\LockScreenContentServer.exe
2015-03-20 21:09:25 ----A---- C:\Windows\system32\shell32.dll
2015-03-20 21:09:24 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-20 21:09:16 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2015-03-20 21:09:16 ----A---- C:\Windows\system32\MrmCoreR.dll
2015-03-20 21:09:15 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-20 21:09:15 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-20 21:09:15 ----A---- C:\Windows\explorer.exe
2015-03-20 21:09:14 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-03-20 21:09:13 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-20 21:09:13 ----A---- C:\Windows\system32\msctf.dll
2015-03-20 21:00:44 ----D---- C:\ProgramData\{ed246866-b7f3-4517-ed24-46866b7fa19a}
2015-03-20 20:33:13 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-03-20 20:33:13 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-03-20 20:33:13 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-03-20 20:33:13 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-03-20 20:33:13 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-03-20 20:33:13 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-03-20 20:33:13 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-03-20 20:33:13 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\nvopencl.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\nvoglv64.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\NvIFR64.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\NvFBC64.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\nvdispgenco6434788.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\nvdispco6434788.dll
2015-03-20 20:33:13 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-03-20 20:33:13 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-03-20 20:33:12 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-03-20 20:33:12 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-03-20 20:33:12 ----A---- C:\Windows\system32\nvcuvid.dll
2015-03-20 20:33:11 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-03-20 20:33:11 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-03-20 20:33:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-03-20 20:33:11 ----A---- C:\Windows\system32\nvcuda.dll
2015-03-20 20:33:11 ----A---- C:\Windows\system32\nvcompiler.dll
2015-03-20 20:33:11 ----A---- C:\Windows\system32\nvapi64.dll
2015-02-26 03:06:40 ----D---- C:\FRST
2015-02-25 21:25:59 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2015-02-25 21:25:59 ----A---- C:\Windows\system32\Windows.Globalization.dll
2015-02-25 21:25:58 ----A---- C:\Windows\SYSWOW64\GlobCollationHost.dll
2015-02-25 21:25:58 ----A---- C:\Windows\system32\GlobCollationHost.dll

======List of files/folders modified in the last 1 month======

2015-03-24 19:38:55 ----D---- C:\Program Files\trend micro
2015-03-24 19:38:54 ----D---- C:\Windows\Prefetch
2015-03-24 19:35:04 ----D---- C:\Windows\system32\config
2015-03-24 19:33:25 ----RAD---- C:\Windows\System32
2015-03-24 19:33:07 ----D---- C:\Windows\WinSxS
2015-03-24 19:33:03 ----D---- C:\Windows\SysWOW64
2015-03-24 19:32:41 ----D---- C:\Windows\Inf
2015-03-23 22:16:54 ----AD---- C:\Windows
2015-03-23 22:16:49 ----D---- C:\Windows\system32\drivers
2015-03-23 22:16:49 ----D---- C:\Program Files\Windows Defender
2015-03-23 22:16:49 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-23 22:16:47 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-23 22:16:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-23 22:16:47 ----D---- C:\Windows\system32\en-US
2015-03-23 22:16:47 ----D---- C:\Windows\system32\cs-CZ
2015-03-23 22:16:46 ----RD---- C:\Windows\ToastData
2015-03-23 22:16:45 ----D---- C:\Windows\WinStore
2015-03-23 22:16:43 ----D---- C:\Program Files\Internet Explorer
2015-03-23 22:16:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-23 22:16:40 ----D---- C:\Windows\system32\DriverStore
2015-03-23 22:14:05 ----D---- C:\Users\Adrian\AppData\Roaming\ClassicShell
2015-03-23 22:02:00 ----D---- C:\Windows\system32\sru
2015-03-23 21:57:37 ----D---- C:\Windows\CbsTemp
2015-03-23 21:48:27 ----D---- C:\Windows\system32\MRT
2015-03-23 21:48:24 ----A---- C:\Windows\system32\MRT.exe
2015-03-23 21:09:23 ----AHD---- C:\ProgramData
2015-03-23 20:14:13 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent
2015-03-23 00:48:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-23 00:41:13 ----SHD---- C:\Windows\Installer
2015-03-23 00:41:12 ----RD---- C:\Program Files (x86)
2015-03-23 00:41:12 ----D---- C:\Windows\system32\Tasks
2015-03-23 00:31:14 ----D---- C:\Windows\system32\drivers\etc
2015-03-23 00:30:56 ----SHD---- C:\System Volume Information
2015-03-22 17:53:35 ----RSD---- C:\Windows\Fonts
2015-03-22 03:10:41 ----D---- C:\Windows\Microsoft.NET
2015-03-22 00:27:33 ----D---- C:\Windows\debug
2015-03-21 21:47:13 ----D---- C:\Windows\Help
2015-03-21 21:46:58 ----D---- C:\Program Files (x86)\Common Files
2015-03-21 20:51:41 ----D---- C:\Windows\AppReadiness
2015-03-21 20:51:40 ----HD---- C:\Program Files\WindowsApps
2015-03-20 22:20:29 ----D---- C:\Program Files (x86)\Ubisoft
2015-03-20 20:54:11 ----D---- C:\Windows\system32\catroot2
2015-03-20 20:36:19 ----D---- C:\ProgramData\NVIDIA
2015-03-20 20:34:34 ----D---- C:\Program Files\NVIDIA Corporation
2015-03-13 20:41:47 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-03-13 20:41:47 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-03-13 20:41:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-03-13 20:41:47 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-03-13 20:41:47 ----A---- C:\Windows\system32\nvinitx.dll
2015-03-13 17:16:47 ----A---- C:\Windows\system32\nvsvc64.dll
2015-03-13 17:16:47 ----A---- C:\Windows\system32\nvcpl.dll
2015-03-13 17:16:45 ----A---- C:\Windows\system32\nvvsvc.exe
2015-03-13 17:16:45 ----A---- C:\Windows\system32\nvsvcr.dll
2015-03-13 17:16:45 ----A---- C:\Windows\system32\nvshext.dll
2015-03-13 17:16:45 ----A---- C:\Windows\system32\nvmctray.dll
2015-03-13 17:16:45 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-03-13 17:16:45 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-03-04 22:24:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-26 02:47:59 ----D---- C:\Windows\SoftwareDistribution
2015-02-26 02:47:05 ----D---- C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
2015-02-26 02:46:53 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-02 267632]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-03-13 32456]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-01-12 386680]
R0 tos_sps64;@oem21.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys [2012-06-18 499096]
R0 TVALZ;@oem17.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R0 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\System32\Drivers\TVALZFL.sys [2012-07-21 16768]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-02 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-02 436624]
R1 dtsoftbus01;@oem32.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-01-12 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-02 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-02 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-02 116728]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-02 271752]
R3 AmUStor;@oem20.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@oem18.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-16 3859968]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-10-01 594632]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-09-16 4177920]
R3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-09-16 449528]
R3 iwdbus;@oem6.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 L1C;@oem13.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 MEIx64;@oem2.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-03-13 10262160]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-01-16 19784]
R3 nvvad_WaveExtensible;@oem30.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-22 34544]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-08-16 551936]
R3 SynTP;@oem23.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-06 528112]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2012-07-25 31184]
R3 Thotkey;@oem14.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem22.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dtscsidrv;dtscsidrv; C:\Windows\system32\drivers\dtscsidrv.sys [2015-01-12 309248]
S3 intaud_WaveExtensible;@oem5.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 nmwcd;@oem36.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem40.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-02 50344]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-23 1858048]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-01-16 1148744]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-01-16 1706312]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-01-16 21833544]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-03-13 935056]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-01-08 2324216]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-16 339456]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2013-08-10 328544]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-02 4012248]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-07-31 53864]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2013-09-04 466504]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-20 279024]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-22 148080]
S3 TemproMonitoringService;TEMPRO Service; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2013-07-19 116088]

-----------------EOF-----------------