Hláška nevyskočila, okna naběhla bez problémů. Pomalu mi mizí ikony z oznamovací oblasti vedle hodin... Jde čištění podle plánu?
Díky
ComboFix 15-04-09.01 - VT 13.04.2015 23:48:02.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.16320.13608 [GMT 2:00]
Spuštěný z: c:\users\VT\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VT\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Security\Client
c:\programdata\Microsoft\Security\Client\SecurityCache\zepplauncher.mif
c:\programdata\Microsoft\Security\Client\SecurityHelper.dll
c:\programdata\Microsoft\Security\Client\SecurityProvider.dll
c:\users\VT\AppData\Local\Ozics
c:\users\VT\AppData\Local\Ozics\New.lck
c:\users\VT\AppData\Local\Ozics\Test.lck
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-13 do 2015-04-13 )))))))))))))))))))))))))))))))
.
.
2015-04-13 20:11 . 2015-04-13 20:12 -------- d-----w- C:\AdwCleaner
2015-04-13 19:22 . 2015-03-14 01:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F8565B3-1F80-49FE-B30B-0E83B2079FB0}\mpengine.dll
2015-04-13 19:20 . 2015-03-07 18:23 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-12 20:37 . 2015-04-13 20:50 -------- d-----w- C:\FRST
2015-04-09 20:19 . 2015-04-13 20:18 -------- d-s---w- c:\windows\system32\CompatTel
2015-04-09 20:19 . 2015-04-13 20:18 -------- d-----w- c:\windows\system32\appraiser
2015-04-08 06:45 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-04-06 17:41 . 2015-03-13 15:38 622224 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-04-06 17:41 . 2015-04-13 21:51 -------- d-----w- c:\programdata\NVIDIA
2015-04-06 17:41 . 2015-03-13 16:16 6861968 ----a-w- c:\windows\system32\nvcpl.dll
2015-04-06 17:41 . 2015-03-13 16:16 3526856 ----a-w- c:\windows\system32\nvsvc64.dll
2015-04-06 17:41 . 2015-03-13 16:16 935056 ----a-w- c:\windows\system32\nvvsvc.exe
2015-04-06 17:41 . 2015-03-13 16:16 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-04-06 17:41 . 2015-03-13 16:16 386248 ----a-w- c:\windows\system32\nvmctray.dll
2015-04-06 17:41 . 2015-03-13 16:16 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2015-04-06 17:41 . 2015-03-11 13:10 4246327 ----a-w- c:\windows\system32\nvcoproc.bin
2015-04-06 17:41 . 2015-03-13 19:41 73872 ----a-w- c:\windows\system32\OpenCL.dll
2015-04-06 17:41 . 2015-03-13 19:41 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-04-04 06:30 . 2015-04-13 20:18 -------- d-s---w- c:\windows\system32\GWX
2015-04-04 06:30 . 2015-04-04 06:30 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-03 18:32 . 2015-04-03 18:32 -------- d-----w- c:\users\VT\AppData\Local\Skype
2015-04-03 18:32 . 2015-04-03 18:32 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-04-03 18:32 . 2015-04-03 18:32 -------- d-----r- c:\program files (x86)\Skype
2015-03-31 19:26 . 2015-03-31 19:26 -------- d-----w- c:\users\VT\AppData\Roaming\dvdcss
2015-03-31 18:46 . 2015-03-26 17:48 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06259846-655A-4BB3-8FE2-AFFAD0B02860}\gapaengine.dll
2015-03-26 17:48 . 2015-03-26 17:48 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-03-25 21:43 . 2015-03-25 21:43 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-03-25 21:43 . 2015-03-25 21:43 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-03-25 21:43 . 2015-03-25 21:44 -------- d-----w- c:\programdata\Oracle
2015-03-25 21:43 . 2015-03-25 21:43 -------- d-----w- c:\program files (x86)\Java
2015-03-24 20:58 . 2015-03-24 20:58 -------- d-----w- c:\users\VT\AppData\Local\DOSBox
2015-03-24 20:58 . 2015-03-24 20:58 -------- d-----w- c:\program files (x86)\DOSBox-0.74
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-03 18:33 . 2015-02-06 19:40 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-03 18:33 . 2015-02-05 23:38 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-28 03:44 . 2015-01-29 18:29 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-03-28 03:44 . 2015-01-29 18:29 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-03-28 03:43 . 2015-01-29 18:29 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-03-28 03:43 . 2015-01-29 18:29 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-03-12 00:38 . 2014-02-18 14:47 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-03-07 18:23 . 2015-02-04 22:19 268640 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-03-07 18:23 . 2015-02-04 22:19 136752 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-03-07 18:23 . 2015-02-04 22:19 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-03-07 18:23 . 2015-02-04 22:19 88408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-03-07 18:23 . 2015-02-04 22:19 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-03-07 18:23 . 2015-02-04 22:19 441728 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-03-07 18:23 . 2015-02-04 22:19 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-03-07 18:23 . 2015-03-07 18:23 43112 ----a-w- c:\windows\avastSS.scr
2015-03-07 18:23 . 2015-02-04 22:19 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-03-06 05:56 . 2015-03-11 06:58 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-03-06 05:56 . 2015-03-11 06:58 155576 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-03-06 05:42 . 2015-03-11 06:58 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-03-06 05:42 . 2015-03-11 06:58 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-03-06 05:42 . 2015-03-11 06:58 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-03-06 05:42 . 2015-03-11 06:58 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-03-06 05:42 . 2015-03-11 06:58 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-06 05:42 . 2015-03-11 06:58 28160 ----a-w- c:\windows\system32\secur32.dll
2015-03-06 05:42 . 2015-03-11 06:58 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-03-06 05:42 . 2015-03-11 06:58 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-03-06 05:42 . 2015-03-11 06:58 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-03-06 05:42 . 2015-03-11 06:58 728064 ----a-w- c:\windows\system32\kerberos.dll
2015-03-06 05:42 . 2015-03-11 06:58 22016 ----a-w- c:\windows\system32\credssp.dll
2015-03-06 05:41 . 2015-03-11 06:58 31232 ----a-w- c:\windows\system32\lsass.exe
2015-03-06 05:41 . 2015-03-11 06:58 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-03-06 05:39 . 2015-03-11 06:58 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-03-06 05:38 . 2015-03-11 06:58 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-03-06 05:36 . 2015-03-11 06:58 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-03-06 05:10 . 2015-03-11 06:58 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-03-06 05:10 . 2015-03-11 06:58 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-03-06 05:10 . 2015-03-11 06:58 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-06 05:10 . 2015-03-11 06:58 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-03-06 05:10 . 2015-03-11 06:58 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-03-06 05:10 . 2015-03-11 06:58 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-03-06 05:10 . 2015-03-11 06:58 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-03-06 05:10 . 2015-03-11 06:58 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-03-06 05:09 . 2015-03-11 06:58 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2015-03-06 05:09 . 2015-03-11 06:58 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-03-06 05:07 . 2015-03-11 06:58 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2015-03-06 05:07 . 2015-03-11 06:58 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2015-03-06 05:06 . 2015-03-11 06:58 686080 ----a-w- c:\windows\SysWow64\adtschema.dll
2015-03-03 13:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-26 03:25 . 2015-03-11 06:58 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-20 04:41 . 2015-03-11 06:59 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 06:59 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 06:59 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 06:59 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 06:59 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 06:59 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 06:59 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 06:59 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 06:59 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 06:59 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-13 05:22 . 2015-03-11 06:58 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-05 22:20 . 2015-02-05 22:21 8192 ----a-w- c:\windows\SysWow64\srvany.exe
2015-02-05 21:32 . 2015-02-05 21:32 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2015-02-04 03:16 . 2015-03-11 06:58 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 06:58 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 06:59 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 06:59 5554104 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-03 03:34 . 2015-03-11 06:59 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 06:59 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 06:59 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 06:59 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 06:59 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 06:58 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 06:58 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 06:59 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-03 03:31 . 2015-03-11 06:59 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-03 03:31 . 2015-03-11 06:59 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 06:59 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 06:59 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 06:59 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 06:59 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 06:59 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 06:59 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 06:59 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 06:59 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-11 06:59 641024 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-11 06:59 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-11 06:59 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-11 06:59 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-11 06:59 4121600 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-11 06:59 206848 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-11 06:59 631808 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-11 06:59 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-11 06:59 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-11 06:59 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-11 06:59 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-11 06:59 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-11 06:59 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-11 06:59 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-11 06:59 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-02-03 03:30 . 2015-03-11 06:59 187904 ----a-w- c:\windows\system32\cryptsvc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-02-21 292848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-18 5511352]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2014-12-03 840592]
"Fujitsu Mouse"="c:\program files (x86)\Fujitsu Mouse\DriverSt.exe" [2012-08-21 184393]
"LWBKEYLOCK"="c:\program files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\SkeyLock.exe" [2008-05-02 310784]
"ADSKAppManager"="c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" [2014-12-05 493960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 mi-raysat_3dsmax2015_64;mental ray Satellite for Autodesk 3ds Max 2015 64-bit;c:\program files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe;c:\program files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 NVSWCFilter;NVIDIA SHIELD Wireless Controller Trackpad Service;c:\windows\system32\drivers\nvswcfilter.sys;c:\windows\SYSNATIVE\drivers\nvswcfilter.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-04 06:29 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 18:33]
.
2015-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 22:19]
.
2015-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 22:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-03-07 18:23 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-10-29 7203032]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\VT\AppData\Roaming\Mozilla\Firefox\Profiles\52v48myu.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
.
**************************************************************************
.
Celkový čas: 2015-04-13 23:53:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-04-13 21:53
ComboFix2.txt 2015-04-13 21:19
.
Před spuštěním: Volných bajtů: 93 569 036 288
Po spuštění: Volných bajtů: 93 508 800 512
.
- - End Of File - - 10AC69BFE1EC78571FC1E3AFB8012126
A36C5E4F47E84449FF07ED3517B43A31
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Stále znovu se objevující virus
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Stále znovu se objevující virus
Sam jsem prekvapen, jak to jde hladce (nejvetsi praci udelal jiz fixlist pro FRST). Vyzkousejte odinstalovat MSE a pote dejte novy log z FRST.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Stále znovu se objevující virus
Pozoruji výrazné zrychlení bootování (restart cca 15 sec.), ikony oznamovací oblasti se vracejí. MSE je pryč.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by VT (administrator) on VT-PC on 14-04-2015 00:05:28
Running from C:\Users\VT\Desktop
Loaded Profiles: VT (Available profiles: VT)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Fujitsu) C:\Program Files (x86)\Fujitsu Mouse\Driverap4.exe
() C:\Program Files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\SkeyLock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-29] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Fujitsu Mouse] => C:\Program Files (x86)\Fujitsu Mouse\DriverSt.exe [184393 2012-08-21] ()
HKLM-x32\...\Run: [LWBKEYLOCK] => C:\Program Files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\SkeyLock.exe [310784 2008-05-02] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3326361065-4142631383-672199101-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3326361065-4142631383-672199101-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-07] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-07] (Avast Software s.r.o.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF ProfilePath: C:\Users\VT\AppData\Roaming\Mozilla\Firefox\Profiles\52v48myu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-03] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-03] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Extension: YouTube Enhancer Plus - C:\Users\VT\AppData\Roaming\Mozilla\Firefox\Profiles\52v48myu.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2015-02-05]
FF Extension: Adblock Plus - C:\Users\VT\AppData\Roaming\Mozilla\Firefox\Profiles\52v48myu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-02-09]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Google Docs) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-05]
CHR Extension: (YouTube) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-05]
CHR Extension: (Google Search) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-05]
CHR Extension: (Google Sheets) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Avast Online Security) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-05]
CHR Extension: (Google Wallet) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-05]
CHR Extension: (Gmail) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-07] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-07] (Avast Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-02-06] () [File not signed]
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-07] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-07] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-05] (Disc Soft Ltd)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\system32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-07] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-13 23:53 - 2015-04-13 23:53 - 00025194 _____ () C:\ComboFix.txt
2015-04-13 23:14 - 2015-04-13 23:53 - 00000000 ____D () C:\Qoobox
2015-04-13 23:14 - 2015-04-13 23:51 - 00000000 ____D () C:\Windows\erdnt
2015-04-13 23:14 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-13 23:14 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-13 23:14 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-13 23:13 - 2015-04-13 23:13 - 00002038 _____ () C:\Users\VT\Desktop\Rkill.txt
2015-04-13 23:09 - 2015-04-13 23:09 - 05617275 ____R (Swearware) C:\Users\VT\Desktop\ComboFix.exe
2015-04-13 23:09 - 2015-04-13 23:09 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\VT\Desktop\rkill.exe
2015-04-13 22:49 - 2015-04-14 00:05 - 00017636 _____ () C:\Users\VT\Desktop\FRST.txt
2015-04-13 22:11 - 2015-04-13 22:12 - 00000000 ____D () C:\AdwCleaner
2015-04-13 22:10 - 2015-04-13 22:10 - 02217984 _____ () C:\Users\VT\Desktop\adwcleaner_4.201.exe
2015-04-13 21:21 - 2015-04-13 21:21 - 02096640 _____ (Farbar) C:\Users\VT\Desktop\FRST64.exe
2015-04-13 21:20 - 2015-04-13 21:20 - 00001928 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-13 21:20 - 2015-03-07 20:23 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-12 22:37 - 2015-04-14 00:05 - 00000000 ____D () C:\FRST
2015-04-09 22:19 - 2015-04-13 22:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-09 22:19 - 2015-04-13 22:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-08 21:18 - 2015-04-08 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-06 19:41 - 2015-04-14 00:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-06 19:41 - 2015-03-13 21:41 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-06 19:41 - 2015-03-13 21:41 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-06 19:41 - 2015-03-13 18:16 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-06 19:41 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-06 19:41 - 2015-03-11 15:10 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-06 19:40 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-06 19:40 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-04-06 19:40 - 2015-03-13 21:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-04-04 08:30 - 2015-04-13 22:18 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 08:30 - 2015-04-04 08:30 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-03 20:32 - 2015-04-03 20:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-03 20:32 - 2015-04-03 20:32 - 00000000 ____D () C:\Users\VT\AppData\Local\Skype
2015-04-03 20:32 - 2015-04-03 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-02 08:33 - 2015-02-23 12:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-02 08:33 - 2015-02-23 12:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-02 08:33 - 2015-02-23 12:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-02 08:33 - 2015-02-23 12:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-02 08:33 - 2015-02-23 12:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-02 08:33 - 2015-02-23 12:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-02 08:33 - 2015-02-23 11:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-02 08:33 - 2015-02-23 10:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-02 08:33 - 2015-02-23 10:25 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-02 08:33 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet(554).dll
2015-04-02 08:33 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon(553).dll
2015-04-02 08:33 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-02 08:33 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-02 08:33 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-02 08:33 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-02 08:33 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-02 08:33 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-02 08:33 - 2015-02-21 06:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-03-31 21:26 - 2015-03-31 21:26 - 00000000 ____D () C:\Users\VT\AppData\Roaming\dvdcss
2015-03-25 23:43 - 2015-03-25 23:44 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-25 23:43 - 2015-03-25 23:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-25 23:43 - 2015-03-25 23:43 - 00000000 ____D () C:\ProgramData\Sun
2015-03-25 23:43 - 2015-03-25 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-25 23:43 - 2015-03-25 23:43 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-24 22:58 - 2015-03-24 22:58 - 00000000 ____D () C:\Users\VT\AppData\Local\DOSBox
2015-03-24 22:58 - 2015-03-24 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2015-03-24 22:58 - 2015-03-24 22:58 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.74
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 00:04 - 2015-02-05 00:19 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-14 00:04 - 2015-02-04 23:06 - 01585546 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 00:04 - 2015-01-29 20:36 - 00085761 _____ () C:\Windows\SysWOW64\Gms.log
2015-04-14 00:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 00:04 - 2009-07-14 06:51 - 00084263 _____ () C:\Windows\setupact.log
2015-04-14 00:03 - 2014-02-18 17:58 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-04-13 23:59 - 2009-07-14 06:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-13 23:59 - 2009-07-14 06:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-13 23:58 - 2011-04-12 10:34 - 00668540 _____ () C:\Windows\system32\perfh005.dat
2015-04-13 23:58 - 2011-04-12 10:34 - 00141200 _____ () C:\Windows\system32\perfc005.dat
2015-04-13 23:58 - 2009-07-14 07:13 - 01583214 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-13 23:52 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-13 23:51 - 2015-02-12 00:13 - 00002048 _____ () C:\Users\VT\AppData\Roaming\mouse.dat
2015-04-13 23:51 - 2015-02-12 00:13 - 00000256 _____ () C:\Users\VT\AppData\Roaming\setup.dat
2015-04-13 23:51 - 2010-11-21 05:47 - 00019510 _____ () C:\Windows\PFRO.log
2015-04-13 23:29 - 2015-02-05 00:19 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 23:19 - 2015-02-06 21:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-13 23:19 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-04-13 22:19 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-04-13 22:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-13 22:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-13 22:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-13 22:18 - 2015-02-06 22:52 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-04-13 22:18 - 2015-02-06 22:45 - 00000000 ____D () C:\Users\VT\AppData\Roaming\Autodesk
2015-04-13 22:18 - 2015-02-05 22:56 - 00000000 ____D () C:\Users\VT\AppData\Roaming\uTorrent
2015-04-13 22:18 - 2015-02-05 21:29 - 00000000 ____D () C:\Users\VT\AppData\Roaming\GHISLER
2015-04-13 22:18 - 2015-02-05 01:15 - 00000000 ____D () C:\Users\VT\AppData\Roaming\Winamp
2015-04-13 22:18 - 2015-02-05 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-13 22:18 - 2015-02-04 23:53 - 00000000 ____D () C:\Users\VT\AppData\Roaming\vlc
2015-04-13 22:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-13 22:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-13 22:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-13 22:11 - 2015-02-06 00:43 - 00000000 ____D () C:\Users\VT\AppData\Local\Adobe
2015-04-13 21:20 - 2015-02-05 00:20 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-13 21:20 - 2015-02-04 23:07 - 00000000 ____D () C:\Users\VT
2015-04-09 08:03 - 2015-02-04 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-06 19:55 - 2015-02-11 00:23 - 00000000 ____D () C:\Users\VT\AppData\Roaming\MediaMonkey
2015-04-06 19:42 - 2015-01-29 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-06 19:41 - 2015-01-29 20:28 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-06 19:41 - 2015-01-29 20:28 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-06 19:41 - 2015-01-29 20:27 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-06 19:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2015-04-03 20:33 - 2015-02-06 21:40 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-03 20:33 - 2015-02-06 21:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-03 20:33 - 2015-02-06 01:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-03 20:33 - 2015-02-05 01:05 - 00000000 ____D () C:\Users\VT\AppData\Roaming\Skype
2015-04-03 20:32 - 2014-02-18 17:57 - 00000000 ____D () C:\ProgramData\Skype
2015-03-28 05:44 - 2015-01-29 20:29 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:44 - 2015-01-29 20:29 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:43 - 2015-01-29 20:29 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2015-01-29 20:29 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-26 09:31 - 2009-07-14 07:08 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-26 01:44 - 2015-02-05 23:40 - 00000000 ____D () C:\Users\VT\AppData\Local\Microsoft Help
2015-03-26 01:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-16 23:55 - 2015-02-05 01:20 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
==================== Files in the root of some directories =======
2015-02-12 00:13 - 2015-04-13 23:51 - 0002048 _____ () C:\Users\VT\AppData\Roaming\mouse.dat
2015-02-12 00:13 - 2015-04-13 23:51 - 0000256 _____ () C:\Users\VT\AppData\Roaming\setup.dat
2015-02-23 21:30 - 2015-02-23 21:30 - 0001456 _____ () C:\Users\VT\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-02-13 23:54 - 2015-02-13 23:54 - 0000017 _____ () C:\Users\VT\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-05 20:52
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by VT (administrator) on VT-PC on 14-04-2015 00:05:28
Running from C:\Users\VT\Desktop
Loaded Profiles: VT (Available profiles: VT)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Fujitsu) C:\Program Files (x86)\Fujitsu Mouse\Driverap4.exe
() C:\Program Files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\SkeyLock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-29] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Fujitsu Mouse] => C:\Program Files (x86)\Fujitsu Mouse\DriverSt.exe [184393 2012-08-21] ()
HKLM-x32\...\Run: [LWBKEYLOCK] => C:\Program Files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\SkeyLock.exe [310784 2008-05-02] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3326361065-4142631383-672199101-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3326361065-4142631383-672199101-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-07] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-07] (Avast Software s.r.o.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF ProfilePath: C:\Users\VT\AppData\Roaming\Mozilla\Firefox\Profiles\52v48myu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-03] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-03] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Extension: YouTube Enhancer Plus - C:\Users\VT\AppData\Roaming\Mozilla\Firefox\Profiles\52v48myu.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2015-02-05]
FF Extension: Adblock Plus - C:\Users\VT\AppData\Roaming\Mozilla\Firefox\Profiles\52v48myu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-02-09]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Google Docs) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-05]
CHR Extension: (YouTube) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-05]
CHR Extension: (Google Search) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-05]
CHR Extension: (Google Sheets) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Avast Online Security) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-05]
CHR Extension: (Google Wallet) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-05]
CHR Extension: (Gmail) - C:\Users\VT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-07] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-07] (Avast Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-02-06] () [File not signed]
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-07] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-07] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-05] (Disc Soft Ltd)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\system32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-07] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-13 23:53 - 2015-04-13 23:53 - 00025194 _____ () C:\ComboFix.txt
2015-04-13 23:14 - 2015-04-13 23:53 - 00000000 ____D () C:\Qoobox
2015-04-13 23:14 - 2015-04-13 23:51 - 00000000 ____D () C:\Windows\erdnt
2015-04-13 23:14 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-13 23:14 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-13 23:14 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-13 23:14 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-13 23:13 - 2015-04-13 23:13 - 00002038 _____ () C:\Users\VT\Desktop\Rkill.txt
2015-04-13 23:09 - 2015-04-13 23:09 - 05617275 ____R (Swearware) C:\Users\VT\Desktop\ComboFix.exe
2015-04-13 23:09 - 2015-04-13 23:09 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\VT\Desktop\rkill.exe
2015-04-13 22:49 - 2015-04-14 00:05 - 00017636 _____ () C:\Users\VT\Desktop\FRST.txt
2015-04-13 22:11 - 2015-04-13 22:12 - 00000000 ____D () C:\AdwCleaner
2015-04-13 22:10 - 2015-04-13 22:10 - 02217984 _____ () C:\Users\VT\Desktop\adwcleaner_4.201.exe
2015-04-13 21:21 - 2015-04-13 21:21 - 02096640 _____ (Farbar) C:\Users\VT\Desktop\FRST64.exe
2015-04-13 21:20 - 2015-04-13 21:20 - 00001928 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-13 21:20 - 2015-03-07 20:23 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-12 22:37 - 2015-04-14 00:05 - 00000000 ____D () C:\FRST
2015-04-09 22:19 - 2015-04-13 22:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-09 22:19 - 2015-04-13 22:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-08 21:18 - 2015-04-08 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-06 19:41 - 2015-04-14 00:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-06 19:41 - 2015-03-13 21:41 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-06 19:41 - 2015-03-13 21:41 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-06 19:41 - 2015-03-13 18:16 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-06 19:41 - 2015-03-13 18:16 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-06 19:41 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-06 19:41 - 2015-03-11 15:10 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-06 19:40 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-06 19:40 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00400584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00390288 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00346824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-04-06 19:40 - 2015-03-13 21:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-04-06 19:40 - 2015-03-13 21:41 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-04-04 08:30 - 2015-04-13 22:18 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 08:30 - 2015-04-04 08:30 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-03 20:32 - 2015-04-03 20:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-03 20:32 - 2015-04-03 20:32 - 00000000 ____D () C:\Users\VT\AppData\Local\Skype
2015-04-03 20:32 - 2015-04-03 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-02 08:33 - 2015-02-23 12:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-02 08:33 - 2015-02-23 12:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-02 08:33 - 2015-02-23 12:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-02 08:33 - 2015-02-23 12:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-02 08:33 - 2015-02-23 12:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-02 08:33 - 2015-02-23 12:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-02 08:33 - 2015-02-23 12:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-02 08:33 - 2015-02-23 11:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-02 08:33 - 2015-02-23 10:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-02 08:33 - 2015-02-23 10:25 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-02 08:33 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet(554).dll
2015-04-02 08:33 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon(553).dll
2015-04-02 08:33 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-02 08:33 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-02 08:33 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-02 08:33 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-02 08:33 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-02 08:33 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-02 08:33 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-02 08:33 - 2015-02-21 06:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-03-31 21:26 - 2015-03-31 21:26 - 00000000 ____D () C:\Users\VT\AppData\Roaming\dvdcss
2015-03-25 23:43 - 2015-03-25 23:44 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-25 23:43 - 2015-03-25 23:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-25 23:43 - 2015-03-25 23:43 - 00000000 ____D () C:\ProgramData\Sun
2015-03-25 23:43 - 2015-03-25 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-25 23:43 - 2015-03-25 23:43 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-24 22:58 - 2015-03-24 22:58 - 00000000 ____D () C:\Users\VT\AppData\Local\DOSBox
2015-03-24 22:58 - 2015-03-24 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2015-03-24 22:58 - 2015-03-24 22:58 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.74
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 00:04 - 2015-02-05 00:19 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-14 00:04 - 2015-02-04 23:06 - 01585546 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 00:04 - 2015-01-29 20:36 - 00085761 _____ () C:\Windows\SysWOW64\Gms.log
2015-04-14 00:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 00:04 - 2009-07-14 06:51 - 00084263 _____ () C:\Windows\setupact.log
2015-04-14 00:03 - 2014-02-18 17:58 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-04-13 23:59 - 2009-07-14 06:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-13 23:59 - 2009-07-14 06:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-13 23:58 - 2011-04-12 10:34 - 00668540 _____ () C:\Windows\system32\perfh005.dat
2015-04-13 23:58 - 2011-04-12 10:34 - 00141200 _____ () C:\Windows\system32\perfc005.dat
2015-04-13 23:58 - 2009-07-14 07:13 - 01583214 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-13 23:52 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-13 23:51 - 2015-02-12 00:13 - 00002048 _____ () C:\Users\VT\AppData\Roaming\mouse.dat
2015-04-13 23:51 - 2015-02-12 00:13 - 00000256 _____ () C:\Users\VT\AppData\Roaming\setup.dat
2015-04-13 23:51 - 2010-11-21 05:47 - 00019510 _____ () C:\Windows\PFRO.log
2015-04-13 23:29 - 2015-02-05 00:19 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 23:19 - 2015-02-06 21:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-13 23:19 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-04-13 22:19 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-04-13 22:19 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-13 22:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-13 22:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-13 22:18 - 2015-02-06 22:52 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-04-13 22:18 - 2015-02-06 22:45 - 00000000 ____D () C:\Users\VT\AppData\Roaming\Autodesk
2015-04-13 22:18 - 2015-02-05 22:56 - 00000000 ____D () C:\Users\VT\AppData\Roaming\uTorrent
2015-04-13 22:18 - 2015-02-05 21:29 - 00000000 ____D () C:\Users\VT\AppData\Roaming\GHISLER
2015-04-13 22:18 - 2015-02-05 01:15 - 00000000 ____D () C:\Users\VT\AppData\Roaming\Winamp
2015-04-13 22:18 - 2015-02-05 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-13 22:18 - 2015-02-04 23:53 - 00000000 ____D () C:\Users\VT\AppData\Roaming\vlc
2015-04-13 22:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-13 22:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-13 22:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-13 22:11 - 2015-02-06 00:43 - 00000000 ____D () C:\Users\VT\AppData\Local\Adobe
2015-04-13 21:20 - 2015-02-05 00:20 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-13 21:20 - 2015-02-04 23:07 - 00000000 ____D () C:\Users\VT
2015-04-09 08:03 - 2015-02-04 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-06 19:55 - 2015-02-11 00:23 - 00000000 ____D () C:\Users\VT\AppData\Roaming\MediaMonkey
2015-04-06 19:42 - 2015-01-29 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-06 19:41 - 2015-01-29 20:28 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-06 19:41 - 2015-01-29 20:28 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-06 19:41 - 2015-01-29 20:27 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-06 19:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2015-04-03 20:33 - 2015-02-06 21:40 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-03 20:33 - 2015-02-06 21:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-03 20:33 - 2015-02-06 01:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-03 20:33 - 2015-02-05 01:05 - 00000000 ____D () C:\Users\VT\AppData\Roaming\Skype
2015-04-03 20:32 - 2014-02-18 17:57 - 00000000 ____D () C:\ProgramData\Skype
2015-03-28 05:44 - 2015-01-29 20:29 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:44 - 2015-01-29 20:29 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:43 - 2015-01-29 20:29 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2015-01-29 20:29 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-26 09:31 - 2009-07-14 07:08 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-26 01:44 - 2015-02-05 23:40 - 00000000 ____D () C:\Users\VT\AppData\Local\Microsoft Help
2015-03-26 01:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-16 23:55 - 2015-02-05 01:20 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
==================== Files in the root of some directories =======
2015-02-12 00:13 - 2015-04-13 23:51 - 0002048 _____ () C:\Users\VT\AppData\Roaming\mouse.dat
2015-02-12 00:13 - 2015-04-13 23:51 - 0000256 _____ () C:\Users\VT\AppData\Roaming\setup.dat
2015-02-23 21:30 - 2015-02-23 21:30 - 0001456 _____ () C:\Users\VT\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-02-13 23:54 - 2015-02-13 23:54 - 0000017 _____ () C:\Users\VT\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-05 20:52
==================== End Of Log ============================
Re: Stále znovu se objevující virus
Vypada to o dost lepe. Doinstalujte vsechny dulezite Windows aktualizace (vcetne Internet Exploreru 11) a az bude cas, doporucuji jeste vlastni sken (alespon systemoveho disku) pomoci MBAMu viz nize. Nainstalujte MBAM a udelejte vlastni sken systemoveho disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928
- Upozorneni: tento sken zabere od 30 minut po nekolik hodin - na SSD o neco mene, ale stale je to casove narocnejsi sken.
Nepodarilo se Vam ani jednou prilozit Addition.txt, takze jeho obsah vlozte do pristi odpovedi (jako to delate s ostatnimi logy).Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Stále znovu se objevující virus
MBAM proskenoval systémový disk. Log zde, okno nechávám otevřené pro provedení vámi doporučených akcí.
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 14.4.2015
Čas skenování: 0:35:55
Protokol: MBAM.txt
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.04.13.08
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: VT
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 744996
Uplynulý čas: 30 min, 43 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 3
Trojan.VBCrypt, C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\temp\tmpF3DF.exe, , [08147fed24660f273eb559eb3ec4946c],
Trojan.Sathurbot, C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Security\Client\SecurityHelper.dll.vir, , [8597aebe2565251155d5b18937cb7789],
Trojan.Sathurbot, C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Security\Client\SecurityProvider.dll.vir, , [b963115bddadc37336e51d559e62df21],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
--------------------------------------------------------------------------------------------------------------------
Ještě Addition z FRST:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by VT at 2015-04-14 00:05:42
Running from C:\Users\VT\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3326361065-4142631383-672199101-1000\...\uTorrent) (Version: 3.4.2.38429 - BitTorrent Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Aktualizace NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.3.374.0 - Autodesk)
Autodesk 3ds Max 2015 (Version: 17.3.374.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk 3ds Max 2015 SDK (HKLM\...\{BEC2299E-C141-412D-AE5B-04E888190043}) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 SP3 (HKLM\...\Autodesk 3ds Max 2015 SP3) (Version: 17.3.374.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit) (Version: - Autodesk)
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
CanoScan 9000F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq9602) (Version: - )
CGS17_Setup_x64 (Version: 17.3 - Corel Corporation) Hidden
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B344E0F4-3FD8-4D88-97AF-3F75033FA562}) (Version: 17.3.0.772 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.3.772 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.3.772 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.3.0.772 - Corel Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FastStone Image Viewer 5.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
Forest Pack Pro 4.3.6 (HKLM-x32\...\Forest Pack Pro) (Version: 4.3.6 - Itoo Software)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Keyboard Lock Status driver 3.0 (HKLM-x32\...\Keyboard Lock Status driver_is1) (Version: - )
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 cs)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7138 - MyHeritage.com)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
ST (HKLM-x32\...\ST) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
UninstallFujitsu Mouse (HKLM-x32\...\{A3BE2F96-2FC2-420D-980B-EC4B856F07FA}_is1) (Version: - Fujitsu Mouse)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
V-Ray for 3dsmax 2015 for x64 (HKLM\...\V-Ray for 3dsmax 2015 for x64) (Version: 3.00.07 - Chaos Software Ltd)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
==================== Restore Points =========================
25-02-2015 16:25:04 Windows Update
01-03-2015 19:43:00 Windows Update
02-03-2015 07:46:19 Operace obnovení
02-03-2015 07:47:30 avast! antivirus system restore point
02-03-2015 08:30:13 Windows Update
03-03-2015 22:20:13 Windows Update
07-03-2015 10:08:58 Windows Update
07-03-2015 20:22:36 avast! antivirus system restore point
08-03-2015 10:36:32 Windows Update
10-03-2015 00:51:30 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
10-03-2015 00:51:39 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
10-03-2015 00:51:46 Nainstalováno rozhraní DirectX
10-03-2015 00:53:13 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
12-03-2015 02:37:26 Windows Update
15-03-2015 14:00:08 Windows Update
19-03-2015 09:28:25 Windows Update
22-03-2015 17:31:10 Windows Update
25-03-2015 18:57:48 Windows Update
29-03-2015 08:34:55 Windows Update
01-04-2015 22:16:02 Windows Update
01-04-2015 22:16:33 Instalační služba modulů systému Windows
02-04-2015 19:22:29 Windows Update
04-04-2015 08:30:31 Windows Update
08-04-2015 08:45:12 Windows Update
09-04-2015 22:01:09 Instalační služba modulů systému Windows
09-04-2015 22:05:24 Windows Update
11-04-2015 03:00:13 Windows Update
11-04-2015 13:04:04 Instalační služba modulů systému Windows
13-04-2015 20:56:36 avast! antivirus system restore point
13-04-2015 21:01:40 Instalační služba modulů systému Windows
13-04-2015 21:20:28 avast! antivirus system restore point
13-04-2015 21:22:02 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-04-13 23:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0100ABF8-D134-4E3E-85A5-864FABAB39AE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {0B690D69-9743-47BC-BA3D-823A6997064B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
Task: {2433C451-2259-47A9-A86D-A3953816EE41} - System32\Tasks\AdobeAAMUpdater-1.0-VT-PC-VT => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {3F62DEAE-A759-45CC-A56B-BAF6F6D20580} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
Task: {85F19C6E-9735-4E1F-A994-9380291F88C6} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {B5C3EAB8-2E20-408F-9E83-395CDCF08B6A} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {B783939B-B5D1-444F-B665-0B1262C7DF96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-07] (Avast Software s.r.o.)
Task: {D327E81D-2261-41E8-A12B-A652A1D258C8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F51F3F60-61C5-4B0C-BF8F-E32335E606DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-03] (Adobe Systems Incorporated)
Task: {F5A1D77F-5EF7-49A4-85FC-51F7B223A1ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-04-06 19:41 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-02-11 23:29 - 2008-05-02 15:32 - 00310784 _____ () C:\Program Files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\SkeyLock.exe
2015-03-07 20:23 - 2015-03-07 20:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-07 20:23 - 2015-03-07 20:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-13 22:14 - 2015-04-13 22:14 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041302\algo.dll
2015-03-10 00:53 - 2014-12-05 04:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-03-10 00:53 - 2014-12-05 04:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-03-07 20:23 - 2015-03-07 20:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-11 23:29 - 2008-05-02 15:32 - 00049152 _____ () C:\Program Files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\kLockDll.dll
2015-03-07 20:23 - 2015-03-07 20:23 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-07 20:23 - 2015-03-07 20:23 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
2015-04-06 19:29 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3326361065-4142631383-672199101-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.46.172.36 - 213.46.172.37
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3326361065-4142631383-672199101-500 - Administrator - Disabled)
Guest (S-1-5-21-3326361065-4142631383-672199101-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3326361065-4142631383-672199101-1002 - Limited - Enabled)
VT (S-1-5-21-3326361065-4142631383-672199101-1000 - Administrator - Enabled) => C:\Users\VT
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2015 00:04:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 11:51:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 10:39:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 10:13:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:20:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xd08
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Error: (04/13/2015 09:11:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:08:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2cc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Error: (04/13/2015 09:06:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x6ec
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Error: (04/13/2015 09:06:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/13/2015 11:51:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/13/2015 11:51:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/13/2015 11:51:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/13/2015 11:49:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/13/2015 11:47:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/13/2015 11:18:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/13/2015 11:16:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/13/2015 10:39:08 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%8604.7.0205.0%%886%%8920x80070002Systém nemůže nalézt uvedený soubor. 9
Error: (04/13/2015 10:38:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/13/2015 10:38:44 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (04/14/2015 00:04:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 11:51:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 10:39:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 10:13:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:20:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000d0801d0761da459e45eC:\Windows\Explorer.EXEunknowne28bbc4e-e210-11e4-b79f-d8cb8a31ca7f
Error: (04/13/2015 09:11:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:08:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000000000002cc01d0761d24b9c5a8C:\Windows\Explorer.EXEunknown6b5a9db0-e210-11e4-92ba-c26f80088e85
Error: (04/13/2015 09:06:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000000000006ec01d0761cfde382f6C:\Windows\Explorer.EXEunknown3d330007-e210-11e4-b824-d8cb8a31ca7f
Error: (04/13/2015 09:06:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-04-13 23:51:12.932
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:51:12.916
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:51:12.900
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:51:12.869
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:47:53.797
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:47:53.782
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 11%
Total physical RAM: 16319.7 MB
Available physical RAM: 14476.79 MB
Total Pagefile: 32637.59 MB
Available Pagefile: 30714.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:232.69 GB) (Free:87.39 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:724.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 8E3E1C7C)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8E3E1C6D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 14.4.2015
Čas skenování: 0:35:55
Protokol: MBAM.txt
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.04.13.08
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: VT
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 744996
Uplynulý čas: 30 min, 43 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 3
Trojan.VBCrypt, C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\temp\tmpF3DF.exe, , [08147fed24660f273eb559eb3ec4946c],
Trojan.Sathurbot, C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Security\Client\SecurityHelper.dll.vir, , [8597aebe2565251155d5b18937cb7789],
Trojan.Sathurbot, C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Security\Client\SecurityProvider.dll.vir, , [b963115bddadc37336e51d559e62df21],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
--------------------------------------------------------------------------------------------------------------------
Ještě Addition z FRST:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by VT at 2015-04-14 00:05:42
Running from C:\Users\VT\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3326361065-4142631383-672199101-1000\...\uTorrent) (Version: 3.4.2.38429 - BitTorrent Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Aktualizace NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.3.374.0 - Autodesk)
Autodesk 3ds Max 2015 (Version: 17.3.374.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk 3ds Max 2015 SDK (HKLM\...\{BEC2299E-C141-412D-AE5B-04E888190043}) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 SP3 (HKLM\...\Autodesk 3ds Max 2015 SP3) (Version: 17.3.374.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit) (Version: - Autodesk)
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
CanoScan 9000F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq9602) (Version: - )
CGS17_Setup_x64 (Version: 17.3 - Corel Corporation) Hidden
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B344E0F4-3FD8-4D88-97AF-3F75033FA562}) (Version: 17.3.0.772 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.3.772 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.3.772 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.3.0.772 - Corel Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FastStone Image Viewer 5.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
Forest Pack Pro 4.3.6 (HKLM-x32\...\Forest Pack Pro) (Version: 4.3.6 - Itoo Software)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Keyboard Lock Status driver 3.0 (HKLM-x32\...\Keyboard Lock Status driver_is1) (Version: - )
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 cs)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7138 - MyHeritage.com)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
ST (HKLM-x32\...\ST) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
UninstallFujitsu Mouse (HKLM-x32\...\{A3BE2F96-2FC2-420D-980B-EC4B856F07FA}_is1) (Version: - Fujitsu Mouse)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
V-Ray for 3dsmax 2015 for x64 (HKLM\...\V-Ray for 3dsmax 2015 for x64) (Version: 3.00.07 - Chaos Software Ltd)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3326361065-4142631383-672199101-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
==================== Restore Points =========================
25-02-2015 16:25:04 Windows Update
01-03-2015 19:43:00 Windows Update
02-03-2015 07:46:19 Operace obnovení
02-03-2015 07:47:30 avast! antivirus system restore point
02-03-2015 08:30:13 Windows Update
03-03-2015 22:20:13 Windows Update
07-03-2015 10:08:58 Windows Update
07-03-2015 20:22:36 avast! antivirus system restore point
08-03-2015 10:36:32 Windows Update
10-03-2015 00:51:30 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
10-03-2015 00:51:39 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
10-03-2015 00:51:46 Nainstalováno rozhraní DirectX
10-03-2015 00:53:13 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
12-03-2015 02:37:26 Windows Update
15-03-2015 14:00:08 Windows Update
19-03-2015 09:28:25 Windows Update
22-03-2015 17:31:10 Windows Update
25-03-2015 18:57:48 Windows Update
29-03-2015 08:34:55 Windows Update
01-04-2015 22:16:02 Windows Update
01-04-2015 22:16:33 Instalační služba modulů systému Windows
02-04-2015 19:22:29 Windows Update
04-04-2015 08:30:31 Windows Update
08-04-2015 08:45:12 Windows Update
09-04-2015 22:01:09 Instalační služba modulů systému Windows
09-04-2015 22:05:24 Windows Update
11-04-2015 03:00:13 Windows Update
11-04-2015 13:04:04 Instalační služba modulů systému Windows
13-04-2015 20:56:36 avast! antivirus system restore point
13-04-2015 21:01:40 Instalační služba modulů systému Windows
13-04-2015 21:20:28 avast! antivirus system restore point
13-04-2015 21:22:02 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-04-13 23:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0100ABF8-D134-4E3E-85A5-864FABAB39AE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {0B690D69-9743-47BC-BA3D-823A6997064B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
Task: {2433C451-2259-47A9-A86D-A3953816EE41} - System32\Tasks\AdobeAAMUpdater-1.0-VT-PC-VT => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {3F62DEAE-A759-45CC-A56B-BAF6F6D20580} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
Task: {85F19C6E-9735-4E1F-A994-9380291F88C6} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {B5C3EAB8-2E20-408F-9E83-395CDCF08B6A} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {B783939B-B5D1-444F-B665-0B1262C7DF96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-07] (Avast Software s.r.o.)
Task: {D327E81D-2261-41E8-A12B-A652A1D258C8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F51F3F60-61C5-4B0C-BF8F-E32335E606DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-03] (Adobe Systems Incorporated)
Task: {F5A1D77F-5EF7-49A4-85FC-51F7B223A1ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-04-06 19:41 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-02-11 23:29 - 2008-05-02 15:32 - 00310784 _____ () C:\Program Files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\SkeyLock.exe
2015-03-07 20:23 - 2015-03-07 20:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-07 20:23 - 2015-03-07 20:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-13 22:14 - 2015-04-13 22:14 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041302\algo.dll
2015-03-10 00:53 - 2014-12-05 04:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-03-10 00:53 - 2014-12-05 04:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-03-07 20:23 - 2015-03-07 20:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-11 23:29 - 2008-05-02 15:32 - 00049152 _____ () C:\Program Files (x86)\Fujitsu Keyboard Lock Status driver\Keyboard Lock Status driver\3.0\kLockDll.dll
2015-03-07 20:23 - 2015-03-07 20:23 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-07 20:23 - 2015-03-07 20:23 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
2015-04-06 19:29 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3326361065-4142631383-672199101-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.46.172.36 - 213.46.172.37
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3326361065-4142631383-672199101-500 - Administrator - Disabled)
Guest (S-1-5-21-3326361065-4142631383-672199101-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3326361065-4142631383-672199101-1002 - Limited - Enabled)
VT (S-1-5-21-3326361065-4142631383-672199101-1000 - Administrator - Enabled) => C:\Users\VT
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2015 00:04:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 11:51:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 10:39:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 10:13:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:20:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xd08
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Error: (04/13/2015 09:11:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:08:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2cc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Error: (04/13/2015 09:06:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x6ec
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Error: (04/13/2015 09:06:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/13/2015 11:51:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/13/2015 11:51:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/13/2015 11:51:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/13/2015 11:49:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/13/2015 11:47:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (04/13/2015 11:18:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/13/2015 11:16:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (04/13/2015 10:39:08 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%8604.7.0205.0%%886%%8920x80070002Systém nemůže nalézt uvedený soubor. 9
Error: (04/13/2015 10:38:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/13/2015 10:38:44 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (04/14/2015 00:04:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 11:51:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 10:39:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 10:13:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:20:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000d0801d0761da459e45eC:\Windows\Explorer.EXEunknowne28bbc4e-e210-11e4-b79f-d8cb8a31ca7f
Error: (04/13/2015 09:11:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/13/2015 09:08:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000000000002cc01d0761d24b9c5a8C:\Windows\Explorer.EXEunknown6b5a9db0-e210-11e4-92ba-c26f80088e85
Error: (04/13/2015 09:06:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000000000006ec01d0761cfde382f6C:\Windows\Explorer.EXEunknown3d330007-e210-11e4-b824-d8cb8a31ca7f
Error: (04/13/2015 09:06:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-04-13 23:51:12.932
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:51:12.916
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:51:12.900
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:51:12.869
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:47:53.797
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-13 23:47:53.782
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 11%
Total physical RAM: 16319.7 MB
Available physical RAM: 14476.79 MB
Total Pagefile: 32637.59 MB
Available Pagefile: 30714.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:232.69 GB) (Free:87.39 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:724.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 8E3E1C7C)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8E3E1C6D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Re: Stále znovu se objevující virus
Netreba zadnych akci - polozky jsou jiz v karantene - neskodne. Chtel bych Vam podekovat za popis stavu PC po kazdem kroku, protoze mi to znacne zprehlednuje situaci a usnadnuje dalsi postup. Skvela spoluprace. Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7 Logy jsou ciste, takze jeste uklidime.- Prejmenujte ComboFix na Uninstall a spustte jako spravce
- ComboFix se odinstaluje.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Stále znovu se objevující virus
Díky moc! Odezvy PC naprosto bez problémů. Rád přispěju na provoz fóra, už se nebojím logovat do internetbankingu (jen nevím, na kolik je zvykem takovou práci oceňovat). BTW budu vám vděčný za nějaké podrobnější informace o tom, co mě poslihlo - ze skrytého spoštění IE a spamovacího botu jsem byl dost nervózní.
Ještě jednou díky a za mě dobrou noc
VT
Ještě jednou díky a za mě dobrou noc
VT
Re: Stále znovu se objevující virus
Pro me osobne je nejcennejsi Vase spokojenost a Vase dekuji. Za pripadny prispevek na provoz fora Vam jmenem celeho tymu dekuji.
Tato infekce v zasade mohla ve Vasem pocitaci spustit jakykoliv kod, takze se neda urcit, co presne delala. Zde je jednoduchy popis o breberce, kterou jste v PC mel (mimojine vyrazovala sluzby MSE a Defenderu) http://www.virusradar.com/en/Win32_Sath ... escription
Zpusob nakazeni stroje taky nedokazu urcit. Mohl jste spustit zavirovany exe soubor, ale take se do systemu mohla dostat pomoci zranitelnosti (at jiz zname ci nezname tzv. zero-day), protoze jste nemel nainstalovane vsechny dulezite aktualizace operacniho systemu (IE11 apod.).
Nemate zac, rad jsem pomohl
Uz se pro dnesek odpojuju od internetu, at se jeste neco v klidu naucim, takze pripadne dalsi dotazy zodpovim zitra. Dobrou noc
Tato infekce v zasade mohla ve Vasem pocitaci spustit jakykoliv kod, takze se neda urcit, co presne delala. Zde je jednoduchy popis o breberce, kterou jste v PC mel (mimojine vyrazovala sluzby MSE a Defenderu) http://www.virusradar.com/en/Win32_Sath ... escription
Zpusob nakazeni stroje taky nedokazu urcit. Mohl jste spustit zavirovany exe soubor, ale take se do systemu mohla dostat pomoci zranitelnosti (at jiz zname ci nezname tzv. zero-day), protoze jste nemel nainstalovane vsechny dulezite aktualizace operacniho systemu (IE11 apod.).
Nemate zac, rad jsem pomohl
Uz se pro dnesek odpojuju od internetu, at se jeste neco v klidu naucim, takze pripadne dalsi dotazy zodpovim zitra. Dobrou noc
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?