Počítač si dělá co chce( sám píše ), záseky

Zpráva

Tulipan · #16 Příspěvek od **Tulipan** » 19 dub 2015 02:36

S rkillem jsem měl problém v pohodě jsem jej stáhnul, nicméně po spuštění jenom něco probliklo a to bylo vše. Nevím jak ten program pracuje, proto si nejsem jistý jestli to udělalo to co mělo. Každopádně žádný log mi to nevyhodilo. Jenom tam problikla nějaká tabulka a konec.

zde je log combofixu:

ComboFix 15-04-16.01 - HP 19.04.2015 3:29.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4076.2618 [GMT 2:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-19 do 2015-04-19 )))))))))))))))))))))))))))))))
.
.
2015-04-19 01:32 . 2015-04-19 01:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-18 07:41 . 2015-04-18 08:19 -------- d-----w- C:\FRST
2015-04-17 20:41 . 2015-04-17 20:48 -------- d-----w- c:\program files (x86)\Watch_Dogs - Complete Edition
2015-04-17 20:12 . 2015-04-17 20:21 30352 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-04-17 20:12 . 2015-04-17 20:12 -------- d-----w- c:\programdata\DAEMON Tools Lite
2015-04-17 19:43 . 2015-04-17 19:44 -------- d-----w- C:\AdwCleaner
2015-04-17 05:25 . 2015-04-17 05:27 -------- d-----w- C:\hry
2015-04-16 15:30 . 2015-04-16 15:31 -------- d-----w- C:\rsit
2015-04-16 15:30 . 2015-04-16 15:30 -------- d-----w- c:\program files\trend micro
2015-04-16 03:19 . 2015-04-16 03:19 136752 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-04-16 03:19 . 2015-04-16 03:19 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-04-16 03:19 . 2015-04-16 03:19 88408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-04-16 03:19 . 2015-04-16 03:19 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-04-16 03:19 . 2015-04-16 03:19 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-04-16 03:19 . 2015-04-16 03:19 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-04-16 03:19 . 2015-04-16 03:19 271200 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-04-16 03:19 . 2015-04-16 03:19 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-16 03:19 . 2015-04-16 03:19 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-16 03:19 . 2015-04-16 03:19 43112 ----a-w- c:\windows\avastSS.scr
2015-04-16 03:18 . 2015-04-16 03:18 -------- d-----w- c:\program files\AVAST Software
2015-04-16 03:14 . 2015-04-16 03:14 -------- d-----w- c:\programdata\AVAST Software
2015-04-15 22:01 . 2015-04-15 22:01 -------- d-----w- c:\program files (x86)\VideoLAN
2015-04-15 18:44 . 2015-04-15 18:45 -------- d-----w- c:\programdata\Recovery
2015-04-15 16:41 . 2015-04-15 16:41 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 16:41 . 2015-04-15 16:41 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-15 16:41 . 2015-04-15 16:41 -------- d-----w- c:\windows\system32\Macromed
2015-04-15 15:49 . 2015-04-08 20:32 560968 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-04-15 15:48 . 2015-04-08 17:52 4336074 ----a-w- c:\windows\system32\nvcoproc.bin
2015-04-15 15:37 . 2015-03-28 03:44 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-04-15 15:37 . 2015-03-28 03:44 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-04-15 15:37 . 2015-03-28 03:43 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-04-15 15:37 . 2015-03-28 03:43 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-04-15 15:36 . 2014-11-22 10:46 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-04-15 15:36 . 2014-11-22 10:46 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-04-15 15:36 . 2014-11-22 10:46 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-04-15 15:35 . 2015-04-18 09:52 348672 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-04-15 15:30 . 2015-04-15 15:30 -------- d-----w- c:\programdata\EA Core
2015-04-15 15:30 . 2015-04-15 20:40 -------- d-----w- c:\programdata\EA Logs
2015-04-15 15:24 . 2015-04-15 20:43 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2015-04-15 15:14 . 2015-04-15 15:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-04-15 14:59 . 2009-09-04 15:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2015-04-15 13:33 . 2015-04-15 13:41 -------- d-----w- c:\program files (x86)\Origin Games
2015-04-15 13:31 . 2015-04-18 08:53 -------- d-----w- c:\programdata\Origin
2015-04-15 13:31 . 2015-04-15 15:31 -------- d-----w- c:\programdata\Electronic Arts
2015-04-15 13:31 . 2015-04-15 13:32 -------- d-----w- c:\program files (x86)\Origin
2015-04-15 13:20 . 2015-04-15 13:20 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-04-15 13:20 . 2015-04-15 13:20 -------- d-----r- c:\program files (x86)\Skype
2015-04-15 13:20 . 2015-04-15 13:20 -------- d-----w- c:\programdata\Skype
2015-04-15 13:17 . 2015-04-15 13:17 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2015-04-15 13:13 . 2015-04-15 13:14 -------- d-----w- c:\program files (x86)\Google
2015-04-15 13:03 . 2015-04-15 13:03 -------- d-----w- c:\users\Public\Symantec
2015-04-15 13:03 . 2015-04-15 19:16 -------- d-----w- c:\users\HP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 13:03 . 2010-06-24 18:33 23768 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-04-09 00:58 . 2011-08-16 11:11 17176128 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-04-09 00:58 . 2011-08-16 11:11 14617288 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-04-09 00:58 . 2011-08-16 11:11 12689592 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-04-09 00:58 . 2011-08-16 11:11 3317344 ----a-w- c:\windows\system32\nvapi64.dll
2015-04-08 21:30 . 2011-03-30 08:45 6841488 ----a-w- c:\windows\system32\nvcpl.dll
2015-04-08 21:30 . 2011-03-30 08:44 3478344 ----a-w- c:\windows\system32\nvsvc64.dll
2015-04-08 21:30 . 2011-03-30 08:45 936264 ----a-w- c:\windows\system32\nvvsvc.exe
2015-04-08 21:30 . 2011-03-30 08:45 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-04-08 21:30 . 2011-03-30 08:45 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-04-08 21:30 . 2011-03-30 08:45 385168 ----a-w- c:\windows\system32\nvmctray.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-03-25 31682144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe" [2009-04-04 385024]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-02-10 61112]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-16 5512912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-15 13:14 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-04-15 13:13]
.
2015-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-04-15 13:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-16 03:19 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-26 835072]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com?pc=HPDTDF
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
mStart Page = hxxp://www.bing.com?pc=HPDTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8iznmrlj.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-BATINDICATOR - c:\program files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-04-19 03:33:53
ComboFix-quarantined-files.txt 2015-04-19 01:33
.
Před spuštěním: Volných bajtů: 750 136 258 560
Po spuštění: Volných bajtů: 750 325 698 560
.
- - End Of File - - 4F00B68CE05C1EE4A7643A3654F12BAF

Jdu si lehnout, předem se omlouvám jestli zítra nebudu reagovat hned z rána, pokud zaspim tak další logy a věci budu reagovat až se probudím.
Děkuji za pomoc.

Tulipan · #17 Příspěvek od **Tulipan** » 19 dub 2015 02:40

tak nyní po odhlášení a přihlášení jsem zkusil znovu Rkill a ani nic neprobliklo a rovnou mi to vyhodilo tento log:

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/19/2015 03:38:58 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 1052) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 04/19/2015 03:39:07 AM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)

#18 Příspěvek od **altrok** » 19 dub 2015 20:41

Dobry vecer, omlouvam se za prodlevu, ale o vikendu si davam od vseho pauzu

35% vyuziti RAMky se zda byt v poradku. Od toho tam pamet je, aby se vyuzivala a netahalo se vsechno neustale z HDD.

Pokud jeste nemate, presunte ComboFix na plochu.

Otevrete Poznamkovy blok (Start -> Spustit -> notepad)

zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=-

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Tulipan · #19 Příspěvek od **Tulipan** » 19 dub 2015 21:23

Dobrý večer, nevadí já jsem zase prospal celý den

. 16 hodinové směny zmáhají.
Žádná hláška ani zásek neproběhl, combofix bez problému prošel, restart proběhl, po restartu se mi vyhodil log:

ComboFix 15-04-16.01 - HP 19.04.2015 22:10:00.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4076.2645 [GMT 2:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HP\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-19 do 2015-04-19 )))))))))))))))))))))))))))))))
.
.
2015-04-19 20:17 . 2015-04-19 20:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-19 19:05 . 2015-04-19 19:05 -------- d-----w- c:\program files (x86)\SQUARE ENIX
2015-04-19 19:04 . 2015-04-19 19:04 -------- d-----w- c:\windows\Downloaded Installations
2015-04-19 19:04 . 2015-04-19 19:05 -------- d-----w- c:\program files (x86)\Lenovo
2015-04-19 19:04 . 2015-04-19 19:04 -------- d-----w- c:\program files (x86)\Disc Soft
2015-04-19 19:03 . 2015-04-19 19:04 -------- d-----w- c:\program files\DAEMON Tools Lite
2015-04-19 19:01 . 2015-04-19 19:01 -------- d-----w- c:\users\Public\CyberLink
2015-04-19 13:01 . 2015-04-19 13:02 -------- d-----w- c:\program files (x86)\Webshare
2015-04-19 02:48 . 2015-04-19 02:48 -------- d-----w- c:\programdata\Orbit
2015-04-18 07:41 . 2015-04-18 08:19 -------- d-----w- C:\FRST
2015-04-17 20:41 . 2015-04-17 20:48 -------- d-----w- c:\program files (x86)\Watch_Dogs - Complete Edition
2015-04-17 20:12 . 2015-04-17 20:21 30352 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-04-17 20:12 . 2015-04-17 20:12 -------- d-----w- c:\programdata\DAEMON Tools Lite
2015-04-17 19:43 . 2015-04-17 19:44 -------- d-----w- C:\AdwCleaner
2015-04-17 05:25 . 2015-04-19 18:30 -------- d-----w- C:\hry
2015-04-16 15:30 . 2015-04-16 15:31 -------- d-----w- C:\rsit
2015-04-16 15:30 . 2015-04-16 15:30 -------- d-----w- c:\program files\trend micro
2015-04-16 03:19 . 2015-04-16 03:19 136752 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-04-16 03:19 . 2015-04-16 03:19 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-04-16 03:19 . 2015-04-16 03:19 88408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-04-16 03:19 . 2015-04-16 03:19 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-04-16 03:19 . 2015-04-16 03:19 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-04-16 03:19 . 2015-04-16 03:19 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-04-16 03:19 . 2015-04-16 03:19 271200 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-04-16 03:19 . 2015-04-16 03:19 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-16 03:19 . 2015-04-16 03:19 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-16 03:19 . 2015-04-16 03:19 43112 ----a-w- c:\windows\avastSS.scr
2015-04-16 03:18 . 2015-04-16 03:18 -------- d-----w- c:\program files\AVAST Software
2015-04-16 03:14 . 2015-04-16 03:14 -------- d-----w- c:\programdata\AVAST Software
2015-04-15 22:01 . 2015-04-15 22:01 -------- d-----w- c:\program files (x86)\VideoLAN
2015-04-15 18:44 . 2015-04-15 18:45 -------- d-----w- c:\programdata\Recovery
2015-04-15 16:41 . 2015-04-15 16:41 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 16:41 . 2015-04-15 16:41 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-15 16:41 . 2015-04-15 16:41 -------- d-----w- c:\windows\system32\Macromed
2015-04-15 15:49 . 2015-04-08 20:32 560968 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-04-15 15:48 . 2015-04-08 17:52 4336074 ----a-w- c:\windows\system32\nvcoproc.bin
2015-04-15 15:37 . 2015-03-28 03:44 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-04-15 15:37 . 2015-03-28 03:44 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-04-15 15:37 . 2015-03-28 03:43 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-04-15 15:37 . 2015-03-28 03:43 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-04-15 15:36 . 2014-11-22 10:46 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-04-15 15:36 . 2014-11-22 10:46 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-04-15 15:36 . 2014-11-22 10:46 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-04-15 15:35 . 2015-04-19 09:02 348672 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-04-15 15:30 . 2015-04-15 15:30 -------- d-----w- c:\programdata\EA Core
2015-04-15 15:30 . 2015-04-15 20:40 -------- d-----w- c:\programdata\EA Logs
2015-04-15 15:24 . 2015-04-15 20:43 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2015-04-15 15:14 . 2015-04-15 15:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-04-15 14:59 . 2009-09-04 15:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2015-04-15 13:33 . 2015-04-15 13:41 -------- d-----w- c:\program files (x86)\Origin Games
2015-04-15 13:31 . 2015-04-19 05:30 -------- d-----w- c:\programdata\Origin
2015-04-15 13:31 . 2015-04-15 15:31 -------- d-----w- c:\programdata\Electronic Arts
2015-04-15 13:31 . 2015-04-15 13:32 -------- d-----w- c:\program files (x86)\Origin
2015-04-15 13:20 . 2015-04-15 13:20 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-04-15 13:20 . 2015-04-15 13:20 -------- d-----r- c:\program files (x86)\Skype
2015-04-15 13:20 . 2015-04-15 13:20 -------- d-----w- c:\programdata\Skype
2015-04-15 13:17 . 2015-04-15 13:17 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2015-04-15 13:13 . 2015-04-15 13:14 -------- d-----w- c:\program files (x86)\Google
2015-04-15 13:03 . 2015-04-15 13:03 -------- d-----w- c:\users\Public\Symantec
2015-04-15 13:03 . 2015-04-15 19:16 -------- d-----w- c:\users\HP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 13:03 . 2010-06-24 18:33 23768 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-04-09 00:58 . 2011-08-16 11:11 17176128 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-04-09 00:58 . 2011-08-16 11:11 14617288 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-04-09 00:58 . 2011-08-16 11:11 12689592 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-04-09 00:58 . 2011-08-16 11:11 3317344 ----a-w- c:\windows\system32\nvapi64.dll
2015-04-08 21:30 . 2011-03-30 08:45 6841488 ----a-w- c:\windows\system32\nvcpl.dll
2015-04-08 21:30 . 2011-03-30 08:44 3478344 ----a-w- c:\windows\system32\nvsvc64.dll
2015-04-08 21:30 . 2011-03-30 08:45 936264 ----a-w- c:\windows\system32\nvvsvc.exe
2015-04-08 21:30 . 2011-03-30 08:45 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-04-08 21:30 . 2011-03-30 08:45 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-04-08 21:30 . 2011-03-30 08:45 385168 ----a-w- c:\windows\system32\nvmctray.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-03-25 31682144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2015-02-27 5583120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe" [2009-04-04 385024]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-02-10 61112]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-16 5512912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-15 13:14 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-16 03:19 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-26 835072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com?pc=HPDTDF
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
mStart Page = hxxp://www.bing.com?pc=HPDTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8iznmrlj.default\
user_pref(extensions.autoDisableScopes,14);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{d640ce67-58e4-43c2-9adc-6bb959d7c606} - c:\program files (x86)\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2015-04-19 22:20:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-04-19 20:20
ComboFix2.txt 2015-04-19 01:33
.
Před spuštěním: Volných bajtů: 726 376 275 968
Po spuštění: Volných bajtů: 726 565 527 552
.
- - End Of File - - 7DB304A9F1168EF40EEDAC9D5EE93DEE

#20 Příspěvek od **altrok** » 19 dub 2015 21:26

Vyborne, jak casto se problem projevuje? Stale se projevuje?

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Tulipan · #21 Příspěvek od **Tulipan** » 19 dub 2015 21:32

Problém jsem momentálně nezaznamenal ( stím psaním ) nic méně včera večer se to ještě dělo ve hrách kdy mi počítač sám od sebe neustále psal věci jako BLOWJOB a erotický podtext do chatu u hry battlefield.

Klávesa "DELETE" začala fungovat, za to vám moc děkuji.

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015
Ran by HP (administrator) on HP-HP on 19-04-2015 22:28:47
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available profiles: HP)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-26] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LaunchHPOSIAPP] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe [385024 2009-04-04] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-02-10] (EasyBits Software AS)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-16] (Avast Software s.r.o.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> {5F3F9639-E5E6-4C72-92D2-32A40E19016D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {5F3F9639-E5E6-4C72-92D2-32A40E19016D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-512532572-2427873822-1548518363-1000 -> {5F3F9639-E5E6-4C72-92D2-32A40E19016D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-16] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-16] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Dragon Branch -> {d640ce67-58e4-43c2-9adc-6bb959d7c606} -> C:\Program Files (x86)\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll No File
Toolbar: HKU\S-1-5-21-512532572-2427873822-1548518363-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-08-16] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8iznmrlj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF user.js: detected! => C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8iznmrlj.default\user.js [2015-04-19]
FF Extension: Dragon Branch - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\8iznmrlj.default\Extensions\{4e5f8bc2-d16f-4c2c-9f65-4de08f473fcd}.xpi [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-16]

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15]
CHR Extension: (Google Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]
CHR Extension: (Google Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15]
CHR Extension: (Bookmark Manager) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15]
CHR Extension: (Google Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]
CHR Extension: (Google Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15]
CHR Extension: (Bookmark Manager) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Google Wallet) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-16] (Avast Software s.r.o.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-01] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-15] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-15] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-16] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-16] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-16] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-16] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-16] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-16] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-17] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 22:20 - 2015-04-19 22:20 - 00015895 _____ () C:\ComboFix.txt
2015-04-19 21:38 - 2015-04-19 21:57 - 00004221 _____ () C:\Users\HP\Documents\TombRaider.log
2015-04-19 21:38 - 2015-04-19 21:38 - 00000000 ____D () C:\Users\HP\AppData\Local\SKIDROW
2015-04-19 21:31 - 2015-04-19 21:31 - 00002095 _____ () C:\Users\Public\Desktop\Tombraider.lnk
2015-04-19 21:31 - 2015-04-19 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2015-04-19 21:05 - 2015-04-19 21:05 - 00000000 ____D () C:\Program Files (x86)\SQUARE ENIX
2015-04-19 21:04 - 2015-04-19 21:05 - 00000000 ____D () C:\Users\HP\AppData\Local\Lenovo
2015-04-19 21:04 - 2015-04-19 21:05 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-04-19 21:04 - 2015-04-19 21:04 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2015-04-19 21:04 - 2015-04-19 21:04 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-04-19 21:04 - 2015-04-19 21:04 - 00000000 ____D () C:\Users\HP\AppData\Roaming\RHEng
2015-04-19 21:04 - 2015-04-19 21:04 - 00000000 ____D () C:\Program Files (x86)\Disc Soft
2015-04-19 21:03 - 2015-04-19 21:04 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2015-04-19 21:03 - 2015-04-19 21:03 - 00001745 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-04-19 21:03 - 2015-04-19 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-04-19 21:02 - 2015-04-19 21:03 - 13146016 _____ (Disc Soft Ltd) C:\Users\HP\Downloads\DTLite501-0406(1).exe
2015-04-19 21:01 - 2015-04-19 21:01 - 00000000 ____D () C:\Users\Public\CyberLink
2015-04-19 21:01 - 2015-04-19 21:01 - 00000000 ____D () C:\Users\HP\AppData\Roaming\CyberLink
2015-04-19 15:01 - 2015-04-19 15:02 - 00000000 ____D () C:\Program Files (x86)\Webshare
2015-04-19 15:00 - 2015-04-19 15:00 - 56096937 _____ (Webshare.cz) C:\Users\HP\Downloads\WebshareDLC-installer1110.exe
2015-04-19 11:42 - 2015-04-19 11:43 - 197142528 _____ () C:\Users\HP\Downloads\dva-a-pul-chlapa-7x06-dej-mi-palec-xvid-dvb-hypr-cz.avi
2015-04-19 04:48 - 2015-04-19 04:48 - 00000000 ____D () C:\Users\HP\Documents\My Games
2015-04-19 04:48 - 2015-04-19 04:48 - 00000000 ____D () C:\ProgramData\Orbit
2015-04-19 03:38 - 2015-04-19 03:39 - 00002142 _____ () C:\Users\HP\Desktop\Rkill.txt
2015-04-19 03:28 - 2015-04-19 22:20 - 00000000 ____D () C:\Qoobox
2015-04-19 03:28 - 2015-04-19 22:17 - 00000000 ____D () C:\Windows\erdnt
2015-04-19 03:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-19 03:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-19 03:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-19 03:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-19 03:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-19 03:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-19 03:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-19 03:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-19 03:26 - 2015-04-19 03:27 - 05618696 ____R (Swearware) C:\Users\HP\Desktop\ComboFix.exe
2015-04-19 03:26 - 2015-04-19 03:26 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\HP\Desktop\rkill.exe
2015-04-19 01:59 - 2015-04-19 02:01 - 206573568 _____ () C:\Users\HP\Downloads\Dva-a-pul-Chlapa-6x07.avi
2015-04-19 01:59 - 2015-04-19 02:01 - 200284160 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa---6x06---Bylo-to-o-nacistech.avi
2015-04-19 01:59 - 2015-04-19 02:00 - 201326592 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa---6x05---Nosi-se-v-pekle-suspenzory.avi
2015-04-19 01:58 - 2015-04-19 01:58 - 00896048 _____ () C:\Users\HP\Desktop\Norton_Removal_Tool.exe
2015-04-18 18:30 - 2015-04-18 18:31 - 198187008 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa---6x04---Uz-nejsem-ten-stary-Charlie.avi
2015-04-18 13:31 - 2015-04-18 13:32 - 199247872 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa---6x03---Vseho-s-mirou.avi
2015-04-18 12:50 - 2015-04-18 12:51 - 207618048 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa---6x02---Mam-rad-kulaty-cisla.avi
2015-04-18 12:38 - 2015-04-18 12:40 - 181840896 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa---6x01---Je-to-pako-plod-nasi-lasky.avi
2015-04-18 10:46 - 2015-04-18 10:46 - 00002446 _____ () C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
2015-04-18 10:46 - 2015-04-18 10:46 - 00000000 ____D () C:\Users\HP\AppData\Roaming\WildTangent
2015-04-18 10:32 - 2015-04-18 10:32 - 00000534 _____ () C:\Users\HP\Desktop\MBRDUMP.rar
2015-04-18 10:19 - 2015-04-18 10:19 - 00000512 _____ () C:\Users\HP\Desktop\MBRDUMP.txt
2015-04-18 09:53 - 2015-04-18 09:53 - 00063568 _____ () C:\Users\HP\Desktop\MbrScan.log
2015-04-18 09:53 - 2015-04-18 09:53 - 00000512 _____ () C:\Users\HP\Desktop\Dump_Hdd0_DR0.mbr
2015-04-18 09:52 - 2015-04-18 09:52 - 00147456 _____ (Eric_71) C:\Users\HP\Desktop\MbrScan.exe
2015-04-18 09:43 - 2015-04-18 09:43 - 00027893 _____ () C:\Addition.txt
2015-04-18 09:42 - 2015-04-19 22:29 - 00016684 _____ () C:\Users\HP\Desktop\FRST.txt
2015-04-18 09:42 - 2015-04-18 09:43 - 00070394 _____ () C:\FRST.txt
2015-04-18 09:41 - 2015-04-19 22:28 - 00000000 ____D () C:\FRST
2015-04-18 09:37 - 2015-04-18 09:37 - 02098176 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2015-04-17 22:48 - 2015-04-17 22:48 - 00001382 _____ () C:\Users\Public\Desktop\Watch_Dogs - Complete Edition.lnk
2015-04-17 22:41 - 2015-04-17 22:48 - 00000000 ____D () C:\Program Files (x86)\Watch_Dogs - Complete Edition
2015-04-17 22:12 - 2015-04-17 22:21 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-04-17 22:12 - 2015-04-17 22:21 - 00000000 ____D () C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2015-04-17 22:12 - 2015-04-17 22:12 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-04-17 22:11 - 2015-04-17 22:11 - 13146016 _____ (Disc Soft Ltd) C:\Users\HP\Downloads\DTLite501-0406.exe
2015-04-17 21:43 - 2015-04-17 21:44 - 00000000 ____D () C:\AdwCleaner
2015-04-17 20:52 - 2015-04-17 20:55 - 182577152 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa-3x06.avi
2015-04-17 20:23 - 2015-04-17 20:23 - 02217984 _____ () C:\Users\HP\Desktop\adwcleaner_4.201.exe
2015-04-17 13:06 - 2015-04-17 13:19 - 3539151930 _____ () C:\Users\HP\Downloads\Pirati-z-Karibiku-2-Truhla-mrtveho-muze-2006.mkv
2015-04-17 07:53 - 2015-04-17 08:07 - 1244657712 _____ () C:\Users\HP\Downloads\Saga-prokleti-stinu-akcni-fantasy-2013-cz-SABRI.avi
2015-04-17 07:52 - 2015-04-17 08:14 - 2938026664 _____ () C:\Users\HP\Downloads\Mythica-A-Quest-for-Heroes-1080p-x264-DTS-Eng-Cz-tit-2015.mkv
2015-04-17 07:38 - 2015-04-17 08:19 - 2055987514 _____ () C:\Users\HP\Downloads\Need.for.Speed.2014.720p.BluRay.x264.DTS.CZ-4play.mkv
2015-04-17 07:36 - 2015-04-17 07:43 - 1009413816 _____ () C:\Users\HP\Downloads\Son-of-a-Gun-cz-tit.v-obraze.csfd-72-akcni-krimi-2014.avi
2015-04-17 07:25 - 2015-04-19 20:30 - 00000000 ____D () C:\hry
2015-04-16 21:23 - 2015-04-17 21:59 - 00000000 ____D () C:\Users\HP\AppData\Local\CrashDumps
2015-04-16 19:11 - 2015-04-16 19:11 - 00007642 _____ () C:\Users\HP\AppData\Local\Resmon.ResmonCfg
2015-04-16 17:30 - 2015-04-16 17:31 - 00000000 ____D () C:\rsit
2015-04-16 17:30 - 2015-04-16 17:30 - 00000000 ____D () C:\Program Files\trend micro
2015-04-16 17:29 - 2015-04-16 17:29 - 01222144 _____ () C:\Users\HP\Downloads\RSITx64.exe
2015-04-16 05:47 - 2015-04-16 05:48 - 182868016 _____ () C:\Users\HP\Downloads\Dva-a-pul-Chlapa-4x04.avi
2015-04-16 05:44 - 2015-04-16 05:45 - 182890395 _____ () C:\Users\HP\Downloads\Dva_a_pul_chlapa_4x03.avi
2015-04-16 05:21 - 2015-04-16 05:21 - 00000000 ____D () C:\Users\HP\AppData\Roaming\AVAST Software
2015-04-16 05:20 - 2015-04-16 05:20 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-16 05:20 - 2015-04-16 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-16 05:19 - 2015-04-16 05:21 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-16 05:19 - 2015-04-16 05:19 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-16 05:19 - 2015-04-16 05:19 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-16 05:19 - 2015-04-16 05:19 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-16 05:19 - 2015-04-16 05:19 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-16 05:19 - 2015-04-16 05:19 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-16 05:19 - 2015-04-16 05:19 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-16 05:19 - 2015-04-16 05:19 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-16 05:19 - 2015-04-16 05:19 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-16 05:19 - 2015-04-16 05:19 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-16 05:19 - 2015-04-16 05:19 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-16 05:18 - 2015-04-16 05:18 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-16 05:17 - 2015-04-16 05:19 - 182892544 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa-4x01.avi
2015-04-16 05:17 - 2015-04-16 05:19 - 182870016 _____ () C:\Users\HP\Downloads\Dva-a-pul-chlapa-4x02.avi
2015-04-16 05:14 - 2015-04-16 05:14 - 05481352 _____ (Avast Software s.r.o.) C:\Users\HP\Downloads\avast_free_antivirus_setup_online.exe
2015-04-16 05:14 - 2015-04-16 05:14 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-16 00:59 - 2015-04-19 22:21 - 00047712 _____ () C:\Windows\WindowsUpdate.log
2015-04-16 00:57 - 2015-04-16 00:57 - 00000056 ____H () C:\Windows\SysWOW64\ezsidmv.dat
2015-04-16 00:06 - 2015-04-19 21:26 - 00000000 ____D () C:\Users\HP\AppData\Roaming\vlc
2015-04-16 00:01 - 2015-04-16 00:01 - 00001068 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-16 00:01 - 2015-04-16 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-04-16 00:01 - 2015-04-16 00:01 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-04-15 23:59 - 2015-04-16 00:10 - 2819718075 _____ () C:\Users\HP\Downloads\Sedmy-Syn-Seventh-Son-1080p-x264-AC3-Eng-Cz-tit-2014.mkv
2015-04-15 23:59 - 2015-04-16 00:00 - 28509232 _____ () C:\Users\HP\Downloads\vlc-2.2.0-win32.exe
2015-04-15 22:42 - 2015-04-15 22:43 - 01533584 _____ () C:\Users\HP\Downloads\battlelog-web-plugins_2.6.2_157 (1).exe
2015-04-15 21:16 - 2015-04-15 21:16 - 00000000 ____D () C:\Users\HP\hpremote
2015-04-15 20:44 - 2015-04-15 20:45 - 00000000 ____D () C:\ProgramData\Recovery
2015-04-15 18:42 - 2015-04-15 18:42 - 00000000 ____D () C:\Users\HP\AppData\Local\Macromedia
2015-04-15 18:41 - 2015-04-15 18:42 - 00000000 ____D () C:\Users\HP\AppData\Local\Adobe
2015-04-15 18:41 - 2015-04-15 18:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 18:41 - 2015-04-15 18:41 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 18:41 - 2015-04-15 18:41 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-15 18:08 - 2015-04-15 18:08 - 00000000 ____D () C:\Users\HP\Downloads\Nová složka
2015-04-15 18:08 - 2015-04-15 18:08 - 00000000 ____D () C:\Users\HP\AppData\Roaming\WinRAR
2015-04-15 18:06 - 2015-04-15 18:06 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-15 18:06 - 2015-04-15 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-15 18:05 - 2015-04-15 18:06 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2015-04-15 18:04 - 2015-04-15 18:04 - 01945832 _____ () C:\Users\HP\Downloads\wrar521cz.exe
2015-04-15 17:49 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-15 17:48 - 2015-04-08 19:52 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-15 17:46 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-15 17:46 - 2015-04-09 02:58 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-04-15 17:46 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-15 17:46 - 2015-04-09 02:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-04-15 17:39 - 2015-04-15 17:39 - 00001379 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-15 17:39 - 2015-04-15 17:39 - 00000000 ____D () C:\Users\HP\AppData\Local\NVIDIA Corporation
2015-04-15 17:39 - 2015-04-15 17:39 - 00000000 ____D () C:\Users\HP\AppData\Local\NVIDIA
2015-04-15 17:37 - 2015-03-28 05:44 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-04-15 17:37 - 2015-03-28 05:44 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-04-15 17:37 - 2015-03-28 05:43 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-04-15 17:37 - 2015-03-28 05:43 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-04-15 17:36 - 2014-11-22 12:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-04-15 17:36 - 2014-11-22 12:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-04-15 17:36 - 2014-11-22 12:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-04-15 17:35 - 2015-04-19 11:02 - 00348672 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-04-15 17:35 - 2015-04-15 17:35 - 00000000 ____D () C:\Users\HP\AppData\Local\PunkBuster
2015-04-15 17:34 - 2015-04-15 17:34 - 36450560 _____ (NVIDIA Corporation) C:\Users\HP\Downloads\GeForce_Experience_v2.4.1.21.exe
2015-04-15 17:30 - 2015-04-15 17:31 - 00000000 ____D () C:\Users\HP\Documents\Battlefield 3
2015-04-15 17:30 - 2015-04-15 17:30 - 00000000 ____D () C:\Users\HP\AppData\Local\ESN
2015-04-15 17:30 - 2015-04-15 17:30 - 00000000 ____D () C:\ProgramData\EA Core
2015-04-15 17:29 - 2015-04-15 17:29 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Macromedia
2015-04-15 17:24 - 2015-04-15 22:43 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-04-15 17:21 - 2015-04-15 17:21 - 00000000 ____D () C:\Users\HP\AppData\Roaming\hpqLog
2015-04-15 17:14 - 2015-04-15 17:14 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-15 17:14 - 2015-04-15 17:14 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-15 17:14 - 2015-04-15 17:14 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Mozilla
2015-04-15 17:14 - 2015-04-15 17:14 - 00000000 ____D () C:\Users\HP\AppData\Local\Mozilla
2015-04-15 17:14 - 2015-04-15 17:14 - 00000000 ____D () C:\ProgramData\Mozilla
2015-04-15 17:14 - 2015-04-15 17:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-15 17:14 - 2015-04-15 17:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 17:13 - 2015-04-15 17:13 - 00243504 _____ () C:\Users\HP\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-15 17:04 - 2015-04-15 17:08 - 01533584 _____ () C:\Users\HP\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-04-15 17:00 - 2015-04-19 11:02 - 00348672 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-04-15 17:00 - 2015-04-19 11:02 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-04-15 17:00 - 2015-04-15 18:26 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-15 17:00 - 2015-04-15 17:00 - 00001172 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2015-04-15 17:00 - 2015-04-15 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-04-15 17:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-04-15 17:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-04-15 17:00 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-04-15 17:00 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-04-15 17:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-04-15 17:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-04-15 17:00 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-04-15 17:00 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-04-15 17:00 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-04-15 17:00 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-04-15 17:00 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-04-15 17:00 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-04-15 17:00 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-04-15 17:00 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-04-15 17:00 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-04-15 16:59 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-04-15 16:59 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-04-15 16:59 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-04-15 16:59 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-04-15 16:59 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-04-15 16:59 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-04-15 16:59 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-04-15 16:59 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-04-15 16:59 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-04-15 16:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-04-15 16:59 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-04-15 16:59 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-04-15 16:59 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-04-15 16:59 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-04-15 16:59 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-04-15 16:59 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-04-15 16:59 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-04-15 16:59 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-04-15 16:59 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-04-15 16:59 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-04-15 16:59 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-04-15 16:59 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-04-15 16:59 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-04-15 16:59 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-04-15 16:59 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-04-15 16:59 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-04-15 16:59 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-04-15 16:59 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-04-15 16:59 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-04-15 16:59 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-04-15 16:59 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-04-15 16:59 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-04-15 16:59 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-04-15 16:59 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-04-15 16:59 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-04-15 16:59 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-04-15 16:59 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-04-15 16:59 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-04-15 16:59 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-04-15 16:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-04-15 16:59 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-04-15 16:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-04-15 16:59 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-04-15 16:59 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-04-15 16:59 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-04-15 16:59 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-04-15 16:59 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-04-15 16:59 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-04-15 16:59 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-04-15 16:59 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-04-15 16:59 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-04-15 16:59 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-04-15 16:59 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-04-15 16:59 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-04-15 16:59 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-04-15 16:59 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-04-15 16:59 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-04-15 16:59 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-04-15 16:59 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-04-15 16:59 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-04-15 16:59 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-04-15 16:59 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-04-15 16:59 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-04-15 16:59 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-04-15 16:59 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-04-15 16:59 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-04-15 16:59 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-04-15 16:59 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-04-15 16:59 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-04-15 16:59 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-04-15 16:59 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-04-15 16:59 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-04-15 16:59 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-04-15 16:59 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-04-15 16:59 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-04-15 16:59 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-04-15 16:59 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-04-15 16:59 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-04-15 16:59 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-04-15 16:59 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-04-15 16:59 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-04-15 16:59 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-04-15 16:59 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-04-15 16:59 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-04-15 16:59 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-04-15 16:59 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-04-15 16:59 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-04-15 16:59 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-04-15 16:59 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-04-15 16:59 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-04-15 16:59 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-04-15 16:59 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-04-15 16:59 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-04-15 16:59 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-04-15 16:59 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-04-15 16:59 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-04-15 16:59 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-04-15 16:59 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-04-15 16:59 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-04-15 16:59 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-04-15 16:59 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-04-15 16:59 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-04-15 16:59 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-04-15 16:59 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-04-15 16:59 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-04-15 16:59 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-04-15 16:59 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-04-15 16:59 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-04-15 16:59 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-04-15 16:59 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-04-15 16:59 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-04-15 16:59 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-04-15 16:59 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-04-15 16:59 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-04-15 16:59 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-04-15 16:59 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-04-15 16:59 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-04-15 16:59 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-04-15 16:59 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-04-15 16:59 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-04-15 16:59 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-04-15 16:59 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-04-15 16:59 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-04-15 16:59 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-04-15 16:59 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-04-15 16:59 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-04-15 16:59 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-04-15 16:59 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-04-15 16:59 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-04-15 16:59 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-04-15 16:59 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-04-15 16:59 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-04-15 16:59 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-04-15 16:59 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-04-15 16:59 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-04-15 16:59 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-04-15 16:59 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-04-15 16:59 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-04-15 16:59 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-04-15 16:59 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-04-15 16:59 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-04-15 16:59 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-04-15 16:59 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-04-15 16:59 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-04-15 16:59 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-04-15 16:59 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-04-15 16:59 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-04-15 16:59 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-04-15 16:59 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-04-15 16:59 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-04-15 15:39 - 2015-04-15 15:50 - 1646895104 _____ () C:\Users\HP\Downloads\Purpurove-reky_2000_Krimi_CZdabink_DVDRip-Lt.avi
2015-04-15 15:33 - 2015-04-15 15:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-04-15 15:32 - 2015-04-15 17:30 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Origin
2015-04-15 15:32 - 2015-04-15 17:30 - 00000000 ____D () C:\Users\HP\AppData\Local\Origin
2015-04-15 15:31 - 2015-04-19 07:30 - 00000000 ____D () C:\ProgramData\Origin
2015-04-15 15:31 - 2015-04-15 17:31 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-04-15 15:31 - 2015-04-15 15:32 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-15 15:31 - 2015-04-15 15:31 - 00000981 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-04-15 15:31 - 2015-04-15 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-04-15 15:23 - 2015-04-15 15:23 - 17110336 _____ (Electronic Arts, Inc.) C:\Users\HP\Downloads\OriginThinSetup.exe
2015-04-15 15:20 - 2015-04-19 22:02 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2015-04-15 15:20 - 2015-04-15 15:20 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-15 15:20 - 2015-04-15 15:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 15:20 - 2015-04-15 15:20 - 00000000 ____D () C:\Users\HP\Tracing
2015-04-15 15:20 - 2015-04-15 15:20 - 00000000 ____D () C:\Users\HP\AppData\Local\Skype
2015-04-15 15:20 - 2015-04-15 15:20 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 15:20 - 2015-04-15 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 15:19 - 2015-04-15 15:19 - 01380960 _____ (Skype Technologies S.A.) C:\Users\HP\Downloads\SkypeSetup.exe
2015-04-15 15:17 - 2015-04-15 19:53 - 00000000 ____D () C:\Users\HP\AppData\Roaming\TS3Client
2015-04-15 15:17 - 2015-04-15 15:17 - 00001164 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-04-15 15:17 - 2015-04-15 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-04-15 15:17 - 2015-04-15 15:17 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2015-04-15 15:16 - 2015-04-15 15:16 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\HP\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2015-04-15 15:14 - 2015-04-15 15:14 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-15 15:14 - 2015-04-15 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-15 15:13 - 2015-04-15 15:14 - 00000000 ____D () C:\Users\HP\AppData\Local\Google
2015-04-15 15:13 - 2015-04-15 15:14 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-15 15:13 - 2015-04-15 15:13 - 00003940 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-15 15:13 - 2015-04-15 15:13 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-15 15:13 - 2015-04-15 15:13 - 00000000 ____D () C:\Users\HP\AppData\Local\Deployment
2015-04-15 15:13 - 2015-04-15 15:13 - 00000000 ____D () C:\Users\HP\AppData\Local\Apps\2.0
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Adobe
2015-04-15 15:06 - 2015-04-15 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-15 15:06 - 2015-04-15 15:06 - 00003846 _____ () C:\Windows\System32\Tasks\SetupManager
2015-04-15 15:06 - 2015-04-15 15:06 - 00003504 _____ () C:\Windows\System32\Tasks\Registration
2015-04-15 15:06 - 2015-04-15 15:06 - 00001445 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-15 15:06 - 2015-04-15 15:06 - 00001411 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-04-15 15:06 - 2015-04-15 15:06 - 00000000 ____D () C:\Users\HP\AppData\Local\VirtualStore
2015-04-15 15:06 - 2015-04-15 15:06 - 00000000 ____D () C:\Users\HP\AppData\Local\RemEngine
2015-04-15 15:06 - 2015-04-15 15:06 - 00000000 ____D () C:\Users\HP\AppData\Local\PDFC
2015-04-15 15:05 - 2015-04-15 15:05 - 00057560 _____ () C:\Users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-15 15:03 - 2015-04-15 21:16 - 00000000 ____D () C:\Users\HP
2015-04-15 15:03 - 2015-04-15 21:15 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Hewlett-Packard
2015-04-15 15:03 - 2015-04-15 15:06 - 00000000 ____D () C:\Users\HP\AppData\Local\Hewlett-Packard_Company
2015-04-15 15:03 - 2015-04-15 15:06 - 00000000 ____D () C:\Users\HP\AppData\Local\Hewlett-Packard
2015-04-15 15:03 - 2015-04-15 15:03 - 00001783 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Záruka.lnk
2015-04-15 15:03 - 2015-04-15 15:03 - 00000020 ___SH () C:\Users\HP\ntuser.ini
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Šablony
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Soubory cookie
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Poslední
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Okolní tiskárny
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Okolní síť
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Nabídka Start
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Dokumenty
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Documents\Obrázky
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Documents\Hudba
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Documents\Filmy
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\Data aplikací
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 _SHDL () C:\Users\HP\AppData\Local\Data aplikací
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_cPC_h8-1000cs_Y53316J_0U_QCZC133_E11EE2MRW605_4A_I2AB5_SPEGATRON CORPORATION_V1.01_B7.12_T111012_W73-1_L405_M4077_J1000_7Intel_86A7_93.30_#110902_N10EC8168_Z_G10DE1243_Ohp CDDVDW TS-H653T_DBNQ78BA.MRK
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_cPC_h8-1000cs_Y53316J_0U_QCZC133_E11EE2MRW605_4A_I2AB5_SPEGATRON CORPORATION_V1.01_B7.12_T111012_W73-1_L405_M4077_J1000_7Intel_86A7_93.30_#110902_N10EC8168_Z_G10DE1243_Ohp CDDVDW TS-H653T_DBNQ78BA.MRK
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 ____D () C:\Users\Public\Symantec
2015-04-15 15:03 - 2015-04-15 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Uživatelské Příručky
2015-04-15 15:03 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-15 15:03 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-15 15:02 - 2015-04-15 15:02 - 00003290 _____ () C:\Windows\System32\Tasks\RMCreator

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 22:25 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-19 22:25 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-19 22:18 - 2011-08-16 13:32 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-19 22:18 - 2011-08-16 13:15 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-19 22:18 - 2010-11-21 05:47 - 00325760 _____ () C:\Windows\PFRO.log
2015-04-19 22:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-19 22:18 - 2009-07-14 06:51 - 00047267 _____ () C:\Windows\setupact.log
2015-04-19 22:18 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-19 21:01 - 2011-08-16 13:25 - 00000000 ____D () C:\ProgramData\CyberLink
2015-04-19 15:03 - 2011-08-16 13:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-04-19 03:33 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-04-18 12:39 - 2011-08-16 13:36 - 00000000 ____D () C:\ProgramData\Norton
2015-04-18 10:46 - 2011-08-16 13:28 - 00000000 ____D () C:\ProgramData\WildTangent
2015-04-18 10:46 - 2011-08-16 13:28 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-04-18 10:46 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-17 21:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 21:47 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-17 21:47 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-04-17 21:47 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-04-17 21:47 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-04-17 21:47 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-04-17 21:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-04-17 21:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-17 21:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-17 21:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-04-17 21:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-17 21:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-17 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-04-17 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-04-17 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-17 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2015-04-17 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-17 21:46 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\winrm
2015-04-17 21:46 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\WCN
2015-04-17 21:46 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\slmgr
2015-04-17 21:46 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-04-17 21:46 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-04-17 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-04-17 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-04-17 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-04-17 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2015-04-17 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-17 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2015-04-17 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 17:21 - 2011-08-16 13:04 - 00665706 _____ () C:\Windows\system32\perfh005.dat
2015-04-16 17:21 - 2011-08-16 13:04 - 00139402 _____ () C:\Windows\system32\perfc005.dat
2015-04-16 17:21 - 2009-07-14 07:13 - 01575230 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 00:54 - 2011-08-16 13:19 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-04-16 00:53 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-16 00:53 - 2009-07-14 06:46 - 00005075 _____ () C:\Windows\DtcInstall.log
2015-04-16 00:52 - 2011-02-11 19:04 - 00005949 _____ () C:\Windows\TSSysprep.log
2015-04-15 20:44 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-04-15 20:44 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-04-15 17:49 - 2011-08-16 13:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-15 17:49 - 2011-08-16 13:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-15 17:47 - 2011-08-16 13:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-15 17:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2015-04-15 17:21 - 2011-08-16 13:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-04-15 17:21 - 2011-08-16 13:21 - 00000000 ____D () C:\Program Files (x86)\Hp
2015-04-15 16:59 - 2011-08-16 13:33 - 00010245 _____ () C:\Windows\DirectX.log
2015-04-15 15:11 - 2011-08-16 13:26 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2015-04-15 15:06 - 2011-02-11 18:32 - 00000000 ___RD () C:\SYSTEM.SAV
2015-04-15 15:06 - 2011-02-11 00:39 - 00000000 ____D () C:\swsetup
2015-04-15 15:03 - 2011-08-16 13:33 - 00000000 ___RD () C:\Program Files\Online Services
2015-04-15 15:03 - 2011-08-16 13:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-04-15 15:03 - 2011-02-11 19:00 - 00000000 ____D () C:\Windows\Panther
2015-04-15 15:02 - 2009-07-14 06:45 - 00276488 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-09 02:58 - 2011-08-16 13:11 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2011-08-16 13:11 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2011-08-16 13:11 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2011-08-16 13:11 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2011-08-16 13:11 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 23:30 - 2011-03-30 10:45 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2011-03-30 10:45 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2011-03-30 10:45 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2011-03-30 10:45 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2011-03-30 10:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 23:30 - 2011-03-30 10:44 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

==================== Files in the root of some directories =======

2015-04-16 19:11 - 2015-04-16 19:11 - 0007642 _____ () C:\Users\HP\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-16 06:53

==================== End Of Log ============================

ADDITIONAL:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-04-2015
Ran by HP at 2015-04-19 22:29:18
Running from C:\Users\HP\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{18BBF24A-6D04-4CA4-B6B4-1CF372162EEC}) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.4 - Hewlett-Packard)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 cs)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 350.12 (Version: 350.12 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version: - )
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Watch_Dogs - Complete Edition verze 1.06.329 (HKLM-x32\...\{914F68F5-BE18-46C5-A7F7-EBC155F9F45A}_is1) (Version: 1.06.329 - )
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

19-04-2015 22:08:49 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-19 22:18 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D88C600-B96B-4231-9484-DC6B97A182E8} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {27CDF0E3-1FA4-469B-AF0C-55D415299BE9} - System32\Tasks\SetupManager => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe [2011-03-04] (Microsoft)
Task: {3CBD6B42-70DA-403C-8917-45073AA55CA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-15] (Google Inc.)
Task: {5EDF571D-9280-4D4F-8446-252598AD292F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {AC97396B-0A0B-44E6-85F2-CF24B75C8547} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-22] (CyberLink)
Task: {CCB9F774-71E3-448C-9823-36BAD58B036E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {D680747D-A658-4942-9CE2-89A452D2BEFE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-16] (Avast Software s.r.o.)
Task: {DAB5925C-3244-4407-BC51-B815FFC44B7A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {DEC72B33-3CA8-4A77-B4D9-22DE1A4F5A94} - System32\Tasks\HPOSIAPP64 => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe [2009-02-28] ()
Task: {FD62F768-D3A1-4529-9453-44E3F866AB9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-15] (Google Inc.)

==================== Loaded Modules (whitelisted) ==============

2015-04-15 17:48 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-16 13:26 - 2009-02-28 04:13 - 00053248 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
2015-04-15 17:00 - 2015-04-15 18:26 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-16 05:19 - 2015-04-16 05:19 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-16 05:19 - 2015-04-16 05:19 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-19 20:02 - 2015-04-19 20:02 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15041901\algo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-512532572-2427873822-1548518363-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-512532572-2427873822-1548518363-500 - Administrator - Disabled)
Guest (S-1-5-21-512532572-2427873822-1548518363-501 - Limited - Disabled)
HP (S-1-5-21-512532572-2427873822-1548518363-1000 - Administrator - Enabled) => C:\Users\HP

==================== Faulty Device Manager Devices =============

Name: I:\
Description: MS/MS-Pro
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: F:\
Description: SD/MMC
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: H:\
Description: SM/xD-Picture
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: G:\
Description: Compact Flash
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2015 10:20:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:12:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:06:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:02:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:01:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:01:13 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]

Error: (04/18/2015 05:58:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 00:40:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 10:50:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 10:21:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (04/19/2015 10:20:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Health Check Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (04/19/2015 10:17:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/19/2015 10:16:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/19/2015 10:16:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/19/2015 10:11:49 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/19/2015 10:09:44 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/19/2015 09:04:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.

Error: (04/19/2015 04:36:18 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (04/19/2015 00:22:04 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.

Error: (04/19/2015 00:02:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Microsoft Office Sessions:
=========================
Error: (04/19/2015 10:20:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:12:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:06:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:02:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:01:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 03:01:13 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]

Error: (04/18/2015 05:58:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 00:40:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 10:50:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 10:21:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2015-04-19 22:16:49.445
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-19 22:16:49.440
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-19 22:16:49.435
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-19 22:16:49.430
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-19 22:09:44.950
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-04-19 22:09:44.939
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 4076.32 MB
Available physical RAM: 2649.81 MB
Total Pagefile: 8150.85 MB
Available Pagefile: 6484.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:820.9 GB) (Free:676.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.85 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (Nový svazek) (Fixed) (Total:97.66 GB) (Free:97.56 GB) NTFS
Drive k: (HDD) (Fixed) (Total:698.63 GB) (Free:276.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D989473B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=820.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: C28D3ECB)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#22 Příspěvek od **altrok** » 19 dub 2015 21:46

Jak jste HDD formatoval? Smazal jste vsechny oddily (partitiony) a az pak OS nahral na kompletne naformatovany disk?

Doinstalujte Internet Explorer 11 a vsechny ostatni dulezite Microsoft aktualizace (start -> vepsat: windows update -> vyhledat aktualizace a ty dulezite nainstalovat).

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Dragon Branch -> {d640ce67-58e4-43c2-9adc-6bb959d7c606} -> C:\Program Files (x86)\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll No File
Toolbar: HKU\S-1-5-21-512532572-2427873822-1548518363-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" [X]

2015-04-19 21:02 - 2015-04-19 21:03 - 13146016 _____ (Disc Soft Ltd) C:\Users\HP\Downloads\DTLite501-0406(1).exe
Hosts:
EmptyTemp:
End

Tulipan · #23 Příspěvek od **Tulipan** » 19 dub 2015 21:52

Po pravdě nevím jak jsem formátoval HDD. Winy jsem reinstaloval pomocí HP recovery, kdy při zapnutí mačkám f11 a počítač dám do Továrního nastavení, během této procedury tam píšou že vše vyresetuje do továrního nastavení a veškeré nastavení a programy/aplikace nahrané uživtalem budou nenávratně smazány.

Windows update bude trvat asi dlouho ( je jich tam spousta ). Můžeme se tedy dohodnout že nechám ten update běžet přes noc a zítra dám log z fixu frst již z updatovaného systému ?
Nebo mám ten fix frst provést ještě předtím než nechám počítač zupdatovat ?

#24 Příspěvek od **altrok** » 19 dub 2015 21:58

Urcite nechte prvne doinstalovat aktualizace. Fixlist az po jejich kompletnim doinstalovani. Blizi se deadliny projektu a zapocty, takze tu zitra budu vesmes cely den. Napiste, a kdyz budu v dosahu PC, budeme pokracovat

Tulipan · #25 Příspěvek od **Tulipan** » 20 dub 2015 06:08

Dobré ráno, přes noc jsem stáhl ten velký pack aktualizací, několikrát jsem restartoval a teď jsem dal několikrát vyhledat nové aktualizace a nainstaloval i uniklé.
Ovšem 2 aktualizace se mi stále nedaří nainstalovat viz screeny:

1)

2)

Jsou konkrétně tyto dvě nějak potřeba pro správný chod počítače ? Dají se nějak nainstalovat i jinak ? Mám použít fix i bez nich ?

#26 Příspěvek od **altrok** » 20 dub 2015 08:04

Dobre rano,
je dobre, ze jste proces s vyhledanim aktualizaci nekolikrat zopakoval. Prvni (dulezita) aktualizace byla vydana minuly tyden a s jeji instalaci ma problemy vice uzivatelu - zatim netreba resit. Druha aktualizace je volitelna, takze nutna neni. Pokracujte dalsimi kroky a vlozte obsah fixlogu.

Tulipan · #27 Příspěvek od **Tulipan** » 20 dub 2015 08:58

Docela by mě zajímalo co jsem měl v tom tempu že se tam udělalo 16GB místa, asi jsem tam omylem hodil nějaké serialy

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-04-2015
Ran by HP at 2015-04-20 09:52:54 Run:2
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available profiles: HP)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Dragon Branch -> {d640ce67-58e4-43c2-9adc-6bb959d7c606} -> C:\Program Files (x86)\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll No File
Toolbar: HKU\S-1-5-21-512532572-2427873822-1548518363-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" [X]

2015-04-19 21:02 - 2015-04-19 21:03 - 13146016 _____ (Disc Soft Ltd) C:\Users\HP\Downloads\DTLite501-0406(1).exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value deleted successfully.
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-512532572-2427873822-1548518363-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d640ce67-58e4-43c2-9adc-6bb959d7c606}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{d640ce67-58e4-43c2-9adc-6bb959d7c606}" => Key deleted successfully.
HKU\S-1-5-21-512532572-2427873822-1548518363-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HP Health Check Service => Service deleted successfully.
hpqwmiex => Service deleted successfully.
C:\Users\HP\Downloads\DTLite501-0406(1).exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 16.4 GB temporary data.

The system needed a reboot.

==== End of Fixlog 09:53:31 ====

#28 Příspěvek od **altrok** » 20 dub 2015 09:01

Mozna jste do kose presunul nejaky serial apod. Vyprazdnily se take cache prohlizecu a docasne adresare (tempy) operacniho systemu.

Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/

Spuste dvojklikem a extrahujte na plochu
kliknete na Next
Aktualizujte virovou databazi klikem na Update a pokracujte na Next
Vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 15 minut)
zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
kliknete na Cleanup a souhlaste s restartem - Yes
obsah logu ulozene na plose v mbar\mbar-log-2015-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi

Tulipan · #29 Příspěvek od **Tulipan** » 20 dub 2015 09:17

mbar nic nenašel, počítač jsem ještě moc netestoval, pouze jsem si chvíli zahrál dnes ráno bfka a už to tam nic nenapsalo, ale předtím to také psalo "jak se mu zachtělo". Dnes mám čas, tak to otestuju pořádně, jestli se už nějaké další nechtěné zprávy neobjeví.

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
http://www.malwarebytes.org

Database version:
main: v2015.04.19.05
rootkit: v2015.03.31.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
HP :: HP-HP [administrator]

20.4.2015 10:04:13
mbar-log-2015-04-20 (10-04-13).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 344790
Time elapsed: 9 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#30 Příspěvek od **altrok** » 20 dub 2015 09:21

OK, otestujte a dejte vedet

VIRY.CZ

Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky

Re: Počítač si dělá co chce( sám píše ), záseky