problem s malware, sytem nechce spustat ziadny program

Zpráva

h4pple · #1 Příspěvek od **h4pple** » 24 kvě 2015 10:19

zdravim vas, dobri ludia..pri starte windows sa mi spusti sluzba ktora otvori cmd a spusti sa mi automaticky prehliadac a hned mi nabehne adware, nejake popup okno... konkretne nextbestgame.org ...skusal som spustit adwcleaner no nepomohlo, ccleaner mi system nechce spustit akokolvek ho spustam tak isto s RSIT..potom som skusil FRST a nespustilo mi ho, samozrejme ze vsetko som spustal ako admin, pri FRST mi vyhodilo iba cierne okno a dalej nic, nechcel sa spustit, posielam screen..
http://postimg.org/image/kwn5o9ykj/

#2 Příspěvek od **vyosek** » 24 kvě 2015 10:22

Zdravim

V nouzovem rezimu zkuste spustit jen samotne FRST, ne FRSTLauncher

h4pple · #3 Příspěvek od **h4pple** » 24 kvě 2015 10:36

skusil som v nudzovom rezime a stale to iste, spustim a ziadna reakcia...iba mi vytvori na ploche subor s nazvom LM.bat spustal sdom normalne aj s launcherom a nic.
EDIT: este by som vedel dat log z adwcleaneru co sa mi podaril spustit dnes doobedu, po nom som este spustil hitmanpro, nechal som cely sken prebehnut a potom vycistit..nechal som odstranit trojan.fakeAV cesta k nemu sa koncila regedit.exe dve polozky trojanov fakeAV tam boli obe som odstranil...odvtedy sa mi nechce nic spustat

#4 Příspěvek od **vyosek** » 24 kvě 2015 11:08

Zkuste tedy udelat log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=24&t=130783

h4pple · #5 Příspěvek od **h4pple** » 24 kvě 2015 12:10

no takze, skusil som to podla toho navodu lenze, ja mam win 8.1 a na notebooku mi nefunguju klavesy f8 a f12 nudzovy rezim spustam cez sytem, ked som spustil nudzovy rezim s prikazovim riadkom tak mi FRST na flash disku nechcelo spustit, no potom som skusil druhu moznost, cisto len prikazovy riadok..neviem aky je rozdiel medzi tymi dvomi, v jednom som mal plochu ciernu a v druhom modru a v jednom mi to spustit slo a v druhom nie...no to je jedno, posielam ten log konecne
EDIT: este dodam ze ten log asi nieje uplne kompletny, kedze som tam nemohol zaskrtnut vsetky moznosti.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015
Ran by SYSTEM on MININT-1533KV5 on 24-05-2015 13:00:57
Running from E:\
Platform: Windows 8.1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-08-12] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-08-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Smart Update] => C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe [1706576 2012-08-02] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CMD] => cmd.exe /c start http://zivlingamer.org && exit
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Administrator\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\h4pple99\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\h4pple99\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2014-12-25] (Alcohol Soft Development Team)
HKU\h4pple99\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\h4pple99\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\h4pple99\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
IFEO\adwcleaner_4.204.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
IFEO\AutoLogger.exe: [Debugger] svchost.exe
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\FRST.exe: [Debugger] svchost.exe
IFEO\FRST64.exe: [Debugger] svchost.exe
IFEO\HiJackThis.exe: [Debugger] svchost.exe
IFEO\RegWorks.exe: [Debugger] svchost.exe
IFEO\RSIT.exe: [Debugger] svchost.exe
IFEO\RSITx64.exe: [Debugger] svchost.exe
Startup: C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-12-28] ()

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2014-12-25] (Alcohol Soft Development Team)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-02] (BitRaider, LLC)
S2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 Lenovo Smart Update Service; C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe [66640 2012-07-18] (Lenovo)
S2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-16] (Nitro PDF Software)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-24] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-25] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-28] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-28] (Avast Software s.r.o.)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-28] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-28] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-28] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-28] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-28] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-28] ()
S3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-12-25] (Alcohol Soft Development Team)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-03] (BitRaider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
S3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-12-25] (Disc Soft Ltd)
S1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-25] (Disc Soft Ltd)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-05-24] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-12-25] (NVIDIA Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-25] (Duplex Secure Ltd.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-25] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-12-26] (Microsoft Corporation)
S0 Partizan; system32\drivers\Partizan.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 12:59 - 2015-05-24 12:59 - 00000000 ____D () C:\FRST
2015-05-24 10:13 - 2015-05-24 10:13 - 00112640 _____ (forum.viry.cz) C:\Users\h4pple99\Desktop\FRSTLauncher.exe
2015-05-24 10:08 - 2015-05-24 10:08 - 02108416 _____ (Farbar) C:\Users\h4pple99\Desktop\FRST64.exe
2015-05-24 10:01 - 2015-05-24 10:01 - 01222144 _____ () C:\Users\h4pple99\Desktop\RSITx64.exe
2015-05-24 09:51 - 2015-05-24 09:51 - 00000566 _____ () C:\Windows\System32\.crusader
2015-05-24 09:35 - 2015-05-24 09:52 - 00043664 _____ () C:\Windows\System32\Drivers\hitmanpro37.sys
2015-05-24 09:35 - 2015-05-24 09:51 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-05-24 01:11 - 2015-05-24 01:11 - 00000000 ____D () C:\AVAST Software
2015-05-23 22:09 - 2015-05-23 22:26 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Colossal Order
2015-05-23 22:09 - 2015-05-23 22:09 - 00000000 ___SH () C:\Users\h4pple99\AppData\Local\LumaEmu
2015-05-23 22:09 - 2015-05-23 22:09 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\.mono
2015-05-23 22:09 - 2015-05-23 22:09 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\LumaEmu_SteamCloud
2015-05-23 22:09 - 2015-05-23 22:09 - 00000000 ____D () C:\ProgramData\.mono
2015-05-23 16:56 - 2015-05-23 16:56 - 00001067 _____ () C:\Users\Public\Desktop\L.A. Noire.lnk
2015-05-23 16:35 - 2015-05-23 16:56 - 00000000 ____D () C:\Program Files (x86)\L.A. Noire
2015-05-22 21:45 - 2015-05-22 21:45 - 00495621 _____ () C:\Users\h4pple99\Desktop\FM15 Transfers & Data Update Pack 2.2 (by pr0).rar
2015-05-22 21:45 - 2015-05-22 21:45 - 00000000 ____D () C:\Users\h4pple99\Desktop\FM15 Transfers & Data Update Pack 2.2 (by pr0)
2015-05-22 18:04 - 2015-05-22 18:04 - 00073750 _____ () C:\Users\h4pple99\Desktop\[CzT]L_A_Noire_Kompletni_Edice_2011_2012_CZ_.torrent
2015-05-22 13:48 - 2015-05-22 13:48 - 00022278 _____ () C:\Users\h4pple99\Desktop\The.Witcher.3.Wild.Hunt.Update.v1.03-BAT.torrent
2015-05-21 12:11 - 2015-05-21 12:17 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\The Witcher
2015-05-21 12:11 - 2015-05-21 12:11 - 00000000 ____D () C:\Users\h4pple99\Documents\The Witcher
2015-05-21 10:34 - 2015-05-21 10:35 - 00018587 _____ () C:\Windows\DirectX.log
2015-05-21 10:12 - 2015-05-21 10:35 - 00000000 ____D () C:\Program Files (x86)\Zaklínač rozšířená edice
2015-05-21 10:11 - 2015-05-21 10:33 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2015-05-20 21:53 - 2015-05-20 21:53 - 00020846 _____ () C:\Users\h4pple99\Desktop\[CzT]26000_e_knih_CZ_.torrent
2015-05-20 21:51 - 2015-05-20 21:51 - 00048926 _____ () C:\Users\h4pple99\Desktop\[CzT]Zaklinac_Rozsirena_edice_Original_CZ_verze_.torrent
2015-05-19 20:48 - 2015-05-19 20:49 - 00000000 ____D () C:\Users\h4pple99\Downloads\Perníkový táta-1.série dvdrip
2015-05-19 17:29 - 2015-05-22 14:12 - 00000000 ____D () C:\Users\h4pple99\Documents\The Witcher 3
2015-05-19 11:12 - 2015-05-19 11:12 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-05-19 11:12 - 2015-05-19 11:12 - 00000000 ____D () C:\Windows\System32\NV
2015-05-19 11:10 - 2015-05-19 11:10 - 00000000 ____D () C:\Windows\LastGood
2015-05-19 11:05 - 2015-05-12 07:27 - 42718864 _____ () C:\Windows\System32\nvcompiler.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 37741712 _____ () C:\Windows\SysWOW64\nvcompiler.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 30478992 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 22945424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 17540416 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 16145176 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 15858728 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 15048816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 14455296 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 13263568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 11790144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 10972304 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2015-05-19 11:05 - 2015-05-12 07:27 - 02971776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 02932368 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6435286.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6435286.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 01059984 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 01050256 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 00150832 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-19 11:05 - 2015-05-12 07:27 - 00031376 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvpciflt.sys
2015-05-17 15:01 - 2015-05-24 09:16 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B98C943C-C770-4D89-B63D-386C9D33D4FF}
2015-05-17 15:01 - 2015-05-17 15:01 - 00000000 __SHD () C:\Users\h4pple99\AppData\Local\EmieUserList
2015-05-17 15:01 - 2015-05-17 15:01 - 00000000 __SHD () C:\Users\h4pple99\AppData\Local\EmieSiteList
2015-05-17 15:01 - 2015-05-17 15:01 - 00000000 __SHD () C:\Users\h4pple99\AppData\Local\EmieBrowserModeList
2015-05-12 20:20 - 2015-05-12 20:21 - 00000000 ____D () C:\Users\h4pple99\Documents\NHL 2004_KHLRebuilt
2015-05-12 20:16 - 2015-05-12 21:48 - 00000000 ____D () C:\NHL 2004_KHLRebuilt
2015-05-11 21:16 - 2015-05-24 09:57 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-05-11 15:54 - 2015-05-11 16:02 - 00000000 ____D () C:\Program Files\MotioninJoy
2015-05-11 14:43 - 2015-05-11 14:43 - 00000578 _____ () C:\Users\h4pple99\Desktop\nhl2004 - odkaz.lnk
2015-05-11 13:20 - 2015-05-11 14:02 - 00000000 ____D () C:\Users\h4pple99\Documents\NHL 2004
2015-05-11 13:12 - 2015-05-11 13:12 - 00001454 _____ () C:\Users\Public\Desktop\NHL 2004.lnk
2015-05-11 12:52 - 2015-05-14 19:51 - 00000000 ____D () C:\NHL 2004
2015-05-11 12:52 - 2015-05-11 13:10 - 00000472 _____ () C:\Windows\eReg.dat
2015-05-10 15:26 - 2015-05-10 15:32 - 00000000 ___RD () C:\NHL 09
2015-05-10 14:52 - 2015-05-10 15:14 - 1422038237 ____R () C:\Users\h4pple99\Downloads\NHL-15-by-EHA-(-Version-by-Jenda).rar
2015-05-09 21:46 - 2015-05-09 21:55 - 1191069696 ____R () C:\Users\h4pple99\Downloads\Divergence.avi
2015-05-09 21:32 - 2015-05-09 21:45 - 00000000 ____D () C:\Users\h4pple99\Downloads\Blackhat.2015.BRRip.XviD-ETRG
2015-05-09 21:29 - 2015-05-09 21:56 - 00000000 ____D () C:\Users\h4pple99\Downloads\Jupiter Ascending (2015) [1080p]
2015-05-09 21:25 - 2015-05-09 21:45 - 00000000 ____D () C:\Users\h4pple99\Downloads\Kingsman.The.Secret.Service.2014.HC.HDRip.XViD.AC3-ETRG
2015-05-08 21:43 - 2015-05-13 20:31 - 00000000 ____D () C:\Users\h4pple99\Downloads\John.Wick.2014.480p.BDRip.XViD.AC3.CZ-GRiNGO
2015-05-07 19:38 - 2015-05-07 19:38 - 01053024 _____ (Comfort Software Group ) C:\Users\h4pple99\Desktop\FreeStopwatchSetup.exe
2015-05-07 18:27 - 2015-05-07 18:27 - 02204160 _____ () C:\Users\h4pple99\Desktop\adwcleaner_4.203.exe
2015-05-02 11:13 - 2015-05-02 11:18 - 00000000 ____D () C:\Users\h4pple99\Documents\WWE2K15
2015-05-02 08:49 - 2015-05-02 12:04 - 00000000 ____D () C:\Program Files (x86)\GMT-MAX.ORG
2015-04-28 18:49 - 2015-04-28 18:49 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\System32\aswBoot.exe
2015-04-28 18:48 - 2015-04-28 18:48 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-28 18:41 - 2015-05-24 11:42 - 00000982 _____ () C:\Windows\setupact.log
2015-04-28 18:41 - 2015-04-28 18:51 - 00045888 _____ () C:\Windows\PFRO.log
2015-04-28 18:41 - 2015-04-28 18:41 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-28 18:10 - 2015-05-24 11:56 - 01993319 _____ () C:\Windows\WindowsUpdate.log
2015-04-25 08:50 - 2015-04-25 08:50 - 00000000 ____D () C:\@RestoreQuarantine
2015-04-25 08:44 - 2015-04-25 08:44 - 00000000 ____D () C:\ProgramData\RegRun
2015-04-25 08:43 - 2015-04-27 06:39 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2015-04-25 08:43 - 2015-04-25 08:50 - 00000000 ____D () C:\Users\h4pple99\Documents\RegRun2
2015-04-25 08:43 - 2015-04-25 08:43 - 00000002 RSHOT () C:\Windows\winstart.bat
2015-04-25 08:43 - 2015-04-25 08:43 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2015-04-25 08:43 - 2015-04-25 08:43 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2015-04-24 17:40 - 2015-04-24 17:40 - 00000000 ____D () C:\Users\h4pple99\Documents\Electronic Arts
2015-04-24 17:32 - 2014-10-19 14:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2015-04-24 15:01 - 2015-04-24 15:15 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Ori and the Blind Forest
2015-04-24 14:59 - 2015-04-24 14:59 - 00001296 _____ () C:\Users\h4pple99\Desktop\Ori and the Blind Forest.lnk
2015-04-24 14:59 - 2015-04-24 14:59 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\Ori and the Blind Forest
2015-04-24 13:36 - 2015-04-24 13:36 - 00001123 _____ () C:\Users\h4pple99\Desktop\Assassins Creed Chronicles China.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 11:43 - 2014-09-24 06:35 - 00863592 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-05-24 10:31 - 2014-12-25 10:52 - 03963936 _____ () C:\Users\Public\CAFADEBUG.log
2015-05-24 10:31 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-24 10:19 - 2014-12-25 11:38 - 00504320 ___SH () C:\Users\h4pple99\Desktop\Thumbs.db
2015-05-24 10:16 - 2014-12-25 10:22 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3547628435-3712409865-1790832751-1002
2015-05-24 10:03 - 2014-12-24 17:20 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\Nitro PDF
2015-05-24 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System32\sru
2015-05-24 09:54 - 2014-12-24 18:25 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-24 09:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\System32\config\BBI
2015-05-24 09:41 - 2014-12-24 18:25 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-24 09:22 - 2014-07-04 12:33 - 00000000 ____D () C:\AdwCleaner
2015-05-24 00:49 - 2015-03-26 21:05 - 00000892 _____ () C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-05-23 22:26 - 2013-08-25 08:56 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics
2015-05-23 20:48 - 2014-12-25 20:11 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\uTorrent
2015-05-23 20:25 - 2014-12-25 12:30 - 00000000 ____D () C:\ProgramData\Origin
2015-05-23 17:20 - 2013-08-16 21:38 - 00000000 ____D () C:\Users\h4pple99\Documents\Rockstar Games
2015-05-23 17:17 - 2015-04-18 06:31 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-05-23 17:17 - 2015-04-18 06:31 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-05-22 16:59 - 2015-04-15 19:41 - 00000000 ____D () C:\Program Files (x86)\Mortal Kombat X
2015-05-21 10:13 - 2013-08-12 14:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-21 09:43 - 2014-12-24 18:26 - 00002226 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-20 19:41 - 2015-03-24 14:56 - 00001178 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2015-05-20 18:33 - 2015-03-21 10:15 - 00003838 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1378842729
2015-05-20 18:33 - 2013-09-10 20:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-19 21:35 - 2014-12-25 20:26 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\vlc
2015-05-19 18:17 - 2013-08-26 08:32 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-19 14:07 - 2014-12-25 13:24 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Battle.net
2015-05-19 12:35 - 2014-12-25 18:36 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\Skype
2015-05-19 11:26 - 2014-11-05 22:46 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2015-05-19 11:12 - 2014-12-25 01:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-19 10:56 - 2014-12-25 12:51 - 00001408 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-18 19:04 - 2013-10-24 14:38 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-05-18 19:03 - 2013-10-24 14:33 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-18 06:27 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-17 15:00 - 2015-03-26 21:05 - 00003858 _____ () C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-05-17 15:00 - 2014-12-24 17:19 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Adobe
2015-05-15 13:36 - 2014-12-24 18:25 - 00003930 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 13:36 - 2014-12-24 18:25 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-12 22:03 - 2013-09-01 14:37 - 00000000 ____D () C:\Users\h4pple99\Desktop\Books_EBooks
2015-05-12 21:52 - 2013-08-15 18:09 - 00000000 ____D () C:\Users\h4pple99\Desktop\Torrents
2015-05-12 07:27 - 2015-02-11 08:08 - 03363224 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2015-05-12 07:27 - 2014-12-25 13:14 - 12849056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-12 07:27 - 2014-12-25 13:14 - 00031710 _____ () C:\Windows\System32\nvinfo.pb
2015-05-12 07:27 - 2013-12-26 19:42 - 01099808 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2015-05-12 07:27 - 2013-12-26 19:42 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-12 07:27 - 2013-12-26 19:42 - 00176064 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2015-05-12 07:27 - 2013-12-26 19:42 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-12 04:30 - 2014-12-25 01:54 - 06872392 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2015-05-12 04:30 - 2014-12-25 01:54 - 03490448 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2015-05-12 04:30 - 2014-12-25 01:54 - 02558608 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2015-05-12 04:30 - 2014-12-25 01:54 - 01059984 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshext.dll
2015-05-12 04:30 - 2014-12-25 01:54 - 00937288 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2015-05-12 04:30 - 2014-12-25 01:54 - 00579400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2015-05-12 04:30 - 2014-12-25 01:54 - 00385352 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2015-05-12 04:30 - 2014-12-25 01:54 - 00075080 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshextr.dll
2015-05-12 04:30 - 2014-12-25 01:54 - 00062608 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2015-05-11 18:01 - 2014-12-25 01:54 - 04391871 _____ () C:\Windows\System32\nvcoproc.bin
2015-05-11 12:52 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-10 15:24 - 2014-02-16 23:49 - 00000000 ____D () C:\Users\h4pple99\Documents\NHL09
2015-05-08 21:43 - 2014-12-25 20:24 - 00001097 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-06 17:53 - 2014-12-28 09:09 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Deployment
2015-05-03 14:18 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-05-02 11:10 - 2015-01-23 00:14 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-05-02 10:45 - 2015-01-23 00:14 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-02 10:01 - 2014-12-25 13:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-01 17:51 - 2014-12-25 12:49 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-01 17:51 - 2014-12-25 12:49 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-01 17:50 - 2014-12-25 12:49 - 01756424 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll
2015-05-01 17:50 - 2014-12-25 12:49 - 01570672 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2015-05-01 07:45 - 2014-12-25 18:36 - 00000000 ____D () C:\ProgramData\Skype
2015-04-28 18:53 - 2014-12-25 11:44 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-28 18:49 - 2014-12-25 11:44 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswSP.sys
2015-04-28 18:49 - 2014-12-25 11:44 - 00272248 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2015-04-28 18:49 - 2014-12-25 11:44 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswStm.sys
2015-04-28 18:49 - 2014-12-25 11:44 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswRdr2.sys
2015-04-28 18:49 - 2014-12-25 11:44 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswMonFlt.sys
2015-04-28 18:49 - 2014-12-25 11:44 - 00065736 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2015-04-28 18:49 - 2014-12-25 11:44 - 00029168 _____ () C:\Windows\System32\Drivers\aswHwid.sys
2015-04-28 18:48 - 2014-12-25 11:44 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\System32\Drivers\aswSnx.sys
2015-04-24 16:42 - 2013-08-30 12:15 - 00000000 ____D () C:\Games
2015-04-24 15:01 - 2014-12-28 07:13 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\SKIDROW

Some files in TEMP:
====================
C:\Users\h4pple99\AppData\Local\Temp\AutoRun.exe
C:\Users\h4pple99\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\h4pple99\AppData\Local\Temp\Quarantine.exe
C:\Users\h4pple99\AppData\Local\Temp\Social Club v1.1.5.8 Setup.exe
C:\Users\h4pple99\AppData\Local\Temp\sqlite3.dll
C:\Users\h4pple99\AppData\Local\Temp\vlc-2.2.1-win32.exe

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2014-09-24 09:09] - [2014-09-24 09:09] - 2374816 ____A (Microsoft Corporation) CB0A4CACEB3CB41983FDE2945C99F3D2

C:\Windows\SysWOW64\explorer.exe
[2014-09-24 09:09] - [2014-09-24 09:09] - 2088648 ____A (Microsoft Corporation) EBF029163302324A9D5C7B2630325AB9

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point made on: 2015-05-02 10:01:11
Restore point made on: 2015-05-11 12:44:33
Restore point made on: 2015-05-19 16:56:34
Restore point made on: 2015-05-21 10:13:28
Restore point made on: 2015-05-23 16:57:51

==================== Memory info ===========================

Percentage of memory in use: 13%
Total physical RAM: 6009.77 MB
Available physical RAM: 5188.95 MB
Total Pagefile: 6009.77 MB
Available Pagefile: 5211.82 MB
Total Virtual: 131072 MB
Available Virtual: 131071.87 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.4 GB) (Free:168.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:8 GB) NTFS
Drive e: (Elements) (Fixed) (Total:931.48 GB) (Free:675.16 GB) NTFS
Drive g: () (Fixed) (Total:0.44 GB) (Free:0.09 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 787C924F)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 2227220A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

LastRegBack: 2015-05-23 15:22

==================== End of log ============================

#6 Příspěvek od **vyosek** » 24 kvě 2015 12:26

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CMD] => cmd.exe /c start http://zivlingamer.org && exit
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\h4pple99\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2014-12-25] (Alcohol Soft Development Team)
HKU\h4pple99\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\h4pple99\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\h4pple99\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
IFEO\adwcleaner_4.204.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
IFEO\AutoLogger.exe: [Debugger] svchost.exe
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\FRST.exe: [Debugger] svchost.exe
IFEO\FRST64.exe: [Debugger] svchost.exe
IFEO\HiJackThis.exe: [Debugger] svchost.exe
IFEO\RegWorks.exe: [Debugger] svchost.exe
IFEO\RSIT.exe: [Debugger] svchost.exe
IFEO\RSITx64.exe: [Debugger] svchost.exe
Startup: C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-12-28] ()

Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

h4pple · #7 Příspěvek od **h4pple** » 24 kvě 2015 12:29

vsetko to mam ale robit na tom flash disku a nudzovom rezime cez prikazovy riadok ze?

#8 Příspěvek od **vyosek** » 24 kvě 2015 12:32

Presne tak, pak by mel uz system nabehnout a to okno by vyskakovat nemelo a budem to moct docistit poradne a uplne...

h4pple · #9 Příspěvek od **h4pple** » 24 kvě 2015 12:42

tu je log z fixlog.txt nech sa paci

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015
Ran by SYSTEM at 2015-05-24 13:36:42 Run:1
Running from E:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
Start

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CMD] => cmd.exe /c start http://zivlingamer.org && exit
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\h4pple99\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2014-12-25] (Alcohol Soft Development Team)
HKU\h4pple99\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\h4pple99\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\h4pple99\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
IFEO\adwcleaner_4.204.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
IFEO\AutoLogger.exe: [Debugger] svchost.exe
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\FRST.exe: [Debugger] svchost.exe
IFEO\FRST64.exe: [Debugger] svchost.exe
IFEO\HiJackThis.exe: [Debugger] svchost.exe
IFEO\RegWorks.exe: [Debugger] svchost.exe
IFEO\RSIT.exe: [Debugger] svchost.exe
IFEO\RSITx64.exe: [Debugger] svchost.exe
Startup: C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-12-28] ()

Reboot:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CMD => value Removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value Removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value Removed successfully
HKU\h4pple99\Software\Microsoft\Windows\CurrentVersion\Run\\AlcoholAutomount => value Removed successfully
HKU\h4pple99\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value Removed successfully
HKU\h4pple99\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value Removed successfully
HKU\h4pple99\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adwcleaner_4.204.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AnVir.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AutoLogger.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avz.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CCleaner.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CCleaner64.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FRST.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FRST64.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\HiJackThis.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RegWorks.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RSIT.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RSITx64.exe" => key Removed successfully
C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip => Moved successfully.
Reboot: => Error: This directive works only outside recovery mode.

==== End of Fixlog 13:36:43 ====

#10 Příspěvek od **vyosek** » 24 kvě 2015 13:10

Supr, zkuste nastartovat PC do normalniho rezimu a udelat novy sken z FRST

h4pple · #11 Příspěvek od **h4pple** » 24 kvě 2015 13:18

tu je novy log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by h4pple99 (administrator) on H4PPLE on 24-05-2015 14:15:48
Running from C:\Users\h4pple99\Desktop
Loaded Profiles: h4pple99 (Available Profiles: h4pple99 & Administrator)
Platform: Windows 8.1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [448912 2014-10-01] (Intel Corporation)
HKLM-x32\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-08-12] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-08-12] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Smart Update] => C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe [1706576 2012-08-02] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-12]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-28] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3547628435-3712409865-1790832751-1002 -> {8DBF706B-58B0-444B-BDE3-20A901A30AFD} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-04] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-04] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-03-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-07-16] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3547628435-3712409865-1790832751-1002: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-25]

Chrome:
=======
CHR Profile: C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-24]
CHR Extension: (Bookmark Manager) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-24]
CHR Extension: (Google Wallet) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Profile: C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Google Search) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Avast SafePrice) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-13]
CHR Extension: (Google Sheets) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Avast Online Security) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2014-12-25] (Alcohol Soft Development Team)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-02] (BitRaider, LLC)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-27] (Broadcom Corporation.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-24] (Hi-Rez Studios) []
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 Lenovo Smart Update Service; C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe [66640 2012-07-18] (Lenovo)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-16] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-24] (Electronic Arts)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2014-12-25] (StarWind Software) []
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-25] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-28] ()
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-12-25] (Alcohol Soft Development Team)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-03] (BitRaider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-12-25] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-25] (Disc Soft Ltd)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-05-24] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-12-25] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-25] (Duplex Secure Ltd.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-25] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-12-26] (Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 14:15 - 2015-05-24 14:16 - 00021413 _____ () C:\Users\h4pple99\Desktop\FRST.txt
2015-05-24 13:59 - 2015-05-24 14:15 - 00000000 ____D () C:\FRST
2015-05-24 11:13 - 2015-05-24 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\h4pple99\Desktop\FRSTLauncher.exe
2015-05-24 11:08 - 2015-05-24 11:08 - 02108416 _____ (Farbar) C:\Users\h4pple99\Desktop\FRST64.exe
2015-05-24 11:01 - 2015-05-24 11:01 - 01222144 _____ () C:\Users\h4pple99\Desktop\RSITx64.exe
2015-05-24 10:51 - 2015-05-24 10:51 - 00000566 _____ () C:\WINDOWS\system32\.crusader
2015-05-24 10:35 - 2015-05-24 10:52 - 00043664 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-05-24 10:35 - 2015-05-24 10:51 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-05-24 02:11 - 2015-05-24 02:11 - 00000000 ____D () C:\AVAST Software
2015-05-23 23:09 - 2015-05-23 23:26 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Colossal Order
2015-05-23 23:09 - 2015-05-23 23:09 - 00000000 ___SH () C:\Users\h4pple99\AppData\Local\LumaEmu
2015-05-23 23:09 - 2015-05-23 23:09 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\.mono
2015-05-23 23:09 - 2015-05-23 23:09 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\LumaEmu_SteamCloud
2015-05-23 23:09 - 2015-05-23 23:09 - 00000000 ____D () C:\ProgramData\.mono
2015-05-23 17:56 - 2015-05-23 17:56 - 00001067 _____ () C:\Users\Public\Desktop\L.A. Noire.lnk
2015-05-23 17:56 - 2015-05-23 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\L.A. Noire
2015-05-23 17:35 - 2015-05-23 17:56 - 00000000 ____D () C:\Program Files (x86)\L.A. Noire
2015-05-22 19:04 - 2015-05-22 19:04 - 00073750 _____ () C:\Users\h4pple99\Desktop\[CzT]L_A_Noire_Kompletni_Edice_2011_2012_CZ_.torrent
2015-05-22 14:48 - 2015-05-22 14:48 - 00022278 _____ () C:\Users\h4pple99\Desktop\The.Witcher.3.Wild.Hunt.Update.v1.03-BAT.torrent
2015-05-21 13:11 - 2015-05-21 13:17 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\The Witcher
2015-05-21 13:11 - 2015-05-21 13:11 - 00000000 ____D () C:\Users\h4pple99\Documents\The Witcher
2015-05-21 11:12 - 2015-05-21 11:35 - 00000000 ____D () C:\Program Files (x86)\Zaklínač rozšířená edice
2015-05-21 11:11 - 2015-05-21 11:33 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2015-05-20 22:53 - 2015-05-20 22:53 - 00020846 _____ () C:\Users\h4pple99\Desktop\[CzT]26000_e_knih_CZ_.torrent
2015-05-20 22:51 - 2015-05-20 22:51 - 00048926 _____ () C:\Users\h4pple99\Desktop\[CzT]Zaklinac_Rozsirena_edice_Original_CZ_verze_.torrent
2015-05-19 21:48 - 2015-05-19 21:49 - 00000000 ____D () C:\Users\h4pple99\Downloads\Perníkový táta-1.série dvdrip
2015-05-19 18:29 - 2015-05-22 15:12 - 00000000 ____D () C:\Users\h4pple99\Documents\The Witcher 3
2015-05-19 12:12 - 2015-05-19 12:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-05-19 12:12 - 2015-05-19 12:12 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-05-19 12:10 - 2015-05-19 12:10 - 00000000 ____D () C:\WINDOWS\LastGood
2015-05-19 12:05 - 2015-05-12 08:27 - 42718864 _____ () C:\WINDOWS\system32\nvcompiler.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 37741712 _____ () C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 30478992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 22945424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 17540416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 16145176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 15858728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 15048816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 14455296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 13263568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 11790144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 10972304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-05-19 12:05 - 2015-05-12 08:27 - 02971776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435286.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 01050256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-05-19 12:05 - 2015-05-12 08:27 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-05-17 16:01 - 2015-05-24 10:16 - 00003974 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B98C943C-C770-4D89-B63D-386C9D33D4FF}
2015-05-17 16:01 - 2015-05-17 16:01 - 00000000 __SHD () C:\Users\h4pple99\AppData\Local\EmieUserList
2015-05-17 16:01 - 2015-05-17 16:01 - 00000000 __SHD () C:\Users\h4pple99\AppData\Local\EmieSiteList
2015-05-17 16:01 - 2015-05-17 16:01 - 00000000 __SHD () C:\Users\h4pple99\AppData\Local\EmieBrowserModeList
2015-05-12 21:20 - 2015-05-12 21:21 - 00000000 ____D () C:\Users\h4pple99\Documents\NHL 2004_KHLRebuilt
2015-05-12 21:16 - 2015-05-12 22:48 - 00000000 ____D () C:\NHL 2004_KHLRebuilt
2015-05-11 22:16 - 2015-05-24 13:43 - 00003490 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2015-05-11 16:54 - 2015-05-11 17:02 - 00000000 ____D () C:\Program Files\MotioninJoy
2015-05-11 15:43 - 2015-05-11 15:43 - 00000578 _____ () C:\Users\h4pple99\Desktop\nhl2004 - odkaz.lnk
2015-05-11 14:20 - 2015-05-11 15:02 - 00000000 ____D () C:\Users\h4pple99\Documents\NHL 2004
2015-05-11 14:12 - 2015-05-11 14:12 - 00001454 _____ () C:\Users\Public\Desktop\NHL 2004.lnk
2015-05-11 14:12 - 2015-05-11 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
2015-05-11 13:52 - 2015-05-14 20:51 - 00000000 ____D () C:\NHL 2004
2015-05-11 13:52 - 2015-05-11 14:10 - 00000472 _____ () C:\WINDOWS\eReg.dat
2015-05-10 16:26 - 2015-05-10 16:32 - 00000000 ___RD () C:\NHL 09
2015-05-10 15:52 - 2015-05-10 16:14 - 1422038237 ____R () C:\Users\h4pple99\Downloads\NHL-15-by-EHA-(-Version-by-Jenda).rar
2015-05-09 22:46 - 2015-05-09 22:55 - 1191069696 ____R () C:\Users\h4pple99\Downloads\Divergence.avi
2015-05-09 22:32 - 2015-05-09 22:45 - 00000000 ____D () C:\Users\h4pple99\Downloads\Blackhat.2015.BRRip.XviD-ETRG
2015-05-09 22:29 - 2015-05-09 22:56 - 00000000 ____D () C:\Users\h4pple99\Downloads\Jupiter Ascending (2015) [1080p]
2015-05-09 22:25 - 2015-05-09 22:45 - 00000000 ____D () C:\Users\h4pple99\Downloads\Kingsman.The.Secret.Service.2014.HC.HDRip.XViD.AC3-ETRG
2015-05-08 22:43 - 2015-05-13 21:31 - 00000000 ____D () C:\Users\h4pple99\Downloads\John.Wick.2014.480p.BDRip.XViD.AC3.CZ-GRiNGO
2015-05-07 20:38 - 2015-05-07 20:38 - 01053024 _____ (Comfort Software Group ) C:\Users\h4pple99\Desktop\FreeStopwatchSetup.exe
2015-05-07 19:27 - 2015-05-07 19:27 - 02204160 _____ () C:\Users\h4pple99\Desktop\adwcleaner_4.203.exe
2015-05-02 12:13 - 2015-05-02 12:18 - 00000000 ____D () C:\Users\h4pple99\Documents\WWE2K15
2015-05-02 09:49 - 2015-05-02 13:04 - 00000000 ____D () C:\Program Files (x86)\GMT-MAX.ORG
2015-04-28 19:49 - 2015-04-28 19:49 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-04-28 19:48 - 2015-04-28 19:48 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-04-25 10:05 - 2015-04-25 10:23 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome
2015-04-25 10:05 - 2015-04-25 10:05 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-25 09:50 - 2015-04-25 09:50 - 00000000 ____D () C:\@RestoreQuarantine
2015-04-25 09:44 - 2015-04-25 09:44 - 00000000 ____D () C:\ProgramData\RegRun
2015-04-25 09:43 - 2015-04-27 07:39 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2015-04-25 09:43 - 2015-04-25 09:50 - 00000000 ____D () C:\Users\h4pple99\Documents\RegRun2
2015-04-25 09:43 - 2015-04-25 09:43 - 00000002 RSHOT () C:\WINDOWS\winstart.bat
2015-04-25 09:43 - 2015-04-25 09:43 - 00000002 RSHOT () C:\WINDOWS\SysWOW64\CONFIG.NT
2015-04-25 09:43 - 2015-04-25 09:43 - 00000002 RSHOT () C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2015-04-24 18:40 - 2015-04-24 18:40 - 00000000 ____D () C:\Users\h4pple99\Documents\Electronic Arts
2015-04-24 18:32 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2015-04-24 16:01 - 2015-04-24 16:15 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Ori and the Blind Forest
2015-04-24 15:59 - 2015-04-24 15:59 - 00001296 _____ () C:\Users\h4pple99\Desktop\Ori and the Blind Forest.lnk
2015-04-24 15:59 - 2015-04-24 15:59 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\Ori and the Blind Forest
2015-04-24 14:36 - 2015-04-24 14:36 - 00001123 _____ () C:\Users\h4pple99\Desktop\Assassins Creed Chronicles China.lnk
2015-04-24 14:36 - 2015-04-24 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed Chronicles China

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 14:03 - 2014-12-25 21:11 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\uTorrent
2015-05-24 14:03 - 2013-08-26 09:32 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-24 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-24 13:54 - 2014-12-25 11:22 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3547628435-3712409865-1790832751-1002
2015-05-24 13:50 - 2014-12-24 18:20 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\Nitro PDF
2015-05-24 13:47 - 2014-09-24 07:35 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-24 13:42 - 2014-12-24 19:25 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-24 13:42 - 2014-12-24 19:25 - 00000954 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-24 13:39 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-24 11:31 - 2014-12-25 11:52 - 03972428 _____ () C:\Users\Public\CAFADEBUG.log
2015-05-24 11:19 - 2014-12-25 12:38 - 00504320 ___SH () C:\Users\h4pple99\Desktop\Thumbs.db
2015-05-24 10:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-24 10:22 - 2014-07-04 13:33 - 00000000 ____D () C:\AdwCleaner
2015-05-24 01:49 - 2015-03-26 22:05 - 00000892 _____ () C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-05-23 23:26 - 2015-01-19 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-05-23 23:26 - 2013-08-25 09:56 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics
2015-05-23 21:25 - 2014-12-25 13:30 - 00000000 ____D () C:\ProgramData\Origin
2015-05-23 18:20 - 2013-08-16 22:38 - 00000000 ____D () C:\Users\h4pple99\Documents\Rockstar Games
2015-05-23 18:17 - 2015-04-18 07:31 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-05-23 18:17 - 2015-04-18 07:31 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-05-22 17:59 - 2015-04-15 20:41 - 00000000 ____D () C:\Program Files (x86)\Mortal Kombat X
2015-05-21 11:13 - 2013-08-12 15:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-21 10:43 - 2014-12-24 19:26 - 00002226 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-20 20:41 - 2015-03-24 15:56 - 00001178 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2015-05-20 19:33 - 2015-03-21 11:15 - 00003838 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1378842729
2015-05-20 19:33 - 2013-09-10 21:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-19 22:35 - 2014-12-25 21:26 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\vlc
2015-05-19 15:07 - 2014-12-25 14:24 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Battle.net
2015-05-19 13:35 - 2014-12-25 19:36 - 00000000 ____D () C:\Users\h4pple99\AppData\Roaming\Skype
2015-05-19 12:26 - 2014-11-05 23:46 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2015-05-19 12:12 - 2014-12-25 02:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-19 11:56 - 2014-12-25 13:51 - 00001408 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-18 20:04 - 2013-10-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-05-18 20:03 - 2013-10-24 15:33 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-18 07:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-17 16:00 - 2015-03-26 22:05 - 00003858 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-05-17 16:00 - 2014-12-24 18:19 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Adobe
2015-05-15 14:36 - 2014-12-24 19:25 - 00003930 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 14:36 - 2014-12-24 19:25 - 00003694 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 19:08 - 2014-12-26 12:04 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 23:03 - 2013-09-01 15:37 - 00000000 ____D () C:\Users\h4pple99\Desktop\Books_EBooks
2015-05-12 22:52 - 2013-08-15 19:09 - 00000000 ____D () C:\Users\h4pple99\Desktop\Torrents
2015-05-12 08:27 - 2015-02-11 09:08 - 03363224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-12 08:27 - 2014-12-25 14:14 - 12849056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-12 08:27 - 2014-12-25 14:14 - 00031710 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-05-12 08:27 - 2013-12-26 20:42 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-12 08:27 - 2013-12-26 20:42 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-12 08:27 - 2013-12-26 20:42 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-12 08:27 - 2013-12-26 20:42 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-12 05:30 - 2014-12-25 02:54 - 06872392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-12 05:30 - 2014-12-25 02:54 - 03490448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-12 05:30 - 2014-12-25 02:54 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-12 05:30 - 2014-12-25 02:54 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-05-12 05:30 - 2014-12-25 02:54 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-12 05:30 - 2014-12-25 02:54 - 00579400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2015-05-12 05:30 - 2014-12-25 02:54 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-12 05:30 - 2014-12-25 02:54 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-05-12 05:30 - 2014-12-25 02:54 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-11 19:01 - 2014-12-25 02:54 - 04391871 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-05-11 13:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Macromed
2015-05-10 16:24 - 2014-02-17 00:49 - 00000000 ____D () C:\Users\h4pple99\Documents\NHL09
2015-05-08 22:43 - 2014-12-25 21:24 - 00001097 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-06 18:53 - 2014-12-28 10:09 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\Deployment
2015-05-03 15:18 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-05-02 12:10 - 2015-01-23 01:14 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2015-05-02 11:45 - 2015-01-23 01:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2015-05-02 11:01 - 2014-12-25 14:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-01 18:51 - 2014-12-25 13:49 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-05-01 18:51 - 2014-12-25 13:49 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-05-01 18:50 - 2014-12-25 13:49 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-05-01 18:50 - 2014-12-25 13:49 - 01570672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-05-01 08:45 - 2014-12-25 19:36 - 00000000 ____D () C:\ProgramData\Skype
2015-04-28 19:53 - 2014-12-25 12:44 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-04-28 19:49 - 2014-12-25 12:44 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-04-28 19:49 - 2014-12-25 12:44 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-04-28 19:49 - 2014-12-25 12:44 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-04-28 19:49 - 2014-12-25 12:44 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-04-28 19:49 - 2014-12-25 12:44 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-04-28 19:49 - 2014-12-25 12:44 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-04-28 19:49 - 2014-12-25 12:44 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-04-28 19:48 - 2014-12-25 12:44 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-04-24 17:42 - 2013-08-30 13:15 - 00000000 ____D () C:\Games
2015-04-24 16:01 - 2014-12-28 08:13 - 00000000 ____D () C:\Users\h4pple99\AppData\Local\SKIDROW

==================== Files in the root of some directories =======

2014-12-24 18:10 - 2014-12-25 19:24 - 0006379 _____ () C:\Users\h4pple99\AppData\Roaming\AbsoluteReminder.xml
2015-05-23 23:09 - 2015-05-23 23:09 - 0000000 ___SH () C:\Users\h4pple99\AppData\Local\LumaEmu
2013-08-12 15:22 - 2013-08-12 15:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\h4pple99\AppData\Local\Temp\Quarantine.exe
C:\Users\h4pple99\AppData\Local\Temp\Social Club v1.1.5.8 Setup.exe
C:\Users\h4pple99\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-23 16:22

==================== End of log ============================

h4pple · #12 Příspěvek od **h4pple** » 25 kvě 2015 18:26

ako to vypada s tym logom? uz je cisty?

#13 Příspěvek od **vyosek** » 28 kvě 2015 10:15

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3547628435-3712409865-1790832751-1002 -> {8DBF706B-58B0-444B-BDE3-20A901A30AFD} URL = 

U0 Partizan; system32\drivers\Partizan.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

2015-05-24 11:13 - 2015-05-24 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\h4pple99\Desktop\FRSTLauncher.exe
2015-05-24 14:15 - 2015-05-24 14:16 - 00021413 _____ () C:\Users\h4pple99\Desktop\FRST.txt
2015-05-24 10:51 - 2015-05-24 10:51 - 00000566 _____ () C:\WINDOWS\system32\.crusader
2015-05-24 10:35 - 2015-05-24 10:52 - 00043664 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-05-24 10:35 - 2015-05-24 10:51 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-05-11 22:16 - 2015-05-24 13:43 - 00003490 _____ () C:\WINDOWS\System32\Tasks\AutoKMS

2015-05-24 13:42 - 2014-12-24 19:25 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-24 13:42 - 2014-12-24 19:25 - 00000954 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-24 01:49 - 2015-03-26 22:05 - 00000892 _____ () C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

h4pple · #14 Příspěvek od **h4pple** » 23 čer 2015 19:32

Zdravim vas znovu...kedze sa na toto nejak pozabudlo nebol PC precisteny uplne a zacali sa problemy prehlbovat tak sem posielam novy scan z FRST...problem je taky zacal pred par dnami, ked sa mi Adblock(rozsirenie pre chrome) sam od seba odinstaloval, pri startupe windowsu mi prestal startovat Avast...scan Ccleaneru sa zasekol na 5% a dalej sa ani nehol...pocitac sa celkovo vyrazne spomalil, chcel som spravit log frst no nespustilo mi program, tak isto adwcleaner no tam mi aspon beziaci proces adwcleaneru ukazovalo ale ziadny interface nic... vyskusal som v nudzovom rezime a nastastie tam to slo..takze pridavam log z FRST..

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by h4pple99 (administrator) on H4PPLE on 23-06-2015 20:25:09
Running from C:\Users\h4pple99\Desktop
Loaded Profiles: h4pple99 (Available Profiles: h4pple99 & Administrator)
Platform: Windows 8.1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-08-12] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-08-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Smart Update] => C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe [1706576 2012-08-02] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-12]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-28] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-3547628435-3712409865-1790832751-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3547628435-3712409865-1790832751-1002 -> {8DBF706B-58B0-444B-BDE3-20A901A30AFD} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-04] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-04] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-03-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-07-16] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3547628435-3712409865-1790832751-1002: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-25]

Chrome:
=======
CHR Profile: C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-24]
CHR Extension: (Google Search) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-24]
CHR Extension: (AdBlock) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-23]
CHR Extension: (Google Wallet) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Security Protection) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-05-24]
CHR Extension: (Gmail) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR Profile: C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Google Search) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Avast SafePrice) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-13]
CHR Extension: (Google Sheets) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Avast Online Security) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-13]
CHR Extension: (Google Wallet) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\h4pple99\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2014-12-25] (Alcohol Soft Development Team)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-02] (BitRaider, LLC)
S2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-27] (Broadcom Corporation.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-24] (Hi-Rez Studios) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 Lenovo Smart Update Service; C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe [66640 2012-07-18] (Lenovo)
S2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-16] (Nitro PDF Software)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-03] (Electronic Arts)
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2014-12-25] (StarWind Software) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-25] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-28] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-28] (Avast Software s.r.o.)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-28] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-28] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-28] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-28] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-28] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-28] ()
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-12-25] (Alcohol Soft Development Team)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-03] (BitRaider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-12-25] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-25] (Disc Soft Ltd)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-05-24] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-12-25] (NVIDIA Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8222736 2012-06-15] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-25] (Duplex Secure Ltd.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-25] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-12-26] (Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-23 20:25 - 2015-06-23 20:25 - 00018365 _____ C:\Users\h4pple99\Desktop\FRST.txt
2015-06-23 19:53 - 2015-06-23 19:53 - 02109952 _____ (Farbar) C:\Users\h4pple99\Desktop\FRST64.exe
2015-06-20 12:28 - 2015-06-20 12:50 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Pro Cycling Manager 2014
2015-06-20 12:28 - 2015-06-20 12:31 - 00000000 ____D C:\Users\h4pple99\Documents\Pro Cycling Manager 2014
2015-06-20 12:27 - 2015-06-20 12:28 - 81954136 _____ (Cyanide ) C:\Users\h4pple99\Documents\Setup-Patch-1.4.0.1-From-1.3.1.0.exe
2015-06-20 12:27 - 2015-06-20 12:27 - 79819736 _____ (Cyanide ) C:\Users\h4pple99\Documents\Setup-Patch-1.3.1.0-From-1.3.0.0.exe
2015-06-20 11:19 - 2015-06-20 11:40 - 00000000 ____D C:\Users\h4pple99\Downloads\Pro.Cycling.Manager.2014-CPY
2015-06-18 22:48 - 2015-06-18 22:48 - 08428156 _____ C:\Users\h4pple99\Downloads\2015Tigers.zip
2015-06-18 22:46 - 2015-06-18 22:46 - 24895431 _____ C:\Users\h4pple99\Downloads\comerica_3_23_15.rar
2015-06-18 22:45 - 2015-06-18 22:45 - 36168993 _____ C:\Users\h4pple99\Downloads\2015AllStarPackage.zip
2015-06-18 20:20 - 2015-06-18 20:20 - 00000000 ____D C:\Users\h4pple99\Downloads\kc-rangers2015
2015-06-18 20:14 - 2015-06-18 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-06-18 20:14 - 2015-06-18 20:14 - 00000000 ____D C:\Program Files\7-Zip
2015-06-18 19:44 - 2015-06-18 19:44 - 00097079 _____ C:\Users\h4pple99\Downloads\MLB2K12 Roster Editor 1.1.zip
2015-06-18 19:34 - 2015-06-20 16:11 - 00000000 ____D C:\Users\h4pple99\Downloads\MLB2k12_15
2015-06-18 17:23 - 2015-06-21 18:58 - 00003490 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-06-18 17:10 - 2015-06-18 17:10 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\2K Sports
2015-06-18 17:01 - 2015-06-18 20:09 - 00002308 _____ C:\Users\Public\Desktop\Major League Baseball 2K12.lnk
2015-06-18 17:01 - 2015-06-18 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
2015-06-18 16:56 - 2015-06-18 16:56 - 00000000 ____D C:\Program Files (x86)\2K Sports
2015-06-13 21:29 - 2015-06-14 11:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2015-06-13 21:29 - 2015-06-13 21:33 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\NCH Software
2015-06-13 21:29 - 2015-06-13 21:29 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
2015-06-13 21:29 - 2015-06-13 21:29 - 00001141 _____ C:\Users\Public\Desktop\Debut Video Capture Software.lnk
2015-06-13 21:29 - 2015-06-13 21:29 - 00000000 ____D C:\ProgramData\NCH Software
2015-06-13 21:29 - 2015-06-13 21:29 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-06-13 21:21 - 2015-06-13 21:22 - 00003584 _____ C:\Users\h4pple99\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-13 21:21 - 2015-06-13 21:22 - 00000000 ____D C:\Users\h4pple99\Documents\ezvid
2015-06-13 21:21 - 2015-06-13 21:21 - 00000000 ____D C:\Users\h4pple99\AppData\Local\ezvid,_inc
2015-06-11 07:43 - 2015-06-18 18:52 - 00003624 _____ C:\WINDOWS\PFRO.log
2015-06-11 07:33 - 2015-06-23 19:56 - 00000787 _____ C:\WINDOWS\setupact.log
2015-06-11 07:33 - 2015-06-11 07:33 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-06 19:37 - 2015-06-06 19:37 - 01986336 _____ ( ) C:\Users\h4pple99\Desktop\survarium-web-installer-028a2.exe
2015-06-05 21:57 - 2015-06-05 21:57 - 02090492 _____ C:\Users\h4pple99\Desktop\video-1433534172.mp4.mp4
2015-06-02 18:09 - 2015-06-02 18:09 - 00617238 _____ C:\Users\h4pple99\Desktop\video-1433246193.mp4.mp4
2015-05-30 20:41 - 2015-05-30 20:42 - 00000000 ____D C:\Users\h4pple99\Documents\BloodBowlChaos
2015-05-30 20:14 - 2015-06-20 12:16 - 00027510 _____ C:\WINDOWS\DirectX.log
2015-05-30 20:12 - 2015-05-30 20:12 - 00002048 _____ C:\Users\Public\Desktop\Blood Bowl Chaos Edition.lnk
2015-05-30 20:12 - 2015-05-30 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blood Bowl Chaos Edition
2015-05-30 20:02 - 2015-05-30 20:12 - 00000000 ____D C:\Program Files (x86)\Blood Bowl Chaos Edition
2015-05-30 19:44 - 2015-05-30 19:59 - 00000000 ____D C:\Users\h4pple99\Downloads\flt-bbce
2015-05-29 21:34 - 2015-05-29 21:35 - 00000000 ____D C:\Users\h4pple99\Downloads\Hra o trůny
2015-05-29 14:19 - 2015-05-29 14:39 - 00000000 ____D C:\Users\h4pple99\Downloads\P90X3 (Dual Audio Workouts + Nutrition + Schedule)
2015-05-28 10:50 - 2015-06-23 20:19 - 01530058 _____ C:\WINDOWS\WindowsUpdate.log
2015-05-28 10:19 - 2015-05-28 10:20 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Origin
2015-05-28 10:18 - 2015-05-28 10:18 - 00001006 _____ C:\Users\Public\Desktop\Origin.lnk
2015-05-28 10:18 - 2015-05-28 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-05-24 13:59 - 2015-06-23 20:25 - 00000000 ____D C:\FRST
2015-05-24 10:51 - 2015-05-24 10:51 - 00000566 _____ C:\WINDOWS\system32\.crusader
2015-05-24 10:35 - 2015-05-24 10:52 - 00043664 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-05-24 10:35 - 2015-05-24 10:51 - 00000000 ____D C:\ProgramData\HitmanPro
2015-05-24 02:11 - 2015-05-24 02:11 - 00000000 ____D C:\AVAST Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-23 20:19 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-23 20:18 - 2014-12-25 11:52 - 05028302 _____ C:\Users\Public\CAFADEBUG.log
2015-06-23 20:17 - 2014-12-24 19:25 - 00000954 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-23 20:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-23 20:10 - 2014-09-24 07:35 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-23 19:57 - 2014-12-24 18:20 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Nitro PDF
2015-06-23 19:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-23 19:43 - 2014-12-24 19:25 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-23 19:42 - 2014-12-24 19:26 - 00002226 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-21 15:42 - 2014-12-25 21:26 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\vlc
2015-06-21 13:32 - 2014-12-25 11:22 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3547628435-3712409865-1790832751-1002
2015-06-20 23:49 - 2015-03-26 22:05 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-20 22:04 - 2015-05-17 16:01 - 00003974 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B98C943C-C770-4D89-B63D-386C9D33D4FF}
2015-06-20 11:54 - 2014-12-25 21:11 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\uTorrent
2015-06-18 18:52 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-18 17:01 - 2014-12-25 12:38 - 00576512 ___SH C:\Users\h4pple99\Desktop\Thumbs.db
2015-06-17 19:32 - 2014-12-25 14:24 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Battle.net
2015-06-17 18:14 - 2013-10-24 15:38 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-06-13 19:16 - 2015-03-26 22:05 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-06-13 19:16 - 2014-12-24 18:19 - 00000000 ____D C:\Users\h4pple99\AppData\Local\Adobe
2015-06-13 19:16 - 2013-08-12 15:44 - 00000000 ____D C:\ProgramData\McAfee
2015-06-11 07:46 - 2014-12-25 12:44 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-10 19:34 - 2015-03-21 11:15 - 00003838 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1378842729
2015-06-10 19:34 - 2013-09-10 21:52 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-09 18:32 - 2014-11-05 23:46 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-06-04 00:24 - 2014-12-25 13:30 - 00000000 ____D C:\ProgramData\Origin
2015-06-03 22:01 - 2014-12-25 13:30 - 00000000 ____D C:\Users\h4pple99\AppData\Roaming\Origin
2015-06-03 22:01 - 2013-09-10 19:40 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-03 14:42 - 2013-10-24 15:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-03 10:29 - 2015-01-23 01:14 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2015-06-03 10:29 - 2015-01-23 01:14 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-05-31 15:23 - 2013-08-15 19:09 - 00000000 ____D C:\Users\h4pple99\Desktop\Torrents
2015-05-28 10:18 - 2014-12-26 13:22 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-05-28 10:15 - 2015-01-18 17:17 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-28 10:15 - 2013-08-16 01:48 - 00000000 ____D C:\Program Files\CCleaner
2015-05-24 14:03 - 2013-08-26 09:32 - 00000000 ____D C:\Program Files (x86)\Steam
2015-05-24 10:22 - 2014-07-04 13:33 - 00000000 ____D C:\AdwCleaner

==================== Files in the root of some directories =======

2014-12-24 18:10 - 2014-12-25 19:24 - 0006379 _____ () C:\Users\h4pple99\AppData\Roaming\AbsoluteReminder.xml
2015-06-13 21:21 - 2015-06-13 21:22 - 0003584 _____ () C:\Users\h4pple99\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-23 23:09 - 2015-05-23 23:09 - 0000000 ___SH () C:\Users\h4pple99\AppData\Local\LumaEmu
2013-08-12 15:22 - 2013-08-12 15:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\h4pple99\AppData\Local\Temp\Quarantine.exe
C:\Users\h4pple99\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-22 20:34

==================== End of log ============================

#15 Příspěvek od **vyosek** » 23 čer 2015 20:36

Spustte tam MBAM http://forum.viry.cz/viewtopic.php?f=29&t=137928

VIRY.CZ

problem s malware, sytem nechce spustat ziadny program

problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program

Re: problem s malware, sytem nechce spustat ziadny program