VIRY.CZ

Trvalo to až skoro do teď.

ComboFix 13-10-01.03 - Martin 02.10.2013 20:04:18.1.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4060.1361 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\AutoRun.ini
c:\windows\SysWow64\logs
c:\windows\SysWow64\logs\130707_151911.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-02 do 2013-10-02 )))))))))))))))))))))))))))))))
.
.
2013-10-02 18:17 . 2013-10-02 18:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-02 18:17 . 2013-10-02 18:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-01 20:00 . 2013-10-01 20:01 -------- d-----w- c:\users\Martin\AppData\Local\Facebook
2013-10-01 19:51 . 2013-10-01 19:51 -------- d-----w- c:\users\Martin\AppData\Local\Knihovnik
2013-10-01 18:11 . 2013-10-01 19:57 -------- d-----w- c:\users\Martin\AppData\Roaming\uTorrent
2013-09-27 21:32 . 2013-09-27 21:32 -------- d-----w- c:\users\Martin\AppData\Local\SKIDROW
2013-09-27 07:06 . 2007-01-01 18:03 40960 ----a-r- c:\windows\SysWow64\psfind.dll
2013-09-27 07:06 . 2006-07-11 16:43 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-09-27 07:06 . 2006-07-11 16:35 503808 ----a-w- c:\windows\SysWow64\MSVCP71.dll
2013-09-27 07:03 . 2013-09-28 08:15 -------- d-----w- c:\program files (x86)\THQ
2013-09-25 15:46 . 2013-09-25 15:47 -------- d-----w- c:\users\Martin\AppData\Roaming\MyPhoneExplorer
2013-09-25 15:46 . 2013-09-25 15:46 -------- d-----w- c:\program files (x86)\MyPhoneExplorer
2013-09-22 10:12 . 2013-09-22 14:27 -------- d-----w- C:\AdwCleaner
2013-09-22 08:39 . 2013-09-22 08:39 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2013-09-22 08:38 . 2013-09-22 08:38 -------- d-----w- c:\programdata\Malwarebytes
2013-09-22 08:38 . 2013-09-22 08:38 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-09-21 18:11 . 2013-09-21 18:11 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-09-21 17:37 . 2013-09-21 17:47 -------- d-----w- c:\program files\trend micro
2013-09-21 17:37 . 2013-09-21 17:47 -------- d-----w- C:\rsit
2013-09-14 21:52 . 2013-09-14 21:52 -------- d-----w- c:\users\Martin\AppData\Local\avgchrome
2013-09-13 14:03 . 2013-09-13 14:03 -------- d-----w- c:\program files (x86)\OSCAR Editor X7
2013-09-13 14:02 . 2013-09-13 14:02 -------- d-----w- c:\program files (x86)\OscarEditor
2013-09-11 23:17 . 2013-09-11 23:17 571168 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-09-11 16:51 . 2013-09-11 16:51 21840 ----a-w- c:\windows\SysWow64\SIntfNT.dll
2013-09-11 16:51 . 2013-09-11 16:51 17212 ----a-w- c:\windows\SysWow64\SIntf32.dll
2013-09-11 16:51 . 2013-09-11 16:51 12067 ----a-w- c:\windows\SysWow64\SIntf16.dll
2013-09-11 16:29 . 2013-09-11 16:29 94208 ----a-w- c:\windows\DIIUnin.exe
2013-09-11 16:29 . 2013-09-11 16:29 2829 ----a-w- c:\windows\DIIUnin.pif
2013-09-11 16:27 . 2013-09-21 14:41 -------- d-----w- c:\program files\Diablo II
2013-09-10 08:56 . 2013-09-10 08:56 -------- d-----w- c:\users\Martin\AppData\Local\Overwolf
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-02 15:51 . 2013-07-21 09:24 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-02 15:51 . 2013-07-21 09:24 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-20 12:03 . 2013-06-22 11:15 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-20 12:03 . 2013-06-22 11:15 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 08:58 . 2013-05-01 11:22 12947360 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-09-12 08:58 . 2013-05-01 11:22 2986672 ----a-w- c:\windows\system32\nvapi64.dll
2013-09-12 08:58 . 2013-02-25 22:32 2630304 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-09-12 08:58 . 2009-07-13 21:59 15901448 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-09-12 07:25 . 2013-05-01 11:23 6599968 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 07:25 . 2013-05-01 11:23 3452192 ----a-w- c:\windows\system32\nvsvc64.dll
2013-09-12 07:25 . 2013-05-01 11:23 920864 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 07:25 . 2013-05-01 11:23 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 07:25 . 2013-05-01 11:23 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-08-20 13:32 . 2013-08-11 13:55 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-07-22 18:50 . 2013-07-22 18:50 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-07-21 09:24 . 2013-07-21 09:24 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-09-27 9866032]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2012-03-20 3340288]
"Facebook Update"="c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-10-01 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2013-6-25 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswVmm;aswVmm; [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys;c:\windows\SYSNATIVE\DRIVERS\wod0205.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-21 09:05 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10 12:03]
.
2013-10-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2341847456-1455273517-2615858667-1000Core.job
- c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-01 20:00]
.
2013-10-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2341847456-1455273517-2615858667-1000UA.job
- c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-01 20:00]
.
2013-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01 11:40]
.
2013-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01 11:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2341847456-1455273517-2615858667-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ba,c8,8d,2b,53,93,94,85,bb,02,db,7b,3c,3a,d1,b9,ad,c9,48,e0,28,ec,8b,
5a,51,6f,57,20,a0,33,65,1b,55,ea,97,fb,1c,da,53,63,e1,23,34,a2,6b,8c,a6,99,\
"??"=hex:14,32,8a,1a,90,ee,08,cd,33,11,b9,a9,0b,80,bd,e4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-02 20:40:26
ComboFix-quarantined-files.txt 2013-10-02 18:40
.
Před spuštěním: Volných bajtů: 30 926 925 824
Po spuštění: Volných bajtů: 31 337 754 624
.
- - End Of File - - 425533F6E01272FCD14B72A75524090C
A36C5E4F47E84449FF07ED3517B43A31

Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 13-10-03.03 - Martin 03.10.2013 22:10:48.2.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4060.1986 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2341847456-1455273517-2615858667-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2341847456-1455273517-2615858667-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2341847456-1455273517-2615858667-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2341847456-1455273517-2615858667-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-03 do 2013-10-03 )))))))))))))))))))))))))))))))
.
.
2013-10-03 20:15 . 2013-10-03 20:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-03 20:15 . 2013-10-03 20:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-03 17:19 . 2013-10-03 17:19 -------- d-----w- c:\users\Martin\AppData\Local\LogMeIn
2013-10-03 17:19 . 2013-10-03 17:19 -------- d-----w- c:\programdata\LogMeIn
2013-10-03 06:20 . 2013-10-03 06:20 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-10-01 20:00 . 2013-10-01 20:01 -------- d-----w- c:\users\Martin\AppData\Local\Facebook
2013-10-01 19:51 . 2013-10-01 19:51 -------- d-----w- c:\users\Martin\AppData\Local\Knihovnik
2013-10-01 18:11 . 2013-10-01 19:57 -------- d-----w- c:\users\Martin\AppData\Roaming\uTorrent
2013-09-27 21:32 . 2013-09-27 21:32 -------- d-----w- c:\users\Martin\AppData\Local\SKIDROW
2013-09-27 07:06 . 2007-01-01 18:03 40960 ----a-r- c:\windows\SysWow64\psfind.dll
2013-09-27 07:06 . 2006-07-11 16:43 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-09-27 07:06 . 2006-07-11 16:35 503808 ----a-w- c:\windows\SysWow64\MSVCP71.dll
2013-09-27 07:03 . 2013-09-28 08:15 -------- d-----w- c:\program files (x86)\THQ
2013-09-25 15:46 . 2013-09-25 15:47 -------- d-----w- c:\users\Martin\AppData\Roaming\MyPhoneExplorer
2013-09-25 15:46 . 2013-09-25 15:46 -------- d-----w- c:\program files (x86)\MyPhoneExplorer
2013-09-22 10:12 . 2013-09-22 14:27 -------- d-----w- C:\AdwCleaner
2013-09-22 08:39 . 2013-09-22 08:39 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2013-09-22 08:38 . 2013-09-22 08:38 -------- d-----w- c:\programdata\Malwarebytes
2013-09-22 08:38 . 2013-09-22 08:38 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-09-21 18:11 . 2013-09-21 18:11 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-09-21 17:37 . 2013-09-21 17:47 -------- d-----w- c:\program files\trend micro
2013-09-21 17:37 . 2013-09-21 17:47 -------- d-----w- C:\rsit
2013-09-14 21:52 . 2013-09-14 21:52 -------- d-----w- c:\users\Martin\AppData\Local\avgchrome
2013-09-13 14:03 . 2013-09-13 14:03 -------- d-----w- c:\program files (x86)\OSCAR Editor X7
2013-09-13 14:02 . 2013-09-13 14:02 -------- d-----w- c:\program files (x86)\OscarEditor
2013-09-11 23:17 . 2013-09-11 23:17 571168 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-09-11 16:51 . 2013-09-11 16:51 21840 ----a-w- c:\windows\SysWow64\SIntfNT.dll
2013-09-11 16:51 . 2013-09-11 16:51 17212 ----a-w- c:\windows\SysWow64\SIntf32.dll
2013-09-11 16:51 . 2013-09-11 16:51 12067 ----a-w- c:\windows\SysWow64\SIntf16.dll
2013-09-11 16:29 . 2013-09-11 16:29 94208 ----a-w- c:\windows\DIIUnin.exe
2013-09-11 16:29 . 2013-09-11 16:29 2829 ----a-w- c:\windows\DIIUnin.pif
2013-09-11 16:27 . 2013-09-21 14:41 -------- d-----w- c:\program files\Diablo II
2013-09-10 08:56 . 2013-09-10 08:56 -------- d-----w- c:\users\Martin\AppData\Local\Overwolf
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-02 15:51 . 2013-07-21 09:24 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-02 15:51 . 2013-07-21 09:24 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-20 12:03 . 2013-06-22 11:15 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-20 12:03 . 2013-06-22 11:15 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 08:58 . 2013-05-01 11:22 12947360 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-09-12 08:58 . 2013-05-01 11:22 2986672 ----a-w- c:\windows\system32\nvapi64.dll
2013-09-12 08:58 . 2013-02-25 22:32 2630304 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-09-12 08:58 . 2009-07-13 21:59 15901448 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-09-12 07:25 . 2013-05-01 11:23 6599968 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 07:25 . 2013-05-01 11:23 3452192 ----a-w- c:\windows\system32\nvsvc64.dll
2013-09-12 07:25 . 2013-05-01 11:23 920864 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 07:25 . 2013-05-01 11:23 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 07:25 . 2013-05-01 11:23 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-08-20 13:32 . 2013-08-11 13:55 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-07-22 18:50 . 2013-07-22 18:50 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-07-21 09:24 . 2013-07-21 09:24 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2012-03-20 3340288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2013-6-25 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswVmm;aswVmm; [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys;c:\windows\SYSNATIVE\DRIVERS\wod0205.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-21 09:05 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Garena Plus\ggdllhost.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2013-10-03 22:21:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-03 20:21
ComboFix2.txt 2013-10-02 18:40
.
Před spuštěním: Volných bajtů: 31 701 184 512
Po spuštění: Volných bajtů: 31 364 911 104
.
- - End Of File - - A948A8501F1AF75C3CA1B8FA85FE822A
A36C5E4F47E84449FF07ED3517B43A31

Dejte novy log z RSIT

+

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2013-10-04 09:35:03
Microsoft Windows 7 Professional
System drive C: has 30 GB (30%) free of 100 GB
Total RAM: 4060 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:35:06, on 4.10.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Martin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-21-2341847456-1455273517-2615858667-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2341847456-1455273517-2615858667-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8440 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {02362705-F997-4EB3-9187-E6450307726A}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {CBCFBD63-CE9A-4AC1-A84C-442B3AB5C533}
"C:\Program Files (x86)\Garena Plus\ggdllhost.exe" "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 2796
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 2840
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 3104
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-2140476161733746608-289426903-2054070902-884321383264239262-1724273362-1441942234
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4380.0.948554006\1409829286" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0640 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2723 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="4380.1.289673614\1865481453" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4380.2.892296149\224006965" /prefetch:673131151
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Martin\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll" --lang=cs --channel="4380.6.1587321576\1617308039" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=cs --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4380.9.2089754254\566848455" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4380.10.1218646127\1679889192" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Martin\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-03 553376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-03 211360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2012-03-20 3340288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-13 204136]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-01 2345296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-10-03 22:21:15 ----A---- C:\ComboFix.txt
2013-10-03 22:18:13 ----SHD---- C:\$RECYCLE.BIN
2013-10-03 19:19:39 ----D---- C:\ProgramData\LogMeIn
2013-10-03 08:20:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 20:02:13 ----A---- C:\Windows\zip.exe
2013-10-02 20:02:13 ----A---- C:\Windows\SWSC.exe
2013-10-02 20:02:13 ----A---- C:\Windows\SWREG.exe
2013-10-02 20:02:13 ----A---- C:\Windows\sed.exe
2013-10-02 20:02:13 ----A---- C:\Windows\PEV.exe
2013-10-02 20:02:13 ----A---- C:\Windows\NIRCMD.exe
2013-10-02 20:02:13 ----A---- C:\Windows\MBR.exe
2013-10-02 20:02:13 ----A---- C:\Windows\grep.exe
2013-10-02 20:00:43 ----D---- C:\Qoobox
2013-10-02 20:00:07 ----D---- C:\Windows\erdnt
2013-10-01 20:11:41 ----D---- C:\Users\Martin\AppData\Roaming\uTorrent
2013-09-27 09:06:58 ----RA---- C:\Windows\SYSWOW64\psfind.dll
2013-09-27 09:06:58 ----A---- C:\Windows\SYSWOW64\MSVCP71.dll
2013-09-27 09:06:58 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2013-09-27 09:03:17 ----D---- C:\Program Files (x86)\THQ
2013-09-25 17:46:43 ----D---- C:\Users\Martin\AppData\Roaming\MyPhoneExplorer
2013-09-25 17:46:38 ----D---- C:\Program Files (x86)\MyPhoneExplorer
2013-09-22 12:12:34 ----D---- C:\AdwCleaner
2013-09-22 10:39:03 ----D---- C:\Users\Martin\AppData\Roaming\Malwarebytes
2013-09-22 10:38:48 ----D---- C:\ProgramData\Malwarebytes
2013-09-21 20:11:03 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-09-21 19:55:12 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-09-21 19:55:11 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-09-21 19:55:09 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-09-21 19:55:09 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-09-21 19:55:09 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-09-21 19:55:09 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-09-21 19:55:09 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-09-21 19:55:09 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-09-21 19:55:09 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\nvopencl.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\nvoglv64.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\NvIFR64.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\nvdispgenco6432723.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\nvcuvid.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\nvcuda.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\nvcompiler.dll
2013-09-21 19:55:09 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-09-21 19:55:08 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-09-21 19:55:08 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-09-21 19:55:08 ----A---- C:\Windows\system32\NvFBC64.dll
2013-09-21 19:55:08 ----A---- C:\Windows\system32\nvdispco6432723.dll
2013-09-21 19:37:53 ----D---- C:\Program Files\trend micro
2013-09-21 19:37:52 ----D---- C:\rsit
2013-09-13 16:03:35 ----D---- C:\Program Files (x86)\OSCAR Editor X7
2013-09-13 16:02:44 ----D---- C:\Program Files (x86)\OscarEditor
2013-09-12 01:17:50 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2013-09-11 18:51:43 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2013-09-11 18:51:43 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2013-09-11 18:51:43 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2013-09-11 18:29:06 ----A---- C:\Windows\DIIUnin.dat
2013-09-11 18:29:05 ----A---- C:\Windows\DIIUnin.pif
2013-09-11 18:29:05 ----A---- C:\Windows\DIIUnin.exe
2013-09-11 18:27:28 ----D---- C:\Program Files\Diablo II
2013-09-11 18:00:30 ----A---- C:\Windows\d2_lod.INI

======List of files/folders modified in the last 1 month======

2013-10-04 09:29:31 ----D---- C:\Windows\Temp
2013-10-04 09:29:09 ----D---- C:\Windows\system32\Tasks
2013-10-04 09:28:56 ----D---- C:\ProgramData\NVIDIA
2013-10-03 23:43:11 ----D---- C:\Users\Martin\AppData\Roaming\TS3Client
2013-10-03 22:22:30 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-10-03 22:21:17 ----D---- C:\Windows\system32\drivers
2013-10-03 22:18:05 ----D---- C:\Windows
2013-10-03 22:18:05 ----A---- C:\Windows\system.ini
2013-10-03 22:17:58 ----D---- C:\Windows\system32\drivers\etc
2013-10-03 22:16:12 ----D---- C:\Windows\system32\config
2013-10-03 22:15:31 ----D---- C:\Windows\Tasks
2013-10-03 22:13:47 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-03 22:13:47 ----D---- C:\Windows\SysWOW64
2013-10-03 22:13:47 ----D---- C:\Windows\AppPatch
2013-10-03 22:13:46 ----D---- C:\Program Files (x86)\Common Files
2013-10-03 22:08:41 ----SHD---- C:\System Volume Information
2013-10-03 19:19:54 ----D---- C:\Users\Martin\AppData\Roaming\GarenaPlus
2013-10-03 19:19:54 ----D---- C:\ProgramData\GarenaMessenger
2013-10-03 19:19:39 ----D---- C:\ProgramData
2013-10-03 08:20:25 ----SHD---- C:\Windows\Installer
2013-10-03 08:20:15 ----RD---- C:\Program Files (x86)
2013-10-01 21:57:14 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2013-10-01 21:19:16 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-10-01 20:09:54 ----D---- C:\Windows\system32\catroot2
2013-09-29 18:26:13 ----D---- C:\Windows\System32
2013-09-29 18:26:13 ----D---- C:\Windows\inf
2013-09-29 18:26:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-29 16:47:25 ----D---- C:\Program Files (x86)\Garena Plus
2013-09-29 02:46:30 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2013-09-28 20:20:57 ----D---- C:\Windows\Prefetch
2013-09-28 20:19:01 ----D---- C:\ProgramData\Blizzard Entertainment
2013-09-27 20:00:50 ----D---- C:\Windows\SYSWOW64\directx
2013-09-27 09:13:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-25 17:41:35 ----D---- C:\Windows\system32\DriverStore
2013-09-25 17:41:35 ----D---- C:\Windows\system32\catroot
2013-09-21 20:17:20 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-09-21 20:16:33 ----RSD---- C:\Windows\assembly
2013-09-21 19:37:53 ----RD---- C:\Program Files
2013-09-21 13:46:12 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2013-09-20 14:03:43 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-12 10:58:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-09-12 10:58:10 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-09-12 10:58:10 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-09-12 10:58:10 ----A---- C:\Windows\system32\nvapi64.dll
2013-09-12 09:25:43 ----A---- C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25:43 ----A---- C:\Windows\system32\nvcpl.dll
2013-09-12 09:25:40 ----A---- C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25:40 ----A---- C:\Windows\system32\nvshext.dll
2013-09-12 09:25:40 ----A---- C:\Windows\system32\nvmctray.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-06 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 wod0205;WeOnlyDo Network Adapter 2.5; C:\Windows\system32\DRIVERS\wod0205.sys [2011-04-23 33160]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
S3 LVUVC64;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;Sony so0101 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-01 2746704]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-21 75064]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 257416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01 116648]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01 116648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-27 563624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Fajn, tak jeste ten OTL a budem mazat

Omlouvám se, že do toho takhle vstupuji, ale OTL mi hodilo nějako chybu že nelze vytvořit dat.cmd. Tak jsem se naštval a zformátoval kompletně celý počítač, ale i tak děkuji za snahu a trpělivost mi pomoct pročistit PC. Omlouvám se za ukradený čas, vyřešil jsem to radikálněji. Ještě jednou se teda omlouvám.

Děkuji

Ale jestli budete moct, chtěl bych s něčím poradit. Jestli nevíte co může být toto http://screenshot.cz/815EW/wtf.jpg a jestli by jste se i koukl do logu jestli je po nainstalování vše ok. Prosím.

Tak už to mám vše ok!

Byl jsem v praci, takze jsem nemohl odpovedet

No je to skoda, stacilo poupravit skript a pak uz bychom to jen promazli a bylo by hotovo. Ale tak obcas nezaskodi to zformatovat. Akorat jsme to vsechno delali zbytecne

Tak sem ten log dejte, at se muzu podivat

Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2013-10-05 15:00:19
Microsoft Windows 7 Professional
System drive C: has 228 GB (75%) free of 305 GB
Total RAM: 4060 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:00:24, on 5.10.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16506)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Martin\WoW\World of Warcraft - Cataclysm 4.3.4 (15595)\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2532294248-12516563-20730892-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2532294248-12516563-20730892-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SetupARService - Realtek Semiconductor. - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8107 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "775983531321215536-2107074126-1369752617128967897-2092046410-1093183770-1782514376
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\GamePark2\gpcl.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
szndesktop.exe default start
"C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1839428920-1670731590-440973925469433219-162647276-18968934611597039091022391579
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="860.0.1437003190\1575622726" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,21,24,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0640 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2723 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_DefaultControl_R1/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="860.1.1455778764\1934792129" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_DefaultControl_R1/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="860.2.49533890\1864345214" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_DefaultControl_R1/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="860.7.380439453\319610793" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="860.8.1155926077\1866578279" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_DefaultControl_R1/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="860.13.1340297607\507047483" /prefetch:673131151
"C:\Martin\WoW\World of Warcraft - Cataclysm 4.3.4 (15595)\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_DefaultControl_R1/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/OutdatedInstallCheck/12WeeksOutdatedInstall/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="860.64.833550929\814823224" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Martin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-04 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-04 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"cz.seznam.software.autoupdate"=C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-13 204136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-10-05 15:00:20 ----D---- C:\Program Files\trend micro
2013-10-05 15:00:19 ----D---- C:\rsit
2013-10-05 13:09:04 ----D---- C:\Program Files\Common Files\logishrd
2013-10-05 13:08:53 ----D---- C:\Program Files (x86)\Logitech
2013-10-04 19:41:48 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2013-10-04 19:41:48 ----A---- C:\Windows\system32\wcncsvc.dll
2013-10-04 19:21:13 ----D---- C:\Windows\system32\MRT
2013-10-04 19:21:08 ----A---- C:\Windows\system32\MRT.exe
2013-10-04 17:46:22 ----D---- C:\Program Files (x86)\Garena Plus
2013-10-04 17:46:15 ----D---- C:\ProgramData\GarenaMessenger
2013-10-04 17:37:17 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2013-10-04 17:37:17 ----A---- C:\Windows\system32\msv1_0.dll
2013-10-04 17:16:53 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-10-04 17:16:53 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-04 17:16:52 ----A---- C:\Windows\system32\Wdfres.dll
2013-10-04 17:03:47 ----A---- C:\Windows\system32\browserchoice.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\url.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-10-04 17:00:21 ----A---- C:\Windows\SYSWOW64\admparse.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\wininet.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\urlmon.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-10-04 17:00:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-04 17:00:21 ----A---- C:\Windows\system32\pngfilt.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\occache.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\msrating.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\msls31.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\mshtmler.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\mshtml.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\mshta.exe
2013-10-04 17:00:21 ----A---- C:\Windows\system32\msfeedssync.exe
2013-10-04 17:00:21 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\jscript9.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\jscript.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\imgutil.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\ieUnatt.exe
2013-10-04 17:00:21 ----A---- C:\Windows\system32\ieui.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\iertutil.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\iepeers.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\ieframe.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\ieakui.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\ieaksie.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\ieakeng.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-10-04 17:00:21 ----A---- C:\Windows\system32\admparse.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\wextract.exe
2013-10-04 17:00:20 ----A---- C:\Windows\system32\webcheck.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\vbscript.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\url.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\mshtmled.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\licmgr10.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\inseng.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\iexpress.exe
2013-10-04 17:00:20 ----A---- C:\Windows\system32\iesetup.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\iernonce.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\iedkcs32.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\ieapfltr.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-04 17:00:20 ----A---- C:\Windows\system32\icardie.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\dxtrans.dll
2013-10-04 17:00:20 ----A---- C:\Windows\system32\dxtmsft.dll
2013-10-04 16:28:22 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-04 16:28:22 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-04 16:28:22 ----A---- C:\Windows\system32\fontsub.dll
2013-10-04 16:28:22 ----A---- C:\Windows\system32\atmlib.dll
2013-10-04 16:28:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-04 16:28:21 ----A---- C:\Windows\system32\atmfd.dll
2013-10-04 16:26:48 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-10-04 16:26:48 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-10-04 16:26:47 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-10-04 16:26:46 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-10-04 16:26:43 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-10-04 16:26:42 ----A---- C:\Windows\system32\WUDFx.dll
2013-10-04 16:26:42 ----A---- C:\Windows\system32\WUDFHost.exe
2013-10-04 16:07:19 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-10-04 16:07:19 ----A---- C:\Windows\system32\imagehlp.dll
2013-10-04 16:07:19 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-10-04 16:07:18 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-10-04 16:07:18 ----A---- C:\Windows\system32\wmi.dll
2013-10-04 15:59:23 ----D---- C:\Program Files (x86)\Seznam.cz
2013-10-04 15:59:04 ----D---- C:\Users\Martin\AppData\Roaming\Seznam.cz
2013-10-04 15:58:58 ----D---- C:\ProgramData\SuperOvladac
2013-10-04 15:56:03 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-04 15:56:03 ----A---- C:\Windows\system32\drivers\ks.sys
2013-10-04 15:51:34 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2013-10-04 15:51:34 ----A---- C:\Windows\system32\CertEnroll.dll
2013-10-04 15:51:28 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-04 15:51:28 ----A---- C:\Windows\system32\comctl32.dll
2013-10-04 15:51:26 ----A---- C:\Windows\system32\winlogon.exe
2013-10-04 15:50:53 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-10-04 15:50:53 ----A---- C:\Windows\system32\poqexec.exe
2013-10-04 15:50:51 ----A---- C:\Windows\system32\odbccu32.dll
2013-10-04 15:50:51 ----A---- C:\Windows\system32\odbccr32.dll
2013-10-04 15:50:50 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-10-04 15:50:50 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-10-04 15:50:50 ----A---- C:\Windows\system32\odbctrac.dll
2013-10-04 15:50:50 ----A---- C:\Windows\system32\odbccp32.dll
2013-10-04 15:50:49 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-10-04 15:50:49 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-10-04 15:50:49 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-10-04 15:50:41 ----A---- C:\Windows\system32\ntshrui.dll
2013-10-04 15:50:40 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2013-10-04 15:50:32 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-10-04 15:50:32 ----A---- C:\Windows\system32\tzres.dll
2013-10-04 15:50:16 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-10-04 15:50:16 ----A---- C:\Windows\explorer.exe
2013-10-04 15:50:15 ----A---- C:\Windows\system32\asycfilt.dll
2013-10-04 15:50:14 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2013-10-04 15:50:12 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-10-04 15:50:00 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2013-10-04 15:50:00 ----A---- C:\Windows\system32\t2embed.dll
2013-10-04 15:49:56 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-10-04 15:49:55 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-10-04 15:49:53 ----A---- C:\Windows\system32\mfc42u.dll
2013-10-04 15:49:52 ----A---- C:\Windows\system32\mfc42.dll
2013-10-04 15:49:51 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-10-04 15:49:50 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-10-04 15:47:09 ----A---- C:\Windows\system32\shell32.dll
2013-10-04 15:47:05 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-10-04 15:46:50 ----D---- C:\ProgramData\Battle.net
2013-10-04 15:46:46 ----A---- C:\Windows\system32\d3d10level9.dll
2013-10-04 15:46:45 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-10-04 15:46:25 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-10-04 15:42:15 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-10-04 15:42:03 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2013-10-04 15:41:59 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2013-10-04 15:41:57 ----A---- C:\Windows\SYSWOW64\mf.dll
2013-10-04 15:41:55 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2013-10-04 15:41:35 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-10-04 15:41:31 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-10-04 15:41:28 ----A---- C:\Windows\system32\mfps.dll
2013-10-04 15:41:26 ----A---- C:\Windows\system32\mf.dll
2013-10-04 15:41:23 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-10-04 15:41:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-04 15:41:22 ----A---- C:\Windows\system32\cdd.dll
2013-10-04 15:41:19 ----A---- C:\Windows\system32\ExplorerFrame.dll
2013-10-04 15:41:10 ----A---- C:\Windows\system32\FntCache.dll
2013-10-04 15:41:07 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-10-04 15:40:15 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2013-10-04 14:58:03 ----A---- C:\Windows\system32\spoolsv.exe
2013-10-04 14:58:02 ----A---- C:\Windows\splwow64.exe
2013-10-04 14:53:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-10-04 14:53:37 ----A---- C:\Windows\system32\win32spl.dll
2013-10-04 14:53:30 ----A---- C:\Windows\system32\webio.dll
2013-10-04 14:53:29 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-10-04 14:53:24 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2013-10-04 14:53:24 ----A---- C:\Windows\system32\xmllite.dll
2013-10-04 14:53:21 ----A---- C:\Windows\system32\win32k.sys
2013-10-04 14:53:15 ----A---- C:\Windows\system32\d3d10warp.dll
2013-10-04 14:53:13 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-10-04 14:53:13 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-10-04 14:53:13 ----A---- C:\Windows\system32\d2d1.dll
2013-10-04 14:53:11 ----A---- C:\Windows\system32\DWrite.dll
2013-10-04 14:53:09 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-10-04 14:53:09 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-10-04 14:53:08 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-10-04 14:53:08 ----A---- C:\Windows\system32\d3d10_1.dll
2013-10-04 14:53:07 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-10-04 14:53:01 ----A---- C:\Windows\system32\CPFilters.dll
2013-10-04 14:52:57 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2013-10-04 14:52:54 ----A---- C:\Windows\system32\sbe.dll
2013-10-04 14:52:53 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-10-04 14:52:18 ----A---- C:\Windows\system32\mstscax.dll
2013-10-04 14:52:14 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-10-04 14:52:11 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-10-04 14:52:10 ----A---- C:\Windows\system32\aaclient.dll
2013-10-04 14:52:09 ----A---- C:\Windows\system32\tsgqec.dll
2013-10-04 14:52:08 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-10-04 14:51:00 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2013-10-04 14:51:00 ----A---- C:\Windows\system32\secproc_isv.dll
2013-10-04 14:50:59 ----A---- C:\Windows\SYSWOW64\secproc.dll
2013-10-04 14:50:59 ----A---- C:\Windows\system32\secproc.dll
2013-10-04 14:50:59 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-10-04 14:50:57 ----A---- C:\Windows\system32\RMActivate.exe
2013-10-04 14:50:56 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-10-04 14:50:56 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-10-04 14:50:55 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2013-10-04 14:50:54 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2013-10-04 14:50:54 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-10-04 14:50:54 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-10-04 14:50:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2013-10-04 14:50:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2013-10-04 14:50:52 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2013-10-04 14:50:52 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2013-10-04 14:50:46 ----A---- C:\Windows\system32\taskschd.dll
2013-10-04 14:50:46 ----A---- C:\Windows\system32\schedsvc.dll
2013-10-04 14:50:45 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-10-04 14:50:45 ----A---- C:\Windows\system32\taskeng.exe
2013-10-04 14:50:44 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2013-10-04 14:50:44 ----A---- C:\Windows\system32\taskcomp.dll
2013-10-04 14:50:43 ----A---- C:\Windows\system32\schtasks.exe
2013-10-04 14:50:42 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2013-10-04 14:50:42 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2013-10-04 14:50:42 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2013-10-04 14:50:34 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-10-04 14:50:34 ----A---- C:\Windows\system32\quartz.dll
2013-10-04 14:50:32 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-10-04 14:50:32 ----A---- C:\Windows\system32\qdvd.dll
2013-10-04 14:50:23 ----A---- C:\Windows\system32\ole32.dll
2013-10-04 14:50:21 ----A---- C:\Windows\SYSWOW64\ole32.dll
2013-10-04 14:50:13 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-10-04 14:50:12 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-10-04 14:50:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-10-04 14:50:01 ----A---- C:\Windows\system32\mssrch.dll
2013-10-04 14:50:00 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-10-04 14:49:59 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-10-04 14:49:59 ----A---- C:\Windows\system32\tquery.dll
2013-10-04 14:49:58 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-10-04 14:49:57 ----A---- C:\Windows\system32\mssph.dll
2013-10-04 14:49:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-10-04 14:49:55 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-10-04 14:49:55 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-10-04 14:49:55 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-10-04 14:49:54 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-10-04 14:49:54 ----A---- C:\Windows\system32\mssvp.dll
2013-10-04 14:49:53 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-10-04 14:49:53 ----A---- C:\Windows\system32\msscntrs.dll
2013-10-04 14:49:52 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-10-04 14:49:52 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-10-04 14:49:52 ----A---- C:\Windows\system32\mssphtb.dll
2013-10-04 14:49:51 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2013-10-04 14:49:44 ----A---- C:\Windows\system32\StructuredQuery.dll
2013-10-04 14:49:43 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2013-10-04 14:48:59 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-10-04 14:48:52 ----A---- C:\Windows\system32\msdri.dll
2013-10-04 14:48:26 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-10-04 14:48:26 ----A---- C:\Windows\system32\XpsPrint.dll
2013-10-04 14:47:59 ----A---- C:\Windows\SYSWOW64\upnp.dll
2013-10-04 14:47:59 ----A---- C:\Windows\system32\upnp.dll
2013-10-04 14:47:57 ----A---- C:\Windows\system32\winhttp.dll
2013-10-04 14:47:56 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-04 14:47:56 ----A---- C:\Windows\system32\davclnt.dll
2013-10-04 14:47:55 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2013-10-04 14:47:55 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2013-10-04 14:47:55 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-04 14:47:55 ----A---- C:\Windows\SYSWOW64\slwga.dll
2013-10-04 14:47:55 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-04 14:47:55 ----A---- C:\Windows\system32\wscsvc.dll
2013-10-04 14:47:55 ----A---- C:\Windows\system32\wscapi.dll
2013-10-04 14:47:55 ----A---- C:\Windows\system32\slwga.dll
2013-10-04 14:47:52 ----A---- C:\Windows\system32\rtutils.dll
2013-10-04 14:47:51 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2013-10-04 13:48:22 ----A---- C:\Windows\system32\schannel.dll
2013-10-04 13:48:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-10-04 13:48:20 ----A---- C:\Windows\system32\lsasrv.dll
2013-10-04 13:48:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-10-04 13:48:19 ----A---- C:\Windows\system32\drivers\cng.sys
2013-10-04 13:48:15 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-10-04 13:48:14 ----A---- C:\Windows\system32\sspicli.dll
2013-10-04 13:48:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-10-04 13:48:13 ----A---- C:\Windows\system32\sspisrv.dll
2013-10-04 13:48:13 ----A---- C:\Windows\system32\secur32.dll
2013-10-04 13:48:13 ----A---- C:\Windows\system32\lsass.exe
2013-10-04 13:48:12 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-10-04 13:47:54 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-10-04 13:47:50 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-10-04 13:47:49 ----A---- C:\Windows\system32\rdpwsx.dll
2013-10-04 13:45:38 ----A---- C:\Windows\system32\msxml6.dll
2013-10-04 13:45:38 ----A---- C:\Windows\system32\msxml3.dll
2013-10-04 13:45:36 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-10-04 13:45:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-10-04 13:45:07 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-10-04 13:44:55 ----A---- C:\Windows\system32\profsvc.dll
2013-10-04 13:44:36 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-10-04 13:44:36 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-10-04 13:44:36 ----A---- C:\Windows\system32\dnsapi.dll
2013-10-04 13:44:34 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-10-04 13:44:33 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-10-04 13:38:58 ----D---- C:\Windows\pss
2013-10-04 13:35:26 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-10-04 13:34:59 ----D---- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2013-10-04 13:34:12 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-10-04 13:31:03 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-10-04 13:28:39 ----A---- C:\Windows\system32\dpnet.dll
2013-10-04 13:28:37 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-10-04 13:28:24 ----A---- C:\Windows\system32\msvidc32.dll
2013-10-04 13:28:23 ----A---- C:\Windows\system32\msyuv.dll
2013-10-04 13:28:23 ----A---- C:\Windows\system32\iyuv_32.dll
2013-10-04 13:28:21 ----A---- C:\Windows\system32\msrle32.dll
2013-10-04 13:28:19 ----A---- C:\Windows\system32\tsbyuv.dll
2013-10-04 13:28:17 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2013-10-04 13:28:17 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2013-10-04 13:28:16 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2013-10-04 13:28:15 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2013-10-04 13:28:14 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2013-10-04 13:28:13 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2013-10-04 13:28:12 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2013-10-04 13:28:07 ----A---- C:\Windows\system32\wmpmde.dll
2013-10-04 13:28:05 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2013-10-04 13:28:00 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-10-04 13:28:00 ----A---- C:\Windows\system32\ncrypt.dll
2013-10-04 13:27:43 ----A---- C:\Windows\system32\wintrust.dll
2013-10-04 13:27:42 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-10-04 13:27:33 ----A---- C:\Windows\system32\KernelBase.dll
2013-10-04 13:27:33 ----A---- C:\Windows\system32\kernel32.dll
2013-10-04 13:27:32 ----A---- C:\Windows\system32\wow64win.dll
2013-10-04 13:27:32 ----A---- C:\Windows\system32\winsrv.dll
2013-10-04 13:27:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-10-04 13:27:31 ----A---- C:\Windows\system32\conhost.exe
2013-10-04 13:27:30 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-10-04 13:27:30 ----A---- C:\Windows\system32\wow64.dll
2013-10-04 13:27:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-04 13:27:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-04 13:27:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-04 13:27:28 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-04 13:27:28 ----A---- C:\Windows\system32\ntvdm64.dll
2013-10-04 13:27:27 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-04 13:27:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-04 13:27:23 ----A---- C:\Windows\system32\wow64cpu.dll
2013-10-04 13:27:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-10-04 13:27:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-04 13:27:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-04 13:27:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-04 13:27:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-04 13:27:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-04 13:27:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-04 13:27:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-04 13:27:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-10-04 13:27:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-10-04 13:27:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-04 13:27:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-04 13:27:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-04 13:27:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-04 13:27:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-10-04 13:27:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-04 13:27:15 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-04 13:27:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-04 13:27:15 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-04 13:27:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-04 13:27:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-04 13:27:14 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-04 13:27:14 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-04 13:27:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-10-04 13:27:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-10-04 13:27:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-04 13:27:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-10-04 13:27:13 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-04 13:27:13 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-04 13:27:13 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-04 13:27:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-04 13:27:12 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-04 13:27:12 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-04 13:27:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-10-04 13:27:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-10-04 13:27:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-04 13:27:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-04 13:27:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-04 13:27:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-04 13:27:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-04 13:27:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-04 13:27:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-04 13:27:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-10-04 13:27:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-04 13:27:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-04 13:27:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-10-04 13:27:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-10-04 13:27:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-04 13:27:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-10-04 13:27:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-04 13:27:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-10-04 13:27:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-10-04 13:27:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-04 13:27:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-10-04 13:27:07 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-04 13:26:43 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-10-04 13:26:41 ----A---- C:\Windows\system32\drivers\srv.sys
2013-10-04 13:26:40 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-10-04 13:26:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-10-04 13:26:37 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-10-04 13:26:37 ----A---- C:\Windows\system32\usp10.dll
2013-10-04 13:26:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-04 13:26:30 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-10-04 13:26:10 ----A---- C:\Windows\system32\Wpc.dll
2013-10-04 13:26:09 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-10-04 13:26:09 ----A---- C:\Windows\system32\gameux.dll
2013-10-04 13:26:08 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-10-04 13:24:51 ----A---- C:\Windows\system32\psisdecd.dll
2013-10-04 13:24:49 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-10-04 13:24:29 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-10-04 13:23:34 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-04 13:23:29 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-10-04 13:23:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-10-04 13:23:24 ----A---- C:\Windows\system32\kerberos.dll
2013-10-04 13:23:19 ----A---- C:\Windows\system32\msi.dll
2013-10-04 13:23:17 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-10-04 13:15:05 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-10-04 13:15:05 ----A---- C:\Windows\system32\synceng.dll
2013-10-04 13:15:02 ----A---- C:\Windows\system32\winresume.exe
2013-10-04 13:15:02 ----A---- C:\Windows\system32\winload.exe
2013-10-04 13:15:01 ----A---- C:\Windows\system32\kdusb.dll
2013-10-04 13:15:01 ----A---- C:\Windows\system32\kdcom.dll
2013-10-04 13:15:01 ----A---- C:\Windows\system32\kd1394.dll
2013-10-04 13:14:59 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2013-10-04 13:14:59 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2013-10-04 13:14:07 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2013-10-04 13:14:07 ----A---- C:\Windows\system32\msasn1.dll
2013-10-04 13:14:02 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-10-04 13:14:02 ----A---- C:\Windows\system32\mstsc.exe
2013-10-04 13:14:01 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-10-04 13:14:01 ----A---- C:\Windows\system32\netapi32.dll
2013-10-04 13:14:01 ----A---- C:\Windows\system32\browser.dll
2013-10-04 13:14:01 ----A---- C:\Windows\system32\browcli.dll
2013-10-04 13:14:00 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-10-04 13:13:54 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-10-04 13:13:54 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-10-04 13:13:54 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-10-04 13:13:53 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-10-04 13:13:53 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-10-04 13:13:50 ----A---- C:\Windows\system32\wmp.dll
2013-10-04 13:13:49 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-10-04 13:13:45 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-10-04 13:13:44 ----A---- C:\Windows\system32\wmploc.DLL
2013-10-04 13:13:40 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2013-10-04 13:13:40 ----A---- C:\Windows\system32\prevhost.exe
2013-10-04 13:13:38 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-10-04 13:13:37 ----A---- C:\Windows\system32\srcore.dll
2013-10-04 13:13:36 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-10-04 13:13:34 ----A---- C:\Windows\system32\FXSCOVER.exe
2013-10-04 13:13:33 ----A---- C:\Windows\system32\inetcomm.dll
2013-10-04 13:13:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-10-04 13:13:31 ----A---- C:\Windows\system32\msvcrt.dll
2013-10-04 13:13:30 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-10-04 13:13:29 ----A---- C:\Windows\system32\consent.exe
2013-10-04 13:13:27 ----A---- C:\Windows\system32\localspl.dll
2013-10-04 13:13:25 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-10-04 13:13:23 ----A---- C:\Windows\system32\oleaut32.dll
2013-10-04 13:13:23 ----A---- C:\Windows\system32\oleacc.dll
2013-10-04 13:13:22 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-10-04 13:13:22 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-10-04 13:13:21 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-10-04 13:13:21 ----A---- C:\Windows\system32\EncDec.dll
2013-10-04 13:13:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-04 13:13:06 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-04 13:13:06 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-04 13:13:05 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-10-04 13:13:05 ----A---- C:\Windows\system32\smss.exe
2013-10-04 13:13:05 ----A---- C:\Windows\system32\csrsrv.dll
2013-10-04 13:12:49 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2013-10-04 13:12:49 ----A---- C:\Windows\system32\odbc32.dll
2013-10-04 13:12:42 ----A---- C:\Windows\system32\ntdll.dll
2013-10-04 13:12:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-04 13:12:39 ----A---- C:\Windows\SYSWOW64\sscore.dll
2013-10-04 13:12:39 ----A---- C:\Windows\system32\srvsvc.dll
2013-10-04 13:12:19 ----A---- C:\Windows\system32\crypt32.dll
2013-10-04 13:12:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-10-04 13:12:18 ----A---- C:\Windows\system32\cryptsvc.dll
2013-10-04 13:12:17 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-10-04 13:12:17 ----A---- C:\Windows\system32\cryptnet.dll
2013-10-04 13:12:16 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-10-04 13:00:42 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-10-04 13:00:22 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-10-04 12:51:58 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-10-04 12:51:58 ----A---- C:\Windows\system32\packager.dll
2013-10-04 12:47:46 ----A---- C:\Windows\system32\cabview.dll
2013-10-04 12:47:45 ----A---- C:\Windows\SYSWOW64\cabview.dll
2013-10-04 12:47:43 ----SHD---- C:\Windows\ftpcache
2013-10-04 12:47:43 ----A---- C:\Windows\system32\rdpcore.dll
2013-10-04 12:47:42 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-10-04 12:47:41 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-10-04 12:47:17 ----A---- C:\Windows\game.ini
2013-10-04 12:40:31 ----D---- C:\Program Files (x86)\Activision
2013-10-04 12:28:38 ----A---- C:\Windows\system32\wups2.dll
2013-10-04 12:28:38 ----A---- C:\Windows\system32\wucltux.dll
2013-10-04 12:28:38 ----A---- C:\Windows\system32\wuaueng.dll
2013-10-04 12:28:38 ----A---- C:\Windows\system32\wuauclt.exe
2013-10-04 12:28:28 ----A---- C:\Windows\system32\wups.dll
2013-10-04 12:28:28 ----A---- C:\Windows\system32\wudriver.dll
2013-10-04 12:28:28 ----A---- C:\Windows\system32\wuapi.dll
2013-10-04 12:28:20 ----A---- C:\Windows\system32\wuwebv.dll
2013-10-04 12:28:20 ----A---- C:\Windows\system32\wuapp.exe
2013-10-04 12:16:31 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-10-04 12:16:29 ----D---- C:\Program Files\GamePark2
2013-10-04 12:15:28 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-10-04 12:15:19 ----A---- C:\Windows\system32\nvvsvc.exe
2013-10-04 12:15:19 ----A---- C:\Windows\system32\nvsvcr.dll
2013-10-04 12:15:19 ----A---- C:\Windows\system32\nvsvc64.dll
2013-10-04 12:15:19 ----A---- C:\Windows\system32\nvshext.dll
2013-10-04 12:15:19 ----A---- C:\Windows\system32\nvmctray.dll
2013-10-04 12:15:19 ----A---- C:\Windows\system32\nvcpl.dll
2013-10-04 12:14:52 ----A---- C:\Windows\system32\OpenCL.dll
2013-10-04 12:14:51 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2013-10-04 12:14:39 ----D---- C:\ProgramData\NVIDIA Corporation
2013-10-04 12:14:16 ----D---- C:\Users\Martin\AppData\Roaming\WinRAR
2013-10-04 12:12:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-04 12:12:03 ----A---- C:\Windows\system32\ff_vfw.dll
2013-10-04 12:12:00 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2013-10-04 12:12:00 ----A---- C:\Windows\system32\lagarith.dll
2013-10-04 12:11:59 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2013-10-04 12:11:59 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2013-10-04 12:11:59 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2013-10-04 12:11:59 ----A---- C:\Windows\system32\xvidvfw.dll
2013-10-04 12:11:59 ----A---- C:\Windows\system32\xvidcore.dll
2013-10-04 12:11:59 ----A---- C:\Windows\system32\x264vfw64.dll
2013-10-04 12:11:56 ----A---- C:\Windows\SYSWOW64\unrar.dll
2013-10-04 12:11:56 ----A---- C:\Windows\system32\unrar64.dll
2013-10-04 12:11:52 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2013-10-04 12:11:46 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2013-10-04 12:10:26 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-10-04 12:09:53 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2013-10-04 12:09:52 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2013-10-04 12:09:52 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2013-10-04 12:09:52 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2013-10-04 12:09:52 ----A---- C:\Windows\system32\netfxperf.dll
2013-10-04 12:09:52 ----A---- C:\Windows\system32\dfshim.dll
2013-10-04 12:09:51 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2013-10-04 12:09:51 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-10-04 12:09:51 ----A---- C:\Windows\system32\PresentationHost.exe
2013-10-04 12:09:51 ----A---- C:\Windows\system32\mscoree.dll
2013-10-04 12:09:01 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-10-04 12:09:01 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-10-04 12:09:01 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-10-04 12:09:00 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-10-04 12:09:00 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-10-04 12:09:00 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-04 12:08:59 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-10-04 12:08:59 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-10-04 12:08:59 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-10-04 12:08:59 ----A---- C:\Windows\system32\nvoglv64.dll
2013-10-04 12:08:59 ----A---- C:\Windows\system32\NvIFR64.dll
2013-10-04 12:08:59 ----A---- C:\Windows\system32\NvFBC64.dll
2013-10-04 12:08:59 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-04 12:08:58 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-10-04 12:08:58 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-10-04 12:08:58 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-10-04 12:08:58 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-10-04 12:08:58 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-10-04 12:08:58 ----A---- C:\Windows\system32\nvdispgenco6432723.dll
2013-10-04 12:08:58 ----A---- C:\Windows\system32\nvdispco6432723.dll
2013-10-04 12:08:58 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-10-04 12:08:58 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-04 12:08:58 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-04 12:08:58 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-04 12:08:58 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-04 12:08:58 ----A---- C:\Windows\system32\nvapi64.dll
2013-10-04 12:08:40 ----D---- C:\Windows\Panther
2013-10-04 12:07:46 ----D---- C:\NVIDIA
2013-10-04 12:04:48 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-04 12:01:15 ----D---- C:\ProgramData\NVIDIA
2013-10-04 11:59:55 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2013-10-04 11:53:30 ----D---- C:\Users\Martin\AppData\Roaming\IrfanView
2013-10-04 11:53:30 ----D---- C:\Program Files (x86)\IrfanView
2013-10-04 11:51:07 ----N---- C:\Windows\system32\MpSigStub.exe
2013-10-04 11:49:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-04 11:49:36 ----D---- C:\Windows\SYSWOW64\Macromed
2013-10-04 11:49:35 ----D---- C:\Windows\system32\Macromed
2013-10-04 11:45:45 ----D---- C:\ProgramData\Oracle
2013-10-04 11:45:44 ----D---- C:\ProgramData\Sun
2013-10-04 11:45:31 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-10-04 11:45:31 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-04 11:45:31 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-10-04 11:45:28 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-04 11:45:28 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-04 11:45:28 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-04 11:45:19 ----D---- C:\Program Files (x86)\Java
2013-10-04 11:39:49 ----D---- C:\Martin
2013-10-04 11:39:45 ----D---- C:\Users\Martin\AppData\Roaming\TS3Client
2013-10-04 11:37:49 ----D---- C:\Program Files\Utorrent
2013-10-04 11:35:21 ----D---- C:\Program Files\WinRAR
2013-10-04 11:34:27 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-10-04 11:23:43 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-10-04 11:23:43 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-10-04 11:23:43 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-10-04 11:23:11 ----D---- C:\Program Files\Realtek
2013-10-04 11:22:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-04 11:22:48 ----D---- C:\Program Files (x86)\Realtek
2013-10-04 11:22:44 ----HD---- C:\Program Files (x86)\Temp
2013-10-04 11:22:44 ----A---- C:\Windows\RtlExUpd.dll
2013-10-04 11:21:41 ----D---- C:\Program Files (x86)\Google
2013-10-04 11:21:40 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-10-04 11:21:40 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-10-04 11:21:39 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-10-04 11:21:38 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-10-04 11:21:38 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-10-04 11:21:38 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-10-04 11:21:36 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-10-04 11:21:34 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-10-04 11:21:34 ----A---- C:\Windows\system32\aswBoot.exe
2013-10-04 11:21:12 ----SHD---- C:\Windows\Installer
2013-10-04 11:20:53 ----D---- C:\Program Files\AVAST Software
2013-10-04 11:20:05 ----D---- C:\ProgramData\AVAST Software
2013-10-04 11:19:19 ----D---- C:\Program Files (x86)\Intel
2013-10-04 11:19:19 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2013-10-04 11:19:13 ----D---- C:\Intel
2013-10-04 11:15:28 ----D---- C:\Users\Martin\AppData\Roaming\Identities
2013-10-04 11:14:19 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2013-10-04 11:14:19 ----D---- C:\Users\Martin\AppData\Roaming\Media Center Programs
2013-10-04 11:13:50 ----SHD---- C:\Recovery
2013-10-04 11:13:50 ----SHD---- C:\ProgramData\Šablony
2013-10-04 11:13:50 ----SHD---- C:\ProgramData\Nabídka Start
2013-10-04 11:13:49 ----SHD---- C:\ProgramData\Plocha
2013-10-04 11:13:49 ----SHD---- C:\ProgramData\Oblíbené položky
2013-10-04 11:13:49 ----SHD---- C:\ProgramData\Dokumenty
2013-10-04 11:13:49 ----SHD---- C:\ProgramData\Data aplikací
2013-10-04 11:12:11 ----D---- C:\Windows\SoftwareDistribution
2013-10-04 11:09:34 ----D---- C:\Windows\Prefetch
2013-10-04 11:09:19 ----ASH---- C:\pagefile.sys
2013-10-04 11:09:18 ----SHD---- C:\System Volume Information
2013-10-04 11:09:18 ----ASH---- C:\hiberfil.sys
2013-09-12 01:17:50 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe

======List of files/folders modified in the last 1 months======

2013-10-05 15:00:21 ----D---- C:\Windows\Temp
2013-10-05 15:00:20 ----RD---- C:\Program Files
2013-10-05 13:09:38 ----D---- C:\Windows\system32\drivers
2013-10-05 13:09:38 ----D---- C:\Windows\System32
2013-10-05 13:09:37 ----D---- C:\Windows\inf
2013-10-05 13:09:32 ----D---- C:\Windows\SysWOW64
2013-10-05 13:09:24 ----D---- C:\Windows\system32\DriverStore
2013-10-05 13:09:24 ----D---- C:\Windows\system32\catroot
2013-10-05 13:09:07 ----D---- C:\Windows
2013-10-05 13:09:04 ----D---- C:\Program Files\Common Files
2013-10-05 13:08:53 ----RD---- C:\Program Files (x86)
2013-10-05 13:08:53 ----D---- C:\Program Files (x86)\Common Files
2013-10-05 01:11:27 ----D---- C:\Windows\system32\config
2013-10-05 00:46:33 ----D---- C:\Windows\Logs
2013-10-05 00:46:32 ----D---- C:\Windows\rescache
2013-10-04 22:21:40 ----D---- C:\Windows\Microsoft.NET
2013-10-04 22:21:28 ----RSD---- C:\Windows\assembly
2013-10-04 20:38:24 ----D---- C:\Windows\winsxs
2013-10-04 20:21:46 ----D---- C:\Windows\system32\cs-CZ
2013-10-04 20:21:44 ----D---- C:\Program Files\Common Files\System
2013-10-04 20:21:41 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-10-04 20:21:40 ----D---- C:\Windows\ehome
2013-10-04 20:21:36 ----D---- C:\Program Files\Windows Mail
2013-10-04 20:21:36 ----D---- C:\Program Files (x86)\Windows Mail
2013-10-04 20:21:34 ----RSD---- C:\Windows\Fonts
2013-10-04 20:21:34 ----D---- C:\Windows\system32\wbem
2013-10-04 20:21:34 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-10-04 20:21:30 ----D---- C:\Program Files\Internet Explorer
2013-10-04 20:21:30 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-04 20:21:25 ----D---- C:\Windows\SYSWOW64\migration
2013-10-04 20:21:25 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-04 20:21:24 ----D---- C:\Windows\system32\migration
2013-10-04 20:21:24 ----D---- C:\Windows\PolicyDefinitions
2013-10-04 20:21:23 ----D---- C:\Windows\system32\en-US
2013-10-04 20:21:16 ----D---- C:\Windows\AppPatch
2013-10-04 20:20:57 ----D---- C:\Windows\system32\Boot
2013-10-04 20:20:45 ----D---- C:\Program Files (x86)\Windows Media Player
2013-10-04 20:20:44 ----D---- C:\Program Files\Windows Media Player
2013-10-04 20:20:35 ----D---- C:\Program Files\Windows Journal
2013-10-04 20:17:26 ----D---- C:\Windows\system32\wdi
2013-10-04 19:40:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-04 19:28:06 ----D---- C:\Windows\system32\catroot2
2013-10-04 19:21:12 ----D---- C:\Windows\debug
2013-10-04 17:46:15 ----HD---- C:\ProgramData
2013-10-04 13:00:25 ----D---- C:\Windows\system32\LogFiles
2013-10-04 12:15:41 ----RD---- C:\Users
2013-10-04 12:15:06 ----D---- C:\Windows\Help
2013-10-04 12:08:16 ----D---- C:\Windows\Setup
2013-10-04 11:49:39 ----D---- C:\Windows\Tasks
2013-10-04 11:49:39 ----D---- C:\Windows\system32\Tasks
2013-10-04 11:34:44 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-10-04 11:24:52 ----D---- C:\Windows\system32\CodeIntegrity
2013-10-04 11:24:50 ----SD---- C:\ProgramData\Microsoft
2013-10-04 11:20:45 ----D---- C:\Windows\system32\restore
2013-10-04 11:16:38 ----D---- C:\Windows\system32\drivers\UMDF
2013-10-04 11:15:26 ----SHD---- C:\$Recycle.Bin
2013-10-04 11:13:50 ----D---- C:\Program Files\Windows NT
2013-10-04 11:11:50 ----D---- C:\Windows\system32\sysprep
2013-10-04 11:09:54 ----D---- C:\Windows\CSC
2013-09-12 10:58:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-09-12 10:58:10 ----A---- C:\Windows\system32\nvwgf2umx.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-04 283064]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-08-20 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
S3 LVUVC64;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-04 75064]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-04 116648]
S2 SetupARService;SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [2013-10-04 24576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-04 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-04 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Doinstalujte Service Pack 1

Pouzivate ty vecicky od seznamu?
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q

Nepoužívám a nechci to.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands) Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

Files moved on Reboot...
File move failed. C:\Users\Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Files moved on Reboot...
File move failed. C:\Users\Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...





a tu je ještě jeden, nějak sem i to seklo tak jsem to musel pustit znovu


Files moved on Reboot...
File C:\Users\Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...