VIRY.CZ

Dobrý den,
omlouvám se, že otravuju takhle v neděli, ale bohužel to jindy nešlo.

Abych vysvětlil problém. Problém setrvává pár dní. Když sleduju nějaká videa na internetu, tak cca po dvou minutách mi začne sekat obraz. Dělá mi to tak samo třeba i ve hrách, když mám delší cut scény, nebo nějaké pohyblivé meny. Sekání přestane, jakmile pohnu myší. Avšak když sleduju nějaký film v přehrávači (BSplayer například), tak tam se problém nevyskytuje. Projel jsem to antivirem, reinstaloval kodeky a mám také nové nainstalovaný GPU driver, ale nic nepomohlo. Chtěl jsem obnovit systém, ale bohužel jsem neměl uložený dostatečně starý bod, aby to mohlo potenciálně vyřešit problém. Tak se tedy obracím na Vás.

Zde dávám FRST log a v příloze příkládám i Addition.zip.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2013
Ran by Jura (administrator) on TEOCHI-PC on 10-11-2013 16:50:32
Running from C:\Users\Jura\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\junior\rocketdock\RocketDock.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SkypEmoticons) C:\Users\Jura\AppData\Roaming\SkypEmoticons\SE.exe
() C:\Users\Jura\AppData\Roaming\HpUpdate\ranger.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Nullsoft, Inc.) C:\junior\winamp\winampa.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Vimisoft Studio) C:\junior\webkameraA4Tech\vicamon.exe
(Vimisoft Studio) C:\junior\webkameraA4Tech\vmonproc.exe
() C:\junior\Genius Myš\Gila\mousehid.exe
() C:\junior\Genius Myš\Gila\trayicon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\junior\totalcmd\TOTALCMD.EXE
(Opera Software) C:\junior\opera\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(House of Life) C:\junior\bitlord\BitLord 2\Bitlord files\bitlord.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(The Pidgin developer community) C:\junior\pidgin\pidgin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6469736 2012-03-06] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [RocketDock] - C:\junior\rocketdock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [DAEMON Tools Lite] - C:\junior\daemon tools\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKCU\...\Run: [se] - C:\Users\Jura\AppData\Roaming\SkypEmoticons\SE.exe [5842336 2013-09-22] (SkypEmoticons)
HKCU\...\Run: [Keyboard Inf.] - C:\Users\Jura\AppData\Roaming\HpUpdate\ranger.exe [5122048 2013-10-27] ()
MountPoints2: {c8a9985b-8b48-11e2-96f3-d43d7e2ba5e9} - E:\Setup.exe
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] - C:\junior\winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\junior\msoffice2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [IMMON] - C:\junior\webkameraA4Tech\vicamon.exe [143360 2010-09-28] (Vimisoft Studio)
HKLM-x32\...\Run: [IMMONSUPPORT] - C:\junior\webkameraA4Tech\vmonproc.exe /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
HKLM-x32\...\Run: [Gila] - C:\junior\Genius Myš\Gila\mousehid.exe [307712 2013-01-16] ()
AppInit_DLLs-x32: c:\progra~2\ss-hel~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll [1044480 2013-01-24] ()
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=6 ... Z&unqvl=36
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=6 ... Z&unqvl=36
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q ... Z&unqvl=36
SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q ... Z&unqvl=36
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q ... Z&unqvl=36
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: SearchNewTab - {1E4D12CF-14FA-89B0-BD3E-575963461B96} - C:\ProgramData\SearchNewTab\JIX.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\junior\msoffice2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: SaoveensHare - {8D2E7A11-976F-19A8-92E7-C4C71DB334B6} - C:\ProgramData\SaoveensHare\qP.dll ()
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\junior\msoffice2007\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244

FireFox:
========
FF ProfilePath: C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\yoyw6r1n.default
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: WebSearch
FF Homepage: hxxp://websearch.oversearch.info/?pid=625&r=2013/09/22&hid=6359042968277478013&lg=EN&cc=CZ&unqvl=36
FF Keyword.URL: hxxp://websearch.oversearch.info/?pid=625&r=2013/09/22&hid=6359042968277478013&lg=EN&cc=CZ&unqvl=36&l=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\junior\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\junior\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\yoyw6r1n.default\searchplugins\WebSearch.xml
FF Extension: SearchNewTab - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\yoyw6r1n.default\Extensions\cnr4ybn@atxcvro.com
FF Extension: SaoveensHare - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\yoyw6r1n.default\Extensions\woaml@pekp-.co.uk
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF StartMenuInternet: FIREFOX.EXE - C:\junior\firefox\firefox.exe

Chrome:
=======
CHR Extension: (SearchNewTab) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\epdfgheiehpkincbpmlpepkmkilmkmcm\1.0
CHR Extension: (Google Wallet) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-14] (Adobe Systems)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 Microsoft Office Groove Audit Service; C:\junior\msoffice2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-06] ()

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-29] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R1 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 MSICDSetup; \??\D:\CDriver64.sys [x]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-10 16:49 - 2013-11-10 16:49 - 00112128 _____ (forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe
2013-11-10 16:49 - 2013-11-10 16:49 - 00000000 ____D C:\FRST
2013-11-10 16:48 - 2013-11-10 16:48 - 01957156 _____ (Farbar) C:\Users\Jura\Desktop\FRST64.exe
2013-11-09 15:59 - 2013-11-10 16:12 - 00000336 _____ C:\Windows\setupact.log
2013-11-09 15:59 - 2013-11-09 15:59 - 00000330 _____ C:\Windows\PFRO.log
2013-11-09 15:59 - 2013-11-09 15:59 - 00000000 _____ C:\Windows\setuperr.log
2013-11-06 20:33 - 2013-11-06 20:33 - 00000218 _____ C:\Users\Jura\AppData\Local\recently-used.xbel
2013-11-06 15:08 - 2013-11-06 15:08 - 00000000 ____D C:\ProgramData\McAfee
2013-11-06 15:05 - 2013-11-06 15:06 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-02 18:03 - 2013-11-02 18:03 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-02 18:03 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-11-02 18:03 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-11-02 18:02 - 2013-11-02 18:02 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Šablony
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Soubory cookie
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Poslední
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní tiskárny
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní síť
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Nabídka Start
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Dokumenty
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Obrázky
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Hudba
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Filmy
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Data aplikací
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Data aplikací
2013-11-02 18:02 - 2013-03-17 10:42 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2013-11-02 18:02 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-02 18:02 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-02 18:00 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-02 18:00 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-11-02 18:00 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-11-02 18:00 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-11-02 18:00 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-11-02 18:00 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-11-02 18:00 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-11-02 18:00 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-11-02 18:00 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-11-02 17:56 - 2013-11-02 17:56 - 00000000 ____D C:\Windows\Sun
2013-11-02 17:52 - 2013-11-02 18:04 - 00000000 ____D C:\Users\Jura\Documents\Battlefield 4
2013-11-02 16:21 - 2013-11-02 16:21 - 00000000 ____D C:\Users\Jura\AppData\Local\Skyrim
2013-10-28 18:00 - 2013-10-28 18:00 - 00000134 _____ C:\Users\Jura\Desktop\tunein-station.pls
2013-10-27 16:32 - 2013-11-06 15:06 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-27 16:32 - 2013-10-27 16:32 - 00000000 ____D C:\ProgramData\Sun
2013-10-27 16:28 - 2013-10-27 16:30 - 00000000 ____D C:\Users\Jura\AppData\Roaming\I2P
2013-10-27 16:25 - 2013-11-06 15:06 - 00000000 ____D C:\ProgramData\Oracle
2013-10-27 16:16 - 2013-10-27 16:16 - 00003088 _____ C:\Windows\System32\Tasks\{D476BAB7-3FB7-4E37-9F28-EFFE24B8814C}
2013-10-27 14:08 - 2013-10-27 16:58 - 00000000 ____D C:\ProgramData\WarThunder
2013-10-27 14:08 - 2013-10-27 14:08 - 00000000 ____D C:\Users\Jura\AppData\Local\WarThunder
2013-10-27 14:07 - 2013-10-27 14:07 - 00001590 _____ C:\Users\Public\Desktop\WarThunder.lnk
2013-10-27 14:07 - 2013-10-27 14:07 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-16 19:25 - 2013-10-19 18:25 - 00009882 _____ C:\Users\Jura\Desktop\účto.xlsx

==================== One Month Modified Files and Folders =======

2013-11-10 16:49 - 2013-11-10 16:49 - 00112128 _____ (forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe
2013-11-10 16:49 - 2013-11-10 16:49 - 00000000 ____D C:\FRST
2013-11-10 16:49 - 2013-03-12 19:32 - 00000000 ____D C:\Users\Jura\AppData\Roaming\.purple
2013-11-10 16:48 - 2013-11-10 16:48 - 01957156 _____ (Farbar) C:\Users\Jura\Desktop\FRST64.exe
2013-11-10 16:46 - 2013-03-12 19:13 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Skype
2013-11-10 16:19 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-10 16:19 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-10 16:18 - 2011-04-12 09:34 - 00669644 _____ C:\Windows\system32\perfh005.dat
2013-11-10 16:18 - 2011-04-12 09:34 - 00141276 _____ C:\Windows\system32\perfc005.dat
2013-11-10 16:18 - 2009-07-14 06:13 - 01585862 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-10 16:17 - 2013-03-12 19:00 - 01824831 _____ C:\Windows\WindowsUpdate.log
2013-11-10 16:16 - 2013-03-13 18:31 - 00000000 ____D C:\Users\Jura\Desktop\mp3
2013-11-10 16:14 - 2013-03-13 15:31 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-10 16:12 - 2013-11-09 15:59 - 00000336 _____ C:\Windows\setupact.log
2013-11-10 16:12 - 2012-11-15 15:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-10 16:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 06:02 - 2013-03-13 15:31 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 05:53 - 2013-04-16 07:32 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-09 15:59 - 2013-11-09 15:59 - 00000330 _____ C:\Windows\PFRO.log
2013-11-09 15:59 - 2013-11-09 15:59 - 00000000 _____ C:\Windows\setuperr.log
2013-11-06 20:33 - 2013-11-06 20:33 - 00000218 _____ C:\Users\Jura\AppData\Local\recently-used.xbel
2013-11-06 15:52 - 2013-03-12 19:54 - 00000000 ____D C:\Users\Jura\AppData\Roaming\BitLord
2013-11-06 15:08 - 2013-11-06 15:08 - 00000000 ____D C:\ProgramData\McAfee
2013-11-06 15:07 - 2013-04-16 07:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-06 15:07 - 2013-03-12 19:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-06 15:07 - 2013-03-12 19:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-06 15:06 - 2013-11-06 15:05 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-06 15:06 - 2013-10-27 16:32 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-06 15:06 - 2013-10-27 16:25 - 00000000 ____D C:\ProgramData\Oracle
2013-11-06 15:06 - 2013-03-13 15:32 - 00000000 ____D C:\Users\Jura\AppData\Local\Adobe
2013-11-06 15:02 - 2013-03-12 20:05 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-11-03 18:35 - 2012-11-15 15:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-02 23:30 - 2013-03-12 19:19 - 00000000 ____D C:\junior
2013-11-02 18:04 - 2013-11-02 17:52 - 00000000 ____D C:\Users\Jura\Documents\Battlefield 4
2013-11-02 18:03 - 2013-11-02 18:03 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-02 18:03 - 2012-11-15 15:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-02 18:03 - 2012-11-15 15:16 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-02 18:02 - 2013-11-02 18:02 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Šablony
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Soubory cookie
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Poslední
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní tiskárny
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Okolní síť
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Nabídka Start
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Dokumenty
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Obrázky
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Hudba
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Filmy
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\Data aplikací
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-11-02 18:02 - 2013-11-02 18:02 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Data aplikací
2013-11-02 17:56 - 2013-11-02 17:56 - 00000000 ____D C:\Windows\Sun
2013-11-02 17:49 - 2013-05-04 12:43 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-02 16:21 - 2013-11-02 16:21 - 00000000 ____D C:\Users\Jura\AppData\Local\Skyrim
2013-11-02 16:21 - 2013-06-21 22:44 - 00000000 ____D C:\ProgramData\Steam
2013-11-02 15:58 - 2013-03-27 15:39 - 00000000 ____D C:\Users\Jura\Documents\My Games
2013-11-02 15:58 - 2013-03-12 19:01 - 00000000 ____D C:\Users\Jura
2013-10-31 15:38 - 2013-03-13 18:35 - 00000000 ____D C:\Users\Jura\Desktop\recepty
2013-10-28 18:00 - 2013-10-28 18:00 - 00000134 _____ C:\Users\Jura\Desktop\tunein-station.pls
2013-10-27 16:58 - 2013-10-27 14:08 - 00000000 ____D C:\ProgramData\WarThunder
2013-10-27 16:57 - 2013-03-12 23:13 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-10-27 16:57 - 2013-03-12 23:13 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-27 16:32 - 2013-10-27 16:32 - 00000000 ____D C:\ProgramData\Sun
2013-10-27 16:30 - 2013-10-27 16:28 - 00000000 ____D C:\Users\Jura\AppData\Roaming\I2P
2013-10-27 16:16 - 2013-10-27 16:16 - 00003088 _____ C:\Windows\System32\Tasks\{D476BAB7-3FB7-4E37-9F28-EFFE24B8814C}
2013-10-27 14:08 - 2013-10-27 14:08 - 00000000 ____D C:\Users\Jura\AppData\Local\WarThunder
2013-10-27 14:07 - 2013-10-27 14:07 - 00001590 _____ C:\Users\Public\Desktop\WarThunder.lnk
2013-10-27 14:07 - 2013-10-27 14:07 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2013-10-27 13:30 - 2012-04-30 13:47 - 00000000 ____D C:\ProgramData\Skype
2013-10-27 13:29 - 2012-04-30 13:47 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-27 02:10 - 2013-03-13 15:41 - 00000000 ____D C:\Users\Jura\AppData\Roaming\HpUpdate
2013-10-27 01:43 - 2013-03-20 12:20 - 00000000 ____D C:\Users\Jura\AppData\Local\SKIDROW
2013-10-26 20:47 - 2013-03-13 22:10 - 00000000 ____D C:\Users\Jura\AppData\Local\gtk-2.0
2013-10-23 11:30 - 2013-11-02 18:00 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-11-02 18:00 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-23 11:30 - 2013-11-02 18:00 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-23 11:30 - 2012-11-15 15:16 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2012-11-15 15:16 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2012-11-15 15:16 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-23 11:30 - 2012-11-15 15:16 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 11:30 - 2012-05-15 20:58 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-10-23 11:30 - 2012-05-15 20:58 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-10-23 09:20 - 2012-11-15 15:17 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2012-11-15 15:17 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2012-11-15 15:17 - 03426956 _____ C:\Windows\system32\nvcoproc.bin
2013-10-23 09:20 - 2012-11-15 15:17 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2012-11-15 15:17 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2012-11-15 15:17 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-19 18:25 - 2013-10-16 19:25 - 00009882 _____ C:\Users\Jura\Desktop\účto.xlsx
2013-10-18 02:36 - 2013-11-02 18:03 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-11-02 18:03 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-17 18:09 - 2013-03-12 20:15 - 00000000 ____D C:\Users\Jura\AppData\Roaming\vlc
2013-10-16 16:57 - 2013-03-13 15:31 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-16 16:57 - 2013-03-13 15:31 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-15 13:33 - 2013-10-10 20:09 - 00008734 _____ C:\Users\Jura\Desktop\ěšš.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-31 16:59

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows) (Fixed) (Total:931.41 GB) (Free:360.7 GB) NTFS

Available physical RAM: 4837.19 MB
Total physical RAM: 8124.8 MB
Percentage of memory in use: 40%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5C752E72)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {84E27563-E198-C6D6-D9BC-D9F020245508}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jura\Desktop" je 3823 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper
C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Hotovo, posílám logy:

JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jura on ne 10.11.2013 at 17:10:52,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1599637765-917808134-3764085579-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c670dcae-e392-aa32-6f42-143c7fc4bdfd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Jura\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\websearch"
Successfully deleted: [Folder] "C:\Users\Jura\documents\optimizer pro"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 10.11.2013 at 17:15:10,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner log:

# AdwCleaner v3.011 - Report created 10/11/2013 at 17:19:08
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jura - TEOCHI-PC
# Running from : C:\Users\Jura\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\SaoveensHare
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files (x86)\EZDownloader
Folder Deleted : C:\Users\Jura\AppData\Roaming\BitLord
Folder Deleted : C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Users\Jura\Documents\BitLord
File Deleted : C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\yoyw6r1n.default\searchplugins\WebSearch.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_289822ec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16470

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\yoyw6r1n.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.oversearch.info/?pid=625&r=2013/09/22&hid=6359042968277478013&lg=EN&cc=CZ&unqvl=36&l=1&q=");
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.oversearch.info/?pid=625&r=2013/09/22&hid=6359042968277478013&lg=EN&cc=CZ&unqvl=36");
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("extensions.Y_ZD.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top && \"www.google.com,mail.google.com,www.wikipedia.org,ww[...]
Line Deleted : user_pref("extensions.x2qTL.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++){wi[...]
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.oversearch.info/?pid=625&r=2013/09/22&hid=6359042968277478013&lg=EN&cc=CZ&unqvl=36&l=1&q=");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4761 octets] - [10/11/2013 17:18:48]
AdwCleaner[S0].txt - [4724 octets] - [10/11/2013 17:19:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4784 octets] ##########

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [DAEMON Tools Lite] - C:\junior\daemon tools\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKCU\...\Run: [se] - C:\Users\Jura\AppData\Roaming\SkypEmoticons\SE.exe [5842336 2013-09-22] (SkypEmoticons)
HKCU\...\Run: [Keyboard Inf.] - C:\Users\Jura\AppData\Roaming\HpUpdate\ranger.exe [5122048 2013-10-27] ()
MountPoints2: {c8a9985b-8b48-11e2-96f3-d43d7e2ba5e9} - E:\Setup.exe
HKLM-x32\...\Run: [WinampAgent] - C:\junior\winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\junior\msoffice2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [IMMON] - C:\junior\webkameraA4Tech\vicamon.exe [143360 2010-09-28] (Vimisoft Studio)
HKLM-x32\...\Run: [IMMONSUPPORT] - C:\junior\webkameraA4Tech\vmonproc.exe /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
AppInit_DLLs-x32: c:\progra~2\ss-hel~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll [1044480 2013-01-24] ()
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=6 ... Z&unqvl=36
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=6 ... Z&unqvl=36
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q={searchTerms}&pid=625&r=2013/09/22&hid=6359042968277478013&lg=EN&cc=CZ&unqvl=36
SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q={searchTerms}&pid=625&r=2013/09/22&hid=6359042968277478013&lg=EN&cc=CZ&unqvl=36
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q={searchTerms}&pid=625&r=2013/09/22&hid=6359042968277478013&lg=EN&cc=CZ&unqvl=36
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: SearchNewTab - {1E4D12CF-14FA-89B0-BD3E-575963461B96} - C:\ProgramData\SearchNewTab\JIX.dll ()
BHO-x32: SaoveensHare - {8D2E7A11-976F-19A8-92E7-C4C71DB334B6} - C:\ProgramData\SaoveensHare\qP.dll ()

FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: WebSearch
FF Homepage: hxxp://websearch.oversearch.info/?pid=6 ... Z&unqvl=36
FF Keyword.URL: hxxp://websearch.oversearch.info/?pid=6 ... =36&l=1&q=

CHR Extension: (SearchNewTab) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\epdfgheiehpkincbpmlpepkmkilmkmcm\1.0

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 MSICDSetup; \??\D:\CDriver64.sys [x]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2013
Ran by Jura at 2013-11-10 18:48:32 Run:1
Running from C:\Users\Jura\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [DAEMON Tools Lite] - C:\junior\daemon tools\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKCU\...\Run: [se] - C:\Users\Jura\AppData\Roaming\SkypEmoticons\SE.exe [5842336 2013-09-22] (SkypEmoticons)
HKCU\...\Run: [Keyboard Inf.] - C:\Users\Jura\AppData\Roaming\HpUpdate\ranger.exe [5122048 2013-10-27] ()
MountPoints2: {c8a9985b-8b48-11e2-96f3-d43d7e2ba5e9} - E:\Setup.exe
HKLM-x32\...\Run: [WinampAgent] - C:\junior\winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\junior\msoffice2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [IMMON] - C:\junior\webkameraA4Tech\vicamon.exe [143360 2010-09-28] (Vimisoft Studio)
HKLM-x32\...\Run: [IMMONSUPPORT] - C:\junior\webkameraA4Tech\vmonproc.exe /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
AppInit_DLLs-x32: c:\progra~2\ss-hel~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll [1044480 2013-01-24] ()
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=6 ... Z&unqvl=36
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=6 ... Z&unqvl=36
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q ... Z&unqvl=36
SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q ... Z&unqvl=36
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q ... Z&unqvl=36
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: SearchNewTab - {1E4D12CF-14FA-89B0-BD3E-575963461B96} - C:\ProgramData\SearchNewTab\JIX.dll ()
BHO-x32: SaoveensHare - {8D2E7A11-976F-19A8-92E7-C4C71DB334B6} - C:\ProgramData\SaoveensHare\qP.dll ()

FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: WebSearch
FF Homepage: hxxp://websearch.oversearch.info/?pid=6 ... Z&unqvl=36
FF Keyword.URL: hxxp://websearch.oversearch.info/?pid=6 ... =36&l=1&q=

CHR Extension: (SearchNewTab) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\epdfgheiehpkincbpmlpepkmkilmkmcm\1.0

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 MSICDSetup; \??\D:\CDriver64.sys [x]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\se => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Keyboard Inf. => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8a9985b-8b48-11e2-96f3-d43d7e2ba5e9} => Key deleted successfully.
HKCR\CLSID\{c8a9985b-8b48-11e2-96f3-d43d7e2ba5e9} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\amd_dc_opt => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\IMMON => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\IMMONSUPPORT => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk => Moved successfully.
C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2510 series.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key deleted successfully.
HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E4D12CF-14FA-89B0-BD3E-575963461B96} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1E4D12CF-14FA-89B0-BD3E-575963461B96} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D2E7A11-976F-19A8-92E7-C4C71DB334B6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8D2E7A11-976F-19A8-92E7-C4C71DB334B6} => Key deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\epdfgheiehpkincbpmlpepkmkilmkmcm => Moved successfully.
EagleX64 => Service deleted successfully.
MSICDSetup => Service deleted successfully.
NTIOLib_1_0_C => Service deleted successfully.
RimUsb => Service deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCUpdateHelper" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

Jak se chova PC

Problém vyřešen, díky moc! Skvělá práce jako vždy

. Přeji pěkný zbytek večera.

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Nene, děkuji, to je už všechno. Ještě uklidím, jak píšete a to je už opravdu vše. Ještě jednou děkuji

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Zasekávání obrazu - podezření na vir

Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir

Re: Zasekávání obrazu - podezření na vir