VIRY.CZ

Zdravím, už jsem četl že zde byly podobné témata a nedočetl jsem se řešení, tak zde přikládám můj problém.
Nelze načíst stránky ale ping na ně jde. Skype, steam atd.. funguje bez problémů. Taky se mi asi den před tím dostal do pc malvare s modrým podrženým textem a reklamou pokud na něk kliknu, nevím jak protože jsem nic neinstaloval v posledním týdnu. Ostatní zařízení fungují na stejném připojení.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Faposlav at 2014-02-16 17:48:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 624 GB (66%) free of 941 GB
Total RAM: 4095 MB (46% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Pirrit\AutoUpdater.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1081107388-792090683-16923935493259808541866674679836186333962538109976248281
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007f4
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-56320f97-c1da-4075-8c94-f5de7119c882 -SystemEventPortName:HostProcess-47e36e58-c95b-4e63-b351-21693b0beeb7 -IoCancelEventPortName:HostProcess-bcab2bb6-d196-44ab-bfa5-f05b570fe5cf -NonStateChangingEventPortName:HostProcess-66f595ee-dd2b-4dc1-8746-58fa33a7993a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e926ec6d-a66a-4382-baf6-f2a992bc4740 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Faposlav\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
"C:\Users\Faposlav\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:/Users/Faposlav/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.0.703261030\2022454860" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.1.1339723711\1364073885" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.2.1682477743\91174907" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4020.3.486553121\1859876768" /prefetch:673131151
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4020.4.1515576075\1983523668" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0e23 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3221 --lang=en-US --log-severity=disable /prefetch:822062411
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/109600"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe" /CFG="C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp" /GUIMODE=1
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Faposlav\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-11-15 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 878296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-11-02 2331336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-11-15 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL [2013-09-13 705240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL [2013-11-02 1727176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
IEExtension.Extension - C:\Windows\system32\mscoree.dll [2010-11-05 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PC-Doctor for Windows localizer"=C:\Program Files\PC-Doctor for Windows\localizer.exe []
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"Spotify"=C:\Users\Faposlav\AppData\Roaming\Spotify\Spotify.exe [2014-01-15 6118400]
"Akamai NetSession Interface"=C:\Users\Faposlav\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Spotify Web Helper"=C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-15 1171968]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-01-29 172600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-02-16 17:48:33 ----D---- C:\Program Files\trend micro
2014-02-16 17:48:32 ----D---- C:\rsit
2014-02-16 16:20:59 ----D---- C:\Users\Faposlav\AppData\Roaming\Malwarebytes
2014-02-16 16:20:51 ----D---- C:\ProgramData\Malwarebytes
2014-02-16 16:20:50 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-16 16:20:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-02-16 16:05:45 ----D---- C:\AdwCleaner
2014-02-15 19:29:29 ----A---- C:\Windows\system32\뗠ǫUSB001.dat
2014-02-15 19:27:09 ----A---- C:\Windows\system32\묠ǫUSB001.dat
2014-02-15 19:24:28 ----A---- C:\Windows\system32\뱰ǫUSB001.dat
2014-02-15 19:04:14 ----A---- C:\Windows\system32\뷀ǫUSB001.dat
2014-02-14 23:50:21 ----D---- C:\Users\Faposlav\AppData\Roaming\GHISLER
2014-02-14 23:50:21 ----D---- C:\totalcmd
2014-02-14 19:46:53 ----D---- C:\Users\Faposlav\AppData\Roaming\steamvr
2014-02-12 22:23:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-12 22:23:33 ----A---- C:\Windows\system32\vbscript.dll
2014-02-12 22:22:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-12 22:22:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-12 22:22:55 ----A---- C:\Windows\system32\msrating.dll
2014-02-12 22:22:55 ----A---- C:\Windows\system32\ieui.dll
2014-02-12 22:22:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-12 22:22:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\iernonce.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-12 22:22:53 ----A---- C:\Windows\system32\mshtml.dll
2014-02-12 22:22:53 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-12 22:22:53 ----A---- C:\Windows\system32\iesetup.dll
2014-02-12 22:22:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-12 22:22:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-12 22:22:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-12 22:22:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-12 22:22:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-12 22:22:52 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-12 22:22:52 ----A---- C:\Windows\system32\iertutil.dll
2014-02-12 22:22:52 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-12 22:22:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-12 22:22:51 ----A---- C:\Windows\system32\wininet.dll
2014-02-12 22:22:51 ----A---- C:\Windows\system32\urlmon.dll
2014-02-12 22:22:51 ----A---- C:\Windows\system32\ieframe.dll
2014-02-12 22:22:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-12 22:22:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-12 22:22:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-12 22:22:49 ----A---- C:\Windows\system32\jscript9.dll
2014-02-12 16:35:24 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-12 16:35:24 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-12 16:35:24 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-12 16:35:24 ----A---- C:\Windows\system32\msxml3.dll
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-12 16:35:16 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-12 16:35:16 ----A---- C:\Windows\system32\secproc.dll
2014-02-12 16:35:16 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 16:35:16 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 16:35:16 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-12 16:35:16 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-12 16:35:16 ----A---- C:\Windows\system32\msdrm.dll
2014-02-12 16:35:15 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-12 16:35:15 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-12 16:35:15 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 16:35:15 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-12 16:35:12 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-12 16:35:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-12 16:35:12 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-12 16:35:12 ----A---- C:\Windows\system32\d2d1.dll
2014-02-10 20:59:56 ----A---- C:\Windows\system32\袀ȦUSB001.dat
2014-02-08 16:36:21 ----D---- C:\ProgramData\Elder Scrolls Online
2014-02-07 22:36:14 ----D---- C:\Program Files (x86)\Zenimax Online
2014-02-07 15:07:49 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-07 15:07:49 ----A---- C:\Windows\system32\nvhdap64.dll
2014-02-07 15:07:49 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-02-07 15:07:48 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-07 15:07:48 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-07 15:07:47 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-07 15:07:47 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-07 15:07:47 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-07 15:07:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-07 15:07:42 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-07 15:07:42 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-07 15:07:42 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-07 15:07:41 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-07 15:07:41 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-07 15:07:41 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-07 15:07:39 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-07 15:07:39 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-05 16:33:05 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-05 16:33:05 ----A---- C:\Windows\system32\nvdispgenco64.dll
2014-02-05 16:33:05 ----A---- C:\Windows\system32\nvdispco64.dll
2014-02-05 16:33:05 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-05 16:33:01 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-05 16:33:01 ----A---- C:\Windows\system32\nvapi64.dll
2014-01-24 22:46:41 ----D---- C:\Program Files (x86)\AMD
2014-01-24 22:46:34 ----D---- C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2014-01-24 22:46:01 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-01-24 22:46:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-01-24 22:46:01 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-01-24 22:46:01 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-01-24 22:46:00 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-01-24 22:46:00 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-01-23 21:11:08 ----D---- C:\Users\Faposlav\AppData\Roaming\Guild Wars 2
2014-01-21 11:26:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-21 11:26:47 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-21 11:26:47 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-21 11:26:47 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-19 10:59:00 ----D---- C:\Program Files (x86)\Dotjosh Studios
2014-01-19 09:36:25 ----D---- C:\ProgramData\Bohemia Interactive Studio
2014-01-19 09:31:30 ----D---- C:\ProgramData\SIX Networks
2014-01-19 09:31:02 ----D---- C:\Users\Faposlav\AppData\Roaming\SIX Networks

======List of files/folders modified in the last 1 month======

2014-02-16 17:48:33 ----RD---- C:\Program Files
2014-02-16 17:48:23 ----D---- C:\Windows\Temp
2014-02-16 17:48:00 ----D---- C:\Users\Faposlav\AppData\Roaming\Skype
2014-02-16 17:43:59 ----D---- C:\Users\Faposlav\AppData\Roaming\Spotify
2014-02-16 17:38:46 ----SHD---- C:\System Volume Information
2014-02-16 17:22:44 ----D---- C:\Windows\Prefetch
2014-02-16 17:18:55 ----D---- C:\Program Files (x86)\Steam
2014-02-16 17:17:07 ----D---- C:\Windows\system32\config
2014-02-16 17:04:13 ----D---- C:\Windows\system32\Tasks
2014-02-16 17:01:23 ----D---- C:\ProgramData\NVIDIA
2014-02-16 16:56:00 ----D---- C:\Program Files (x86)\Pirrit
2014-02-16 16:55:40 ----D---- C:\Windows\system32\NDF
2014-02-16 16:20:51 ----HD---- C:\ProgramData
2014-02-16 16:20:50 ----D---- C:\Windows\system32\drivers
2014-02-16 16:20:50 ----D---- C:\Program Files (x86)
2014-02-16 16:18:02 ----SHD---- C:\Windows\Installer
2014-02-16 16:18:02 ----RSD---- C:\Windows\assembly
2014-02-16 16:17:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-02-16 07:15:35 ----D---- C:\Windows\rescache
2014-02-15 19:29:29 ----D---- C:\Windows\System32
2014-02-14 20:15:31 ----SD---- C:\ProgramData\Microsoft
2014-02-14 20:15:31 ----D---- C:\Program Files (x86)\Microsoft
2014-02-14 14:59:18 ----D---- C:\Windows\Microsoft.NET
2014-02-13 14:44:34 ----D---- C:\Windows\winsxs
2014-02-13 14:40:36 ----D---- C:\Windows\SysWOW64
2014-02-13 14:40:34 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-13 14:40:34 ----D---- C:\Windows\system32\en-US
2014-02-13 14:40:33 ----D---- C:\Program Files\Internet Explorer
2014-02-13 14:40:33 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-12 22:25:25 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-12 22:25:14 ----D---- C:\Windows\inf
2014-02-12 22:25:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-12 22:24:15 ----D---- C:\Windows\system32\catroot
2014-02-12 22:23:07 ----D---- C:\Windows\system32\catroot2
2014-02-12 20:12:08 ----D---- C:\Users\Faposlav\AppData\Roaming\uTorrent
2014-02-11 20:06:56 ----D---- C:\Games
2014-02-09 16:52:15 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-02-09 16:16:09 ----D---- C:\ProgramData\Origin
2014-02-09 16:15:17 ----D---- C:\Program Files (x86)\Origin
2014-02-09 09:32:54 ----D---- C:\Windows
2014-02-08 17:02:52 ----D---- C:\Users\Faposlav\AppData\Roaming\Awesomium
2014-02-07 15:13:02 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-07 15:12:45 ----D---- C:\Windows\system32\DriverStore
2014-02-05 17:52:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-04 16:53:46 ----D---- C:\ProgramData\Package Cache
2014-02-04 16:53:42 ----D---- C:\Program Files (x86)\Avira
2014-02-03 16:04:53 ----SD---- C:\Users\Faposlav\AppData\Roaming\Microsoft
2014-01-31 13:36:00 ----D---- C:\Users\Faposlav\AppData\Roaming\TS3Client
2014-01-24 22:46:31 ----D---- C:\Program Files (x86)\Common Files
2014-01-23 22:21:07 ----D---- C:\HRY
2014-01-21 20:37:01 ----D---- C:\Windows\Logs
2014-01-21 11:27:00 ----D---- C:\ProgramData\Oracle
2014-01-21 11:26:47 ----D---- C:\Program Files (x86)\Java
2014-01-20 18:20:04 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-09 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-09 108440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-15 2004128]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-07-30 339744]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-03-25 115272]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2011-12-07 74960]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-01-29 109112]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-12-16 9216]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-12-19 922912]
R2 PirritUpdater;PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [2014-02-14 59904]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-26 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-14 569024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 PirritDesktop;PirritDesktop; C:\Users\Faposlav\AppData\Local\PirritSuggestor\PirritService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-01-19 49152]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-12-30 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-27 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Zdravím!
Spusťte nejprve tuto utilitu.

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Jediné co nefunguje jsou internetové stránky...

# AdwCleaner v3.018 - Report created 16/02/2014 at 18:16:10
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Faposlav - FAPOS
# Running from : C:\Users\Faposlav\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v

[ File : C:\Users\Faposlav\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Faposlav\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1132 octets] - [16/02/2014 16:05:51]
AdwCleaner[R1].txt - [809 octets] - [16/02/2014 18:16:10]
AdwCleaner[S0].txt - [1202 octets] - [16/02/2014 16:07:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [928 octets] ##########

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Faposlav\AppData\Local\Akamai
C:\Windows\system32\뗠ǫUSB001.dat
C:\Windows\system32\묠ǫUSB001.dat
C:\Windows\system32\뱰ǫUSB001.dat
C:\Windows\system32\뷀ǫUSB001.dat
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Faposlav at 2014-02-16 19:30:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 628 GB (67%) free of 941 GB
Total RAM: 4095 MB (57% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
taskeng.exe {96358872-D9C4-492F-8034-FD99C946D29A}
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\svchost.exe -k netsvcs
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {8B250F63-DF75-477D-8227-37E50B57F818}
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Pirrit\AutoUpdater.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-18954381591979082271-550204408252882010112095929747640012623404411255233055
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000078c
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\sppsvc.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-70cb5c1c-5e7c-46f0-adb3-547827e1831d -SystemEventPortName:HostProcess-5cd292ee-34e4-40c8-8396-8328f06534ce -IoCancelEventPortName:HostProcess-44e28a73-4044-49f8-a46b-ea96f42dbfad -NonStateChangingEventPortName:HostProcess-98910637-b405-4e1e-9d76-2232b1fa463b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:09f82e5b-8609-4e7a-87ac-8a8f966e8cb6 -DeviceGroupId:WpdFsGroup
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Faposlav\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="1904.0.369496878\194405758" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="1904.1.1991436294\1922805565" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="1904.2.458539601\47794665" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="1904.3.1036382641\1725284934" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="1904.4.700697900\774325833" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0e23 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3221 --lang=en-US --log-severity=disable /prefetch:822062411
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Faposlav\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-11-15 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 878296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-11-02 2331336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-11-15 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL [2013-09-13 705240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL [2013-11-02 1727176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
IEExtension.Extension - C:\Windows\system32\mscoree.dll [2010-11-05 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PC-Doctor for Windows localizer"=C:\Program Files\PC-Doctor for Windows\localizer.exe []
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"Spotify"=C:\Users\Faposlav\AppData\Roaming\Spotify\Spotify.exe [2014-01-15 6118400]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Spotify Web Helper"=C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-15 1171968]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-01-29 172600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-02-16 19:24:20 ----D---- C:\_OTM
2014-02-16 17:48:33 ----D---- C:\Program Files\trend micro
2014-02-16 17:48:32 ----D---- C:\rsit
2014-02-16 16:20:59 ----D---- C:\Users\Faposlav\AppData\Roaming\Malwarebytes
2014-02-16 16:20:51 ----D---- C:\ProgramData\Malwarebytes
2014-02-16 16:20:50 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-16 16:20:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-02-16 16:05:45 ----D---- C:\AdwCleaner
2014-02-15 19:29:29 ----A---- C:\Windows\system32\뗠ǫUSB001.dat
2014-02-15 19:27:09 ----A---- C:\Windows\system32\묠ǫUSB001.dat
2014-02-15 19:24:28 ----A---- C:\Windows\system32\뱰ǫUSB001.dat
2014-02-15 19:04:14 ----A---- C:\Windows\system32\뷀ǫUSB001.dat
2014-02-14 23:50:21 ----D---- C:\Users\Faposlav\AppData\Roaming\GHISLER
2014-02-14 23:50:21 ----D---- C:\totalcmd
2014-02-14 19:46:53 ----D---- C:\Users\Faposlav\AppData\Roaming\steamvr
2014-02-12 22:23:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-12 22:23:33 ----A---- C:\Windows\system32\vbscript.dll
2014-02-12 22:22:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-12 22:22:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-12 22:22:55 ----A---- C:\Windows\system32\msrating.dll
2014-02-12 22:22:55 ----A---- C:\Windows\system32\ieui.dll
2014-02-12 22:22:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-12 22:22:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\iernonce.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 22:22:54 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-12 22:22:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-12 22:22:53 ----A---- C:\Windows\system32\mshtml.dll
2014-02-12 22:22:53 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-12 22:22:53 ----A---- C:\Windows\system32\iesetup.dll
2014-02-12 22:22:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-12 22:22:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-12 22:22:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-12 22:22:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-12 22:22:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-12 22:22:52 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-12 22:22:52 ----A---- C:\Windows\system32\iertutil.dll
2014-02-12 22:22:52 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-12 22:22:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-12 22:22:51 ----A---- C:\Windows\system32\wininet.dll
2014-02-12 22:22:51 ----A---- C:\Windows\system32\urlmon.dll
2014-02-12 22:22:51 ----A---- C:\Windows\system32\ieframe.dll
2014-02-12 22:22:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-12 22:22:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-12 22:22:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-12 22:22:49 ----A---- C:\Windows\system32\jscript9.dll
2014-02-12 16:35:24 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-12 16:35:24 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-12 16:35:24 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-12 16:35:24 ----A---- C:\Windows\system32\msxml3.dll
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-12 16:35:16 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-12 16:35:16 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-12 16:35:16 ----A---- C:\Windows\system32\secproc.dll
2014-02-12 16:35:16 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 16:35:16 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 16:35:16 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-12 16:35:16 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-12 16:35:16 ----A---- C:\Windows\system32\msdrm.dll
2014-02-12 16:35:15 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-12 16:35:15 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-12 16:35:15 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 16:35:15 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-12 16:35:12 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-12 16:35:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-12 16:35:12 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-12 16:35:12 ----A---- C:\Windows\system32\d2d1.dll
2014-02-10 20:59:56 ----A---- C:\Windows\system32\袀ȦUSB001.dat
2014-02-08 16:36:21 ----D---- C:\ProgramData\Elder Scrolls Online
2014-02-07 22:36:14 ----D---- C:\Program Files (x86)\Zenimax Online
2014-02-07 15:07:49 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-07 15:07:49 ----A---- C:\Windows\system32\nvhdap64.dll
2014-02-07 15:07:49 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-02-07 15:07:48 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-07 15:07:48 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-07 15:07:47 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-07 15:07:47 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-07 15:07:47 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-07 15:07:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-07 15:07:42 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-07 15:07:42 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-07 15:07:42 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-07 15:07:41 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-07 15:07:41 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-07 15:07:41 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-07 15:07:39 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-07 15:07:39 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-05 16:33:05 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-05 16:33:05 ----A---- C:\Windows\system32\nvdispgenco64.dll
2014-02-05 16:33:05 ----A---- C:\Windows\system32\nvdispco64.dll
2014-02-05 16:33:05 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-05 16:33:01 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-05 16:33:01 ----A---- C:\Windows\system32\nvapi64.dll
2014-01-24 22:46:41 ----D---- C:\Program Files (x86)\AMD
2014-01-24 22:46:01 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-01-24 22:46:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-01-24 22:46:01 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-01-24 22:46:01 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-01-24 22:46:00 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-01-24 22:46:00 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-01-23 21:11:08 ----D---- C:\Users\Faposlav\AppData\Roaming\Guild Wars 2
2014-01-21 11:26:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-21 11:26:47 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-21 11:26:47 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-21 11:26:47 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-19 10:59:00 ----D---- C:\Program Files (x86)\Dotjosh Studios
2014-01-19 09:36:25 ----D---- C:\ProgramData\Bohemia Interactive Studio
2014-01-19 09:31:30 ----D---- C:\ProgramData\SIX Networks
2014-01-19 09:31:02 ----D---- C:\Users\Faposlav\AppData\Roaming\SIX Networks

======List of files/folders modified in the last 1 month======

2014-02-16 19:29:54 ----D---- C:\Users\Faposlav\AppData\Roaming\Skype
2014-02-16 19:29:45 ----D---- C:\Windows\Temp
2014-02-16 19:29:20 ----D---- C:\Users\Faposlav\AppData\Roaming\Spotify
2014-02-16 19:28:30 ----D---- C:\Windows\system32\Tasks
2014-02-16 19:25:50 ----D---- C:\ProgramData\NVIDIA
2014-02-16 19:25:00 ----D---- C:\Windows\system32\config
2014-02-16 19:24:23 ----D---- C:\Windows
2014-02-16 19:24:21 ----D---- C:\Windows\Tasks
2014-02-16 18:28:16 ----D---- C:\Program Files (x86)\Steam
2014-02-16 17:57:38 ----SHD---- C:\System Volume Information
2014-02-16 17:48:33 ----RD---- C:\Program Files
2014-02-16 17:22:44 ----D---- C:\Windows\Prefetch
2014-02-16 16:56:00 ----D---- C:\Program Files (x86)\Pirrit
2014-02-16 16:55:40 ----D---- C:\Windows\system32\NDF
2014-02-16 16:20:51 ----HD---- C:\ProgramData
2014-02-16 16:20:50 ----D---- C:\Windows\system32\drivers
2014-02-16 16:20:50 ----D---- C:\Program Files (x86)
2014-02-16 16:18:02 ----SHD---- C:\Windows\Installer
2014-02-16 16:18:02 ----RSD---- C:\Windows\assembly
2014-02-16 16:17:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-02-16 07:15:35 ----D---- C:\Windows\rescache
2014-02-15 19:29:29 ----D---- C:\Windows\System32
2014-02-14 20:15:31 ----SD---- C:\ProgramData\Microsoft
2014-02-14 20:15:31 ----D---- C:\Program Files (x86)\Microsoft
2014-02-14 14:59:18 ----D---- C:\Windows\Microsoft.NET
2014-02-13 14:44:34 ----D---- C:\Windows\winsxs
2014-02-13 14:40:36 ----D---- C:\Windows\SysWOW64
2014-02-13 14:40:34 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-13 14:40:34 ----D---- C:\Windows\system32\en-US
2014-02-13 14:40:33 ----D---- C:\Program Files\Internet Explorer
2014-02-13 14:40:33 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-12 22:25:25 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-12 22:25:14 ----D---- C:\Windows\inf
2014-02-12 22:25:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-12 22:24:15 ----D---- C:\Windows\system32\catroot
2014-02-12 22:23:07 ----D---- C:\Windows\system32\catroot2
2014-02-12 20:12:08 ----D---- C:\Users\Faposlav\AppData\Roaming\uTorrent
2014-02-11 20:06:56 ----D---- C:\Games
2014-02-09 16:52:15 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-02-09 16:16:09 ----D---- C:\ProgramData\Origin
2014-02-09 16:15:17 ----D---- C:\Program Files (x86)\Origin
2014-02-08 17:02:52 ----D---- C:\Users\Faposlav\AppData\Roaming\Awesomium
2014-02-07 15:13:02 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-07 15:12:45 ----D---- C:\Windows\system32\DriverStore
2014-02-05 17:52:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-04 16:53:46 ----D---- C:\ProgramData\Package Cache
2014-02-04 16:53:42 ----D---- C:\Program Files (x86)\Avira
2014-02-03 16:04:53 ----SD---- C:\Users\Faposlav\AppData\Roaming\Microsoft
2014-01-31 13:36:00 ----D---- C:\Users\Faposlav\AppData\Roaming\TS3Client
2014-01-24 22:46:31 ----D---- C:\Program Files (x86)\Common Files
2014-01-23 22:21:07 ----D---- C:\HRY
2014-01-21 20:37:01 ----D---- C:\Windows\Logs
2014-01-21 11:27:00 ----D---- C:\ProgramData\Oracle
2014-01-21 11:26:47 ----D---- C:\Program Files (x86)\Java
2014-01-20 18:20:04 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-09 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-09 108440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-15 2004128]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-07-30 339744]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-03-25 115272]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2011-12-07 74960]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-01-29 109112]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-12-16 9216]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-12-19 922912]
R2 PirritUpdater;PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [2014-02-14 59904]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-26 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S2 PirritDesktop;PirritDesktop; C:\Users\Faposlav\AppData\Local\PirritSuggestor\PirritService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-01-19 49152]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-12-30 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-14 569024]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-27 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Restartujte PC. Pak dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

ComboFix 14-02-16.01 - Faposlav 16.02.2014 20:00:19.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2615 [GMT 1:00]
Spuštěný z: c:\users\Faposlav\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Faposlav\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Faposlav\AppData\Local\Temp\avgnt.exe\Avira.OE.NativeCore.dll
c:\users\Faposlav\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.dll
c:\windows\Downloaded Program Files\IDropPTB.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-16 do 2014-02-16 )))))))))))))))))))))))))))))))
.
.
2014-02-16 19:08 . 2014-02-16 19:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-16 16:48 . 2014-02-16 16:48 -------- d-----w- c:\program files\trend micro
2014-02-16 15:20 . 2014-02-16 15:20 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Malwarebytes
2014-02-16 15:20 . 2014-02-16 15:20 -------- d-----w- c:\programdata\Malwarebytes
2014-02-16 15:20 . 2014-02-16 15:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-16 15:20 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-16 15:05 . 2014-02-16 17:17 -------- d-----w- C:\AdwCleaner
2014-02-14 22:51 . 2014-02-14 22:51 -------- d-----w- c:\users\Faposlav\AppData\Local\GHISLER
2014-02-14 22:50 . 2014-02-14 22:50 -------- d-----w- C:\totalcmd
2014-02-14 22:50 . 2014-02-14 22:50 -------- d-----w- c:\users\Faposlav\AppData\Roaming\GHISLER
2014-02-14 18:46 . 2014-02-14 18:46 -------- d-----w- c:\users\Faposlav\AppData\Roaming\steamvr
2014-02-14 13:48 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7A17D850-C177-49C3-8933-754F19CE2772}\mpengine.dll
2014-02-12 21:23 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 21:23 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 15:35 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-08 15:36 . 2014-02-08 15:36 -------- d-----w- c:\programdata\Elder Scrolls Online
2014-02-07 21:36 . 2014-02-07 22:37 -------- d-----w- c:\program files (x86)\Zenimax Online
2014-02-05 15:33 . 2013-12-19 20:33 18222008 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-02-05 15:33 . 2013-12-19 20:33 15230352 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-02-05 15:33 . 2013-01-31 11:27 1802528 ----a-w- c:\windows\system32\nvdispco64.dll
2014-02-05 15:33 . 2013-01-31 11:27 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2014-02-05 15:33 . 2013-12-19 20:33 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-05 15:33 . 2013-12-19 20:33 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-04 16:32 . 2014-02-04 16:32 -------- d-----w- c:\users\Faposlav\AppData\Local\Diagnostics
2014-01-24 21:46 . 2014-01-24 21:46 -------- d-----w- c:\program files (x86)\AMD
2014-01-24 21:46 . 2014-01-24 21:46 -------- d-----w- c:\users\Faposlav\AppData\Local\Downloaded Installations
2014-01-24 21:46 . 2014-01-24 21:46 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-24 21:46 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-01-23 20:11 . 2014-01-23 20:11 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Guild Wars 2
2014-01-21 19:37 . 2014-02-14 23:13 -------- d-----w- c:\users\Faposlav\AppData\Local\ArmA 2
2014-01-21 10:26 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-19 10:11 . 2014-01-19 10:11 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2014-01-19 10:00 . 2014-01-19 10:00 -------- d-----w- c:\users\Faposlav\AppData\Local\DayZCommander
2014-01-19 09:59 . 2014-01-19 09:59 -------- d-----w- c:\program files (x86)\Dotjosh Studios
2014-01-19 08:36 . 2014-01-19 08:36 -------- d-----w- c:\programdata\Bohemia Interactive Studio
2014-01-19 08:31 . 2014-01-19 08:31 -------- d-----w- c:\programdata\SIX Networks
2014-01-19 08:31 . 2014-01-19 08:31 -------- d-----w- c:\users\Faposlav\AppData\Local\IsolatedStorage
2014-01-19 08:31 . 2014-01-19 08:36 -------- d-----w- c:\users\Faposlav\AppData\Local\SIX Networks
2014-01-19 08:31 . 2014-01-19 08:31 -------- d-----w- c:\users\Faposlav\AppData\Roaming\SIX Networks
2014-01-18 21:19 . 2014-02-16 17:27 -------- d-----w- c:\users\Faposlav\AppData\Local\ArmA 2 OA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-09 15:52 . 2013-12-26 10:48 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-02-09 15:52 . 2013-12-26 10:37 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-09 15:51 . 2013-12-26 10:37 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-02-05 16:52 . 2014-01-03 10:40 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-05 16:52 . 2013-12-26 18:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-30 02:03 . 2013-12-30 02:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-30 02:03 . 2013-12-30 02:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-30 02:03 . 2013-12-30 02:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-30 02:03 . 2013-12-30 02:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-30 02:03 . 2013-12-30 02:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-30 02:03 . 2013-12-30 02:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-30 02:03 . 2013-12-30 02:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-30 02:03 . 2013-12-30 02:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-30 02:03 . 2013-12-30 02:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-30 02:02 . 2013-12-30 02:02 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-30 02:02 . 2013-12-30 02:02 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-30 02:02 . 2013-12-30 02:02 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-30 02:02 . 2013-12-30 02:02 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-30 02:02 . 2013-12-30 02:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-30 02:02 . 2013-12-30 02:02 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-30 02:02 . 2013-12-30 02:02 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-30 02:02 . 2013-12-30 02:02 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-30 02:02 . 2013-12-30 02:02 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-30 02:02 . 2013-12-30 02:02 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-30 02:02 . 2013-12-30 02:02 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-30 02:02 . 2013-12-30 02:02 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-30 02:02 . 2013-12-30 02:02 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-30 02:02 . 2013-12-30 02:02 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-30 02:02 . 2013-12-30 02:02 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-30 02:02 . 2013-12-30 02:02 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-30 02:02 . 2013-12-30 02:02 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-30 02:02 . 2013-12-30 02:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-30 02:02 . 2013-12-30 02:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-30 02:02 . 2013-12-30 02:02 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-30 02:02 . 2013-12-30 02:02 413696 ----a-w- c:\windows\system32\html.iec
2013-12-30 02:02 . 2013-12-30 02:02 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 02:02 . 2013-12-30 02:02 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-30 02:02 . 2013-12-30 02:02 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-30 02:02 . 2013-12-30 02:02 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-30 02:02 . 2013-12-30 02:02 235520 ----a-w- c:\windows\system32\url.dll
2013-12-30 02:02 . 2013-12-30 02:02 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-30 02:02 . 2013-12-30 02:02 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-30 02:02 . 2013-12-30 02:02 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-30 02:02 . 2013-12-30 02:02 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-30 02:02 . 2013-12-30 02:02 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-30 02:02 . 2013-12-30 02:02 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-30 02:02 . 2013-12-30 02:02 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-30 02:02 . 2013-12-30 02:02 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-30 02:02 . 2013-12-30 02:02 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-30 02:02 . 2013-12-30 02:02 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-30 02:02 . 2013-12-30 02:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-30 02:02 . 2013-12-30 02:02 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-30 02:02 . 2013-12-30 02:02 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-30 02:02 . 2013-12-30 02:02 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-30 02:02 . 2013-12-30 02:02 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-30 02:02 . 2013-12-30 02:02 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-30 02:02 . 2013-12-30 02:02 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-29 02:24 . 2013-12-29 02:24 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-12-29 02:24 . 2013-12-29 02:24 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-12-29 02:24 . 2013-12-29 02:24 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-12-29 02:24 . 2013-12-29 02:24 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-12-29 02:24 . 2013-12-29 02:24 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-12-29 02:24 . 2013-12-29 02:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-12-29 02:24 . 2013-12-29 02:24 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-12-29 02:24 . 2013-12-29 02:24 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-12-29 02:24 . 2013-12-29 02:24 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-12-29 02:24 . 2013-12-29 02:24 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-12-29 02:24 . 2013-12-29 02:24 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-12-29 02:24 . 2013-12-29 02:24 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-12-29 02:24 . 2013-12-29 02:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-12-29 02:24 . 2013-12-29 02:24 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-12-29 02:24 . 2013-12-29 02:24 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-12-29 02:24 . 2013-12-29 02:24 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-12-29 02:24 . 2013-12-29 02:24 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-12-29 02:24 . 2013-12-29 02:24 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-12-29 02:24 . 2013-12-29 02:24 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-12-29 02:24 . 2013-12-29 02:24 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-12-29 02:24 . 2013-12-29 02:24 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-12-29 02:24 . 2013-12-29 02:24 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-12-29 02:24 . 2013-12-29 02:24 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-12-29 02:24 . 2013-12-29 02:24 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-12-29 02:24 . 2013-12-29 02:24 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-12-29 02:24 . 2013-12-29 02:24 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Spotify"="c:\users\Faposlav\AppData\Roaming\Spotify\Spotify.exe" [2014-01-15 6118400]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
"Spotify Web Helper"="c:\users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-15 1171968]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-09 684600]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-01-29 172600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 PirritDesktop;PirritDesktop;c:\users\Faposlav\AppData\Local\PirritSuggestor\PirritService.exe;c:\users\Faposlav\AppData\Local\PirritSuggestor\PirritService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PirritUpdater;PirritUpdater;c:\program files (x86)\Pirrit\AutoUpdater.exe;c:\program files (x86)\Pirrit\AutoUpdater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-04 21:02 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-03 16:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=hxxp://127.0.0.1:9881
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.200.4 192.168.200.5
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-HPADVISOR - c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-PC-Doctor for Windows localizer - c:\program files\PC-Doctor for Windows\localizer.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-Akamai - c:\users\Faposlav\AppData\Local\Akamai\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2014-02-16 20:18:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-16 19:18
.
Před spuštěním: 658 376 249 344 bytes free
Po spuštění: 658 799 484 928 bytes free
.
- - End Of File - - AF1C2A501F024B7C008FD3620E1420BA
BF946F05580CB54061CFF68818A67CFF



PS: Internet už jde.

Edit 1: Zmizel i ten otravný malvare s reklamama.

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

ComboFix 14-02-16.01 - Faposlav 17.02.2014 17:56:33.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2107 [GMT 1:00]
Spuštěný z: c:\users\Faposlav\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Faposlav\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Faposlav\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Faposlav\AppData\Local\Temp\avgnt.exe\Avira.OE.NativeCore.dll
c:\users\Faposlav\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-17 do 2014-02-17 )))))))))))))))))))))))))))))))
.
.
2014-02-17 17:04 . 2014-02-17 17:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-16 16:48 . 2014-02-16 16:48 -------- d-----w- c:\program files\trend micro
2014-02-16 15:20 . 2014-02-16 15:20 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Malwarebytes
2014-02-16 15:20 . 2014-02-16 15:20 -------- d-----w- c:\programdata\Malwarebytes
2014-02-16 15:20 . 2014-02-16 15:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-16 15:20 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-16 15:05 . 2014-02-16 17:17 -------- d-----w- C:\AdwCleaner
2014-02-14 22:51 . 2014-02-14 22:51 -------- d-----w- c:\users\Faposlav\AppData\Local\GHISLER
2014-02-14 22:50 . 2014-02-14 22:50 -------- d-----w- C:\totalcmd
2014-02-14 22:50 . 2014-02-14 22:50 -------- d-----w- c:\users\Faposlav\AppData\Roaming\GHISLER
2014-02-14 18:46 . 2014-02-14 18:46 -------- d-----w- c:\users\Faposlav\AppData\Roaming\steamvr
2014-02-14 13:48 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7A17D850-C177-49C3-8933-754F19CE2772}\mpengine.dll
2014-02-12 21:23 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 21:23 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 15:35 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-08 15:36 . 2014-02-08 15:36 -------- d-----w- c:\programdata\Elder Scrolls Online
2014-02-07 21:36 . 2014-02-07 22:37 -------- d-----w- c:\program files (x86)\Zenimax Online
2014-02-05 15:33 . 2013-12-19 20:33 18222008 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-02-05 15:33 . 2013-12-19 20:33 15230352 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-02-05 15:33 . 2013-01-31 11:27 1802528 ----a-w- c:\windows\system32\nvdispco64.dll
2014-02-05 15:33 . 2013-01-31 11:27 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2014-02-05 15:33 . 2013-12-19 20:33 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-05 15:33 . 2013-12-19 20:33 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-04 16:32 . 2014-02-04 16:32 -------- d-----w- c:\users\Faposlav\AppData\Local\Diagnostics
2014-01-24 21:46 . 2014-01-24 21:46 -------- d-----w- c:\program files (x86)\AMD
2014-01-24 21:46 . 2014-01-24 21:46 -------- d-----w- c:\users\Faposlav\AppData\Local\Downloaded Installations
2014-01-24 21:46 . 2014-01-24 21:46 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-24 21:46 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-01-24 21:46 . 2008-07-12 07:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-01-23 20:11 . 2014-01-23 20:11 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Guild Wars 2
2014-01-21 19:37 . 2014-02-14 23:13 -------- d-----w- c:\users\Faposlav\AppData\Local\ArmA 2
2014-01-21 10:26 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-19 10:11 . 2014-01-19 10:11 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2014-01-19 10:00 . 2014-01-19 10:00 -------- d-----w- c:\users\Faposlav\AppData\Local\DayZCommander
2014-01-19 09:59 . 2014-01-19 09:59 -------- d-----w- c:\program files (x86)\Dotjosh Studios
2014-01-19 08:36 . 2014-01-19 08:36 -------- d-----w- c:\programdata\Bohemia Interactive Studio
2014-01-19 08:31 . 2014-01-19 08:31 -------- d-----w- c:\programdata\SIX Networks
2014-01-19 08:31 . 2014-01-19 08:31 -------- d-----w- c:\users\Faposlav\AppData\Local\IsolatedStorage
2014-01-19 08:31 . 2014-01-19 08:36 -------- d-----w- c:\users\Faposlav\AppData\Local\SIX Networks
2014-01-19 08:31 . 2014-01-19 08:31 -------- d-----w- c:\users\Faposlav\AppData\Roaming\SIX Networks
2014-01-18 21:19 . 2014-02-16 17:27 -------- d-----w- c:\users\Faposlav\AppData\Local\ArmA 2 OA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-09 15:52 . 2013-12-26 10:48 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-02-09 15:52 . 2013-12-26 10:37 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-09 15:51 . 2013-12-26 10:37 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-02-05 16:52 . 2014-01-03 10:40 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-05 16:52 . 2013-12-26 18:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-30 02:03 . 2013-12-30 02:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-30 02:03 . 2013-12-30 02:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-30 02:03 . 2013-12-30 02:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-30 02:03 . 2013-12-30 02:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-30 02:03 . 2013-12-30 02:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-30 02:03 . 2013-12-30 02:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-30 02:03 . 2013-12-30 02:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-30 02:03 . 2013-12-30 02:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-30 02:03 . 2013-12-30 02:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-30 02:02 . 2013-12-30 02:02 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-30 02:02 . 2013-12-30 02:02 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-30 02:02 . 2013-12-30 02:02 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-30 02:02 . 2013-12-30 02:02 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-30 02:02 . 2013-12-30 02:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-30 02:02 . 2013-12-30 02:02 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-30 02:02 . 2013-12-30 02:02 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-30 02:02 . 2013-12-30 02:02 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-30 02:02 . 2013-12-30 02:02 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-30 02:02 . 2013-12-30 02:02 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-30 02:02 . 2013-12-30 02:02 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-30 02:02 . 2013-12-30 02:02 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-30 02:02 . 2013-12-30 02:02 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-30 02:02 . 2013-12-30 02:02 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-30 02:02 . 2013-12-30 02:02 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-30 02:02 . 2013-12-30 02:02 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-30 02:02 . 2013-12-30 02:02 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-30 02:02 . 2013-12-30 02:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-30 02:02 . 2013-12-30 02:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-30 02:02 . 2013-12-30 02:02 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-30 02:02 . 2013-12-30 02:02 413696 ----a-w- c:\windows\system32\html.iec
2013-12-30 02:02 . 2013-12-30 02:02 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 02:02 . 2013-12-30 02:02 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-30 02:02 . 2013-12-30 02:02 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-30 02:02 . 2013-12-30 02:02 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-30 02:02 . 2013-12-30 02:02 235520 ----a-w- c:\windows\system32\url.dll
2013-12-30 02:02 . 2013-12-30 02:02 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-30 02:02 . 2013-12-30 02:02 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-30 02:02 . 2013-12-30 02:02 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-30 02:02 . 2013-12-30 02:02 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-30 02:02 . 2013-12-30 02:02 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-30 02:02 . 2013-12-30 02:02 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-30 02:02 . 2013-12-30 02:02 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-30 02:02 . 2013-12-30 02:02 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-30 02:02 . 2013-12-30 02:02 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-30 02:02 . 2013-12-30 02:02 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-30 02:02 . 2013-12-30 02:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-30 02:02 . 2013-12-30 02:02 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-30 02:02 . 2013-12-30 02:02 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-30 02:02 . 2013-12-30 02:02 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-30 02:02 . 2013-12-30 02:02 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-30 02:02 . 2013-12-30 02:02 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-30 02:02 . 2013-12-30 02:02 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-29 02:24 . 2013-12-29 02:24 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-12-29 02:24 . 2013-12-29 02:24 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-12-29 02:24 . 2013-12-29 02:24 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-12-29 02:24 . 2013-12-29 02:24 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-12-29 02:24 . 2013-12-29 02:24 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-12-29 02:24 . 2013-12-29 02:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-12-29 02:24 . 2013-12-29 02:24 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-12-29 02:24 . 2013-12-29 02:24 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-12-29 02:24 . 2013-12-29 02:24 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-12-29 02:24 . 2013-12-29 02:24 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-12-29 02:24 . 2013-12-29 02:24 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-12-29 02:24 . 2013-12-29 02:24 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-12-29 02:24 . 2013-12-29 02:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-12-29 02:24 . 2013-12-29 02:24 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-12-29 02:24 . 2013-12-29 02:24 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-12-29 02:24 . 2013-12-29 02:24 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-12-29 02:24 . 2013-12-29 02:24 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-12-29 02:24 . 2013-12-29 02:24 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-12-29 02:24 . 2013-12-29 02:24 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-12-29 02:24 . 2013-12-29 02:24 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-12-29 02:24 . 2013-12-29 02:24 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-12-29 02:24 . 2013-12-29 02:24 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-12-29 02:24 . 2013-12-29 02:24 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-12-29 02:24 . 2013-12-29 02:24 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-12-29 02:24 . 2013-12-29 02:24 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-12-29 02:24 . 2013-12-29 02:24 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-29 02:24 . 2013-12-29 02:24 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Spotify"="c:\users\Faposlav\AppData\Roaming\Spotify\Spotify.exe" [2014-01-15 6118400]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
"Spotify Web Helper"="c:\users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-15 1171968]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-09 684600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-01-29 172600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 PirritDesktop;PirritDesktop;c:\users\Faposlav\AppData\Local\PirritSuggestor\PirritService.exe;c:\users\Faposlav\AppData\Local\PirritSuggestor\PirritService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PirritUpdater;PirritUpdater;c:\program files (x86)\Pirrit\AutoUpdater.exe;c:\program files (x86)\Pirrit\AutoUpdater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-04 21:02 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-03 16:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [BU]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=hxxp://127.0.0.1:9881
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.200.4 192.168.200.5
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2014-02-17 18:12:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-17 17:12
ComboFix2.txt 2014-02-16 19:18
.
Před spuštěním: 658 963 165 184 bytes free
Po spuštění: 658 890 264 576 bytes free
.
- - End Of File - - BC7BA10F5096867A46364DE8BE1E6F1C
BF946F05580CB54061CFF68818A67CFF

Smazáno. Nastala nějaká změna?

Počítač se o trošku zrychlil, internet už funguje a ten otravný malvare je taky pryč.
Děkuji za pomoc a myslím že lock

PS: Rychlejší jednání než na jiném fóru kde se zabývají podobnou tématikou.

Děkujeme za uznání a vy nemáte zač!