Pomoc pro horského muže, děkuji.
Napsal: 25 úno 2014 21:40
Začínám propadat zoufalství musím psát rychle do 5 minut PC zamrzne a chroupá a nereaguje. Mnohokrát děkuji za reakce Milan.
ComboFix 14-02-24.02 - Tata 25.02.2014 20:35:04.2.6 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8191.7442 [GMT 1:00]
Spuštěný z: c:\users\Tata\Downloads\ComboFix.exe
AV: AVG AntiVirus 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-25 do 2014-02-25 )))))))))))))))))))))))))))))))
.
.
2014-02-25 19:37 . 2014-02-25 19:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-25 18:24 . 2014-02-25 18:24 -------- d-----w- C:\DVR
2014-02-24 06:47 . 2014-02-24 06:47 -------- d-----w- c:\program files\Windows Live
2014-02-24 06:11 . 2014-02-25 18:42 -------- d-----w- c:\users\Tata\AppData\Roaming\DefaultTab
2014-02-24 06:11 . 2014-02-24 06:11 -------- d-----w- c:\users\Tata\.android
2014-02-24 06:09 . 2014-02-24 06:10 -------- d-----w- c:\program files (x86)\PCData
2014-02-24 06:09 . 2014-02-24 06:09 -------- d-----w- c:\program files (x86)\Seznam.cz
2014-02-24 06:09 . 2014-02-25 17:27 -------- d-----w- c:\users\Tata\AppData\Roaming\Seznam.cz
2014-02-24 06:09 . 2014-02-24 07:12 -------- d-----w- c:\program files (x86)\Surftastic
2014-02-24 06:02 . 2014-02-24 06:02 -------- d-----w- C:\Plytki
2014-02-24 06:02 . 2014-02-24 06:02 914432 ----a-w- c:\windows\SysWow64\7z.dll
2014-02-24 06:02 . 2014-02-24 06:02 718848 ----a-w- c:\windows\SysWow64\cc3290mt.dll
2014-02-20 07:05 . 2014-02-08 16:18 599840 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-02-18 20:19 . 2014-02-18 20:22 -------- d-----w- c:\users\Tata\AppData\Roaming\Nico Mak Computing
2014-02-18 20:19 . 2012-02-08 09:29 18760 ----a-w- c:\windows\system32\roboot64.exe
2014-02-18 20:18 . 2014-02-18 20:18 -------- d-----w- c:\program files (x86)\FreeTime
2014-02-12 20:47 . 2004-02-26 23:00 962612 ----a-w- c:\windows\SysWow64\mfc42d.dll
2014-02-12 20:47 . 2004-02-16 23:00 434252 ----a-w- c:\windows\SysWow64\MSVCRTD.DLL
2014-02-12 20:46 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-02-12 20:46 . 2001-09-05 03:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-02-12 20:46 . 2001-09-05 03:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-02-12 20:46 . 2001-09-05 03:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-02-12 20:46 . 2002-07-25 09:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2014-02-12 20:46 . 2009-07-16 10:38 15416 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2014-02-12 08:14 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 08:14 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 06:04 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-01-28 12:21 . 2014-01-28 12:21 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-01-28 12:17 . 2014-01-15 23:13 1515296 ----a-w- c:\windows\system32\nvdispgenco6433467.dll
2014-01-28 12:17 . 2014-01-15 23:13 1885472 ----a-w- c:\windows\system32\nvdispco6433467.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-25 19:01 . 2014-01-19 12:30 3501 ----a-w- c:\users\Tata\IP_Log_Data.js
2014-02-25 19:01 . 2014-01-18 09:00 10889 ----a-w- c:\users\Tata\Network_Meter_Data.js
2014-02-24 21:00 . 2013-11-19 06:55 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-21 20:40 . 2013-11-19 06:55 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-02-16 22:34 . 2013-11-18 09:22 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2013-11-18 09:19 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-02-08 18:34 . 2013-11-18 09:19 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-02-08 18:34 . 2013-10-27 08:12 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2013-10-27 08:12 15740232 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-02-08 18:34 . 2013-10-27 08:12 31432480 ----a-w- c:\windows\system32\nvoglv64.dll
2014-02-08 18:34 . 2013-10-27 08:12 14669032 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-02-08 18:34 . 2013-10-27 08:12 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 18:34 . 2013-10-27 08:12 2713728 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-08 17:42 . 2013-11-18 09:19 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2013-11-18 09:19 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2013-11-18 09:19 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2013-11-18 09:19 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2013-11-18 09:19 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2013-11-18 09:19 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-05 17:52 . 2013-11-18 09:19 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-01-21 02:53 . 2013-11-18 12:28 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-21 02:53 . 2013-11-18 12:28 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-17 19:54 . 2013-11-19 06:55 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-01-16 16:47 . 2014-01-16 16:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-01-16 16:09 . 2014-01-16 16:09 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-10 12:40 . 2014-01-10 12:40 58560 ----a-w- c:\windows\SysWow64\sirenacm.dll
2014-01-07 13:40 . 2014-01-07 13:40 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-12-27 18:42 . 2014-01-23 16:26 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-27 18:42 . 2014-01-23 16:26 33056 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-27 18:42 . 2013-11-18 12:23 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-19 20:33 . 2014-01-10 18:34 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
2013-12-19 20:33 . 2014-01-10 18:34 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
2013-11-28 13:38 . 2014-01-10 18:34 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-11-28 13:38 . 2014-01-10 18:34 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
c:\users\Tata\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-01-08 18:15 3349528 ----a-w- c:\program files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]
2014-02-21 04:55 249632 ----a-w- c:\program files (x86)\Surftastic\SurftasticBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll" [2014-01-08 3349528]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-02-17 3598680]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-03-01 18643560]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"cz.seznam.software.autoupdate"="c:\users\Tata\AppData\Roaming\Seznam.cz\szninstall.exe" [BU]
"cz.seznam.software.szndesktop"="c:\users\Tata\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-01-22 4962320]
"CTxfiHlp"="CTXFIHLP.EXE" [2012-12-18 24576]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-02-04 2552856]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Display Manager.lnk - c:\program files (x86)\Dell\Dell Display Manager\ddm.exe [2014-1-14 575120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 Update Surftastic;Update Surftastic;c:\program files (x86)\Surftastic\updateSurftastic.exe;c:\program files (x86)\Surftastic\updateSurftastic.exe [x]
R2 Util Surftastic;Util Surftastic;c:\program files (x86)\Surftastic\bin\utilSurftastic.exe;c:\program files (x86)\Surftastic\bin\utilSurftastic.exe [x]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 06:54 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-18 11:39]
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-18 11:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-01-21 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-01-21 2234144]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} - hxxp://dilna.boulit.cz:10080/HiDvrOcx.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-NextLive - c:\users\Tata\AppData\Roaming\newnext.me\nengine.dll
AddRemove-AliSetup - c:\users\Tata\AppData\Local\Alibaba\AliSetup\0.1.0.52\uninst.exe
AddRemove-DefaultTab - c:\users\Tata\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} - c:\users\Tata\AppData\Local\SwvUpdater\Updater.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-199519330-752907083-356625622-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-199519330-752907083-356625622-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-25 20:38:08
ComboFix-quarantined-files.txt 2014-02-25 19:38
ComboFix2.txt 2014-02-25 18:50
.
Před spuštěním: Volných bajtů: 41 825 153 024
Po spuštění: Volných bajtů: 41 653 313 536
.
- - End Of File - - 42E46DC032B45C489B41E2860B846C00
5C616939100B85E558DA92B899A0FC36
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
# AdwCleaner v3.019 - Report created 25/02/2014 at 21:45:10
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tata - TATA-PC
# Running from : C:\Users\Tata\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Google Chrome v33.0.1750.117
[ File : C:\Users\Tata\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8842 octets] - [25/02/2014 20:45:29]
AdwCleaner[R1].txt - [1278 octets] - [25/02/2014 20:54:42]
AdwCleaner[R2].txt - [1003 octets] - [25/02/2014 20:59:22]
AdwCleaner[R3].txt - [1519 octets] - [25/02/2014 21:01:23]
AdwCleaner[S0].txt - [8788 octets] - [25/02/2014 20:45:55]
AdwCleaner[S1].txt - [1008 octets] - [25/02/2014 20:57:47]
AdwCleaner[S2].txt - [1064 octets] - [25/02/2014 20:59:52]
AdwCleaner[S3].txt - [1042 octets] - [25/02/2014 21:45:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1102 octets] ##########
-------------------------------------------------------------------------------------------------------------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tata at 2014-02-25 21:58:26
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 40 GB (35%) free of 114 GB
Total RAM: 8191 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:30, on 25.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\EPU\EPU.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tata.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Pomocná služba pro přihlášenà k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll (file missing)
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tata\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tata\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: http://*.taobao.com
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} (HiDvrOcx Control) - http://dilna.boulit.cz:10080/HiDvrOcx.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: SluĹľba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: SluĹľba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Surftastic - Unknown owner - C:\Program Files (x86)\Surftastic\updateSurftastic.exe (file missing)
O23 - Service: Util Surftastic - Unknown owner - C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9388 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=274d8668-fe89-4434-8cbc-6b30c30b3a4d /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\168f3e65-9da8-4906-9b98-773b1e15cd67-19c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
taskeng.exe {3E3CE1C1-75D9-449E-96A5-2DE95A559F21}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
taskeng.exe {8FD2BAB2-35BB-4401-AC32-FB0955CB13C4}
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe"
\??\C:\Windows\system32\conhost.exe "529537612-328013494-847907018-1068845434-593623326-1834429670-664281756-1372422261
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe"
WLIDSvcM.exe 2788
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Windows\System32\Ctxfihlp.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=48950b14-0e19-4d05-908c-52485064b84a /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\0693b71a-c3ce-4368-ba9a-886148a35247-c70-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\SysWOW64\CTXFISPI.EXE" -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\splwow64.exe 12288
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Fraps\fraps64.dat"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5832.0.1756526370\1876925296" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x1189 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3489 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/15-pct/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_60/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="5832.3.1679842467\113674858" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/15-pct/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_60/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="5832.4.1263608674\977903760" /prefetch:673131151
"C:\Users\Tata\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášenà k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]
Surftastic - C:\Program Files (x86)\Surftastic\Surftasticbho.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-08-01 8290584]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-01-21 1179576]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-02-17 3598680]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-03-01 18643560]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"cz.seznam.software.autoupdate"=C:\Users\Tata\AppData\Roaming\Seznam.cz\szninstall.exe -c []
"cz.seznam.software.szndesktop"=C:\Users\Tata\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-01-22 4962320]
"CTxfiHlp"=CTXFIHLP.EXE []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-02-25 21:58:26 ----D---- C:\rsit
2014-02-25 21:58:26 ----D---- C:\Program Files\trend micro
2014-02-25 20:45:26 ----D---- C:\AdwCleaner
2014-02-25 20:38:11 ----SHD---- C:\$RECYCLE.BIN
2014-02-25 20:38:10 ----D---- C:\Windows\temp
2014-02-25 20:38:08 ----A---- C:\ComboFix.txt
2014-02-25 20:33:57 ----A---- C:\Windows\ntbtlog.txt
2014-02-25 19:35:23 ----A---- C:\Windows\zip.exe
2014-02-25 19:35:23 ----A---- C:\Windows\SWSC.exe
2014-02-25 19:35:23 ----A---- C:\Windows\SWREG.exe
2014-02-25 19:35:23 ----A---- C:\Windows\sed.exe
2014-02-25 19:35:23 ----A---- C:\Windows\PEV.exe
2014-02-25 19:35:23 ----A---- C:\Windows\NIRCMD.exe
2014-02-25 19:35:23 ----A---- C:\Windows\MBR.exe
2014-02-25 19:35:23 ----A---- C:\Windows\grep.exe
2014-02-25 19:35:04 ----D---- C:\Qoobox
2014-02-25 19:34:58 ----D---- C:\Windows\erdnt
2014-02-25 19:24:43 ----D---- C:\DVR
2014-02-25 19:24:43 ----A---- C:\ProgramData\RmUserCfg.ini
2014-02-24 07:47:31 ----D---- C:\Program Files\Windows Live
2014-02-24 07:09:52 ----D---- C:\Program Files (x86)\PCData
2014-02-24 07:09:49 ----D---- C:\Program Files (x86)\Seznam.cz
2014-02-24 07:09:34 ----D---- C:\Users\Tata\AppData\Roaming\Seznam.cz
2014-02-24 07:02:33 ----D---- C:\Plytki
2014-02-24 07:02:03 ----A---- C:\Windows\SYSWOW64\cc3290mt.dll
2014-02-24 07:02:03 ----A---- C:\Windows\SYSWOW64\7z.dll
2014-02-20 08:05:10 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvinitx.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\NvIFR64.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\NvFBC64.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvdispgenco6433489.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvdispco6433489.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-20 08:01:36 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-20 08:01:36 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-18 21:19:13 ----D---- C:\Users\Tata\AppData\Roaming\Nico Mak Computing
2014-02-18 21:18:50 ----D---- C:\Program Files (x86)\FreeTime
2014-02-12 21:47:32 ----A---- C:\Windows\SYSWOW64\MSVCRTD.DLL
2014-02-12 21:47:32 ----A---- C:\Windows\SYSWOW64\mfc42d.dll
2014-02-12 21:46:21 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2014-02-12 09:14:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-12 09:14:15 ----A---- C:\Windows\system32\vbscript.dll
2014-02-12 09:13:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-12 09:13:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-12 09:13:52 ----A---- C:\Windows\system32\msrating.dll
2014-02-12 09:13:52 ----A---- C:\Windows\system32\ieui.dll
2014-02-12 09:13:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-12 09:13:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\iernonce.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\mshtml.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-12 09:13:50 ----A---- C:\Windows\system32\iesetup.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-12 09:13:50 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-12 09:13:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-12 09:13:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-12 09:13:49 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-12 09:13:49 ----A---- C:\Windows\system32\wininet.dll
2014-02-12 09:13:49 ----A---- C:\Windows\system32\urlmon.dll
2014-02-12 09:13:49 ----A---- C:\Windows\system32\iertutil.dll
2014-02-12 09:13:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-12 09:13:48 ----A---- C:\Windows\system32\ieframe.dll
2014-02-12 09:13:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-12 09:13:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-12 09:13:47 ----A---- C:\Windows\system32\jscript9.dll
2014-02-12 07:04:31 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-12 07:04:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-12 07:04:31 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-12 07:04:31 ----A---- C:\Windows\system32\msxml3.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\secproc.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:04:27 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:04:27 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:04:27 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-12 07:04:27 ----A---- C:\Windows\system32\msdrm.dll
2014-02-12 07:04:24 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-12 07:04:24 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-12 07:04:24 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-12 07:04:24 ----A---- C:\Windows\system32\d2d1.dll
2014-01-28 13:21:16 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-01-28 13:17:52 ----A---- C:\Windows\system32\nvdispgenco6433467.dll
2014-01-28 13:17:51 ----A---- C:\Windows\system32\nvdispco6433467.dll
======List of files/folders modified in the last 1 month======
2014-02-25 21:58:26 ----RD---- C:\Program Files
2014-02-25 21:57:33 ----D---- C:\Program Files (x86)\Origin
2014-02-25 21:57:30 ----D---- C:\Windows\system32\Tasks
2014-02-25 21:57:30 ----D---- C:\Fraps
2014-02-25 21:57:16 ----D---- C:\ProgramData\NVIDIA
2014-02-25 21:24:23 ----D---- C:\Windows\SysWOW64
2014-02-25 21:24:19 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-02-25 21:21:37 ----D---- C:\ProgramData
2014-02-25 21:16:35 ----D---- C:\Windows\System32
2014-02-25 21:16:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-25 21:16:34 ----D---- C:\Windows\inf
2014-02-25 20:57:09 ----D---- C:\Windows\Prefetch
2014-02-25 20:52:55 ----D---- C:\Windows\system32\config
2014-02-25 20:45:56 ----RD---- C:\Program Files (x86)
2014-02-25 20:45:56 ----D---- C:\Program Files (x86)\Common Files
2014-02-25 20:44:20 ----D---- C:\ProgramData\MFAData
2014-02-25 20:41:17 ----D---- C:\Windows
2014-02-25 20:38:10 ----D---- C:\Windows\system32\drivers
2014-02-25 20:37:37 ----D---- C:\Windows\Tasks
2014-02-25 20:37:16 ----A---- C:\Windows\system.ini
2014-02-25 20:36:05 ----D---- C:\Windows\SYSWOW64\drivers
2014-02-25 20:36:05 ----D---- C:\Windows\AppPatch
2014-02-25 20:04:01 ----D---- C:\Windows\SoftwareDistribution
2014-02-25 20:03:55 ----D---- C:\Windows\Downloaded Program Files
2014-02-25 19:43:35 ----D---- C:\Windows\system32\drivers\etc
2014-02-25 19:35:31 ----SHD---- C:\System Volume Information
2014-02-25 19:35:18 ----D---- C:\ProgramData\Origin
2014-02-25 19:34:36 ----D---- C:\Windows\system32\catroot2
2014-02-25 18:51:01 ----D---- C:\Users\Tata\AppData\Roaming\Skype
2014-02-24 14:00:17 ----D---- C:\Windows\system32\wdi
2014-02-24 07:47:48 ----SHD---- C:\Windows\Installer
2014-02-24 07:47:39 ----D---- C:\Program Files (x86)\Windows Live
2014-02-24 07:46:09 ----D---- C:\Windows\Logs
2014-02-24 07:46:09 ----D---- C:\Windows\debug
2014-02-24 07:35:45 ----D---- C:\Windows\Minidump
2014-02-24 07:11:37 ----HD---- C:\Windows\system32\GroupPolicy
2014-02-24 07:11:37 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-02-24 07:10:51 ----D---- C:\ProgramData\AVG2014
2014-02-24 07:10:01 ----D---- C:\Users\Tata\AppData\Roaming\NVIDIA
2014-02-23 19:58:04 ----D---- C:\Windows\rescache
2014-02-20 08:05:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-20 08:05:08 ----D---- C:\Windows\system32\DriverStore
2014-02-20 08:05:08 ----D---- C:\Windows\system32\catroot
2014-02-16 23:35:33 ----D---- C:\Windows\system32\MRT
2014-02-16 23:34:53 ----A---- C:\Windows\system32\MRT.exe
2014-02-13 19:23:47 ----D---- C:\Windows\Microsoft.NET
2014-02-13 14:17:51 ----RSD---- C:\Windows\assembly
2014-02-12 21:58:38 ----D---- C:\Program Files\CCleaner
2014-02-12 21:56:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-02-12 21:56:16 ----D---- C:\Program Files (x86)\ASUS
2014-02-12 14:06:02 ----D---- C:\Windows\winsxs
2014-02-12 14:05:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-12 14:05:05 ----D---- C:\Windows\system32\cs-CZ
2014-02-12 14:05:05 ----D---- C:\Program Files\Internet Explorer
2014-02-12 14:05:05 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-12 09:15:13 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\OpenCL.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvapi64.dll
2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvsvc64.dll
2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvcpl.dll
2014-02-08 18:42:33 ----A---- C:\Windows\system32\nvvsvc.exe
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvsvcr.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvshext.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvmctray.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-04-29 239136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-25 150808]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-01-07 46368]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-16 283064]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2012-12-18 232880]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2012-12-18 703152]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2012-12-18 1448368]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2012-12-18 97712]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2012-12-18 18352]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2012-12-18 215472]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2012-12-18 120752]
R3 ha20x22k;Creative 20X2 HAL Driver; C:\Windows\system32\drivers\ha20x22k.sys [2012-12-18 1617328]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-04-25 28704]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2012-12-18 181680]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2012-12-18 232880]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2012-12-18 583088]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2012-12-18 1448368]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2012-12-18 97712]
S3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2012-12-18 1572272]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-01-22 3788816]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-04-19 625184]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-04-19 207904]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-01-17 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-02-25 214392]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;SluĹľba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-18 116648]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE EXEC /i C:\ComboFix\REGT.3XE /S C:\ComboFix\CregB.dat []
S2 Update Surftastic;Update Surftastic; C:\Program Files (x86)\Surftastic\updateSurftastic.exe []
S2 Util Surftastic;Util Surftastic; C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-11-18 79360]
S3 gupdatem;SluĹľba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-18 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-18 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.09 2014-02-25 21:58:31
======Uninstall list======
-->"C:\Program Files (x86)\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->2BB63178448D27E1
-->MsiExec /X{80407BA7-7763-4395-AB98-5233F1B34E65}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
Adobe Reader XI (11.0.06) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
AliSetup 0.1.0.52-->C:\Users\Tata\AppData\Local\Alibaba\AliSetup\0.1.0.52\uninst.exe
AVG 2014-->"C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2014-->MsiExec.exe /I{7C4C5901-A58F-4018-A93B-01C93EF8D3F3}
AVG 2014-->MsiExec.exe /I{CE470020-CCCF-4C09-9AB9-B710A4FBE2C8}
Battlefield 4™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 4\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CPUID CPU-Z 1.68-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
Creative Audio Control Panel-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative MediaSource 5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove
Creative Sound Blaster Properties x64 Edition-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0009
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Dell Display Manager-->"C:\Program Files (x86)\Dell\Dell Display Manager\unins000.exe"
EPU-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}\setup.exe" -l0x9
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
FormatFactory 3.3.1.0-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Junk Mail filter update-->MsiExec.exe /I{24758B1D-9345-4538-A69A-05660F63A296}
Logitech Gaming Software 8.50-->C:\Program Files\Logitech Gaming Software\uninstallhlpr.exe /bitness=x64 /silentmode=off /langid=CSY /downgrade=no
Logitech Gaming Software-->MsiExec.exe /I{690285C2-2481-44FB-8402-162EA970A6DD}
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{50813B8C-FCBB-3C61-8039-EAAA93029066}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Mouse and Keyboard Center-->C:\Program Files\Microsoft Mouse and Keyboard Center\setup.exe /uninstall
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610-->"C:\ProgramData\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610-->"C:\ProgramData\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610-->MsiExec.exe /X{764384C5-BCA9-307C-9AAC-FD443662686A}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610-->MsiExec.exe /X{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610-->MsiExec.exe /X{3D6AD258-61EA-35F5-812C-B7A02152996E}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610-->MsiExec.exe /X{E7D4E834-93EB-351F-B8FB-82CDAE623003}
MPC-HC 1.7.1 (64-bit)-->"C:\Program Files\MPC-HC\unins000.exe"
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0409 -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
NVIDIA GeForce Experience 1.8.2-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D79079CB-9507-4E06-88AF-F639456DB7F2}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA OvladaÄŤ 3D Vision 334.89-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{46471CA9-D688-49D1-A7F3-6073B365573E}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA OvladaÄŤ HD audia 1.3.30.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{46471CA9-D688-49D1-A7F3-6073B365573E}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA OvladaÄŤ Ĺ™ĂdĂcĂ jednotky 3D Vision 334.89-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{46471CA9-D688-49D1-A7F3-6073B365573E}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA OvladaÄŤe grafiky 334.89-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{46471CA9-D688-49D1-A7F3-6073B365573E}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{80407BA7-7763-4395-AB98-5233F1B34E65}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.13.1220-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{3976898C-34BC-4CE6-87A0-3FC3FE967A23}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Virtual Audio 1.2.20-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D79079CB-9507-4E06-88AF-F639456DB7F2}\NVI2.DLL",UninstallPackage VirtualAudio.Driver
OpenAL-->"C:\Program Files (x86)\OpenAL\OALInst.exe" /U
OpenOffice 4.0.1-->MsiExec.exe /I{220C463A-2890-4C7F-B97C-C49FE175B849}
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
Photo Common-->MsiExec.exe /X{5C1D9C2A-B542-4A21-94A4-783C5A4681DF}
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Skype™ 6.3-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Surftastic-->C:\Program Files (x86)\Surftastic\Surftasticuninstall.exe
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Windows Live Communications Platform-->MsiExec.exe /I{A9FFEC6C-9C44-4597-8E23-EDD78BF5D0B2}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{5FDED311-B6BA-4FE7-83C1-7D2F10A5AAE0}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{CE52672C-A0E9-4450-8875-88A221D5CD50}
Windows Live Installer-->MsiExec.exe /I{4260CAAE-D108-4223-A1C5-96B67062FE86}
Windows Live Mail-->MsiExec.exe /I{2C01080F-AAD8-40A7-AF6B-725DCCC802DB}
Windows Live Mail-->MsiExec.exe /I{72D9236D-C6EA-4DA6-A18C-CC24521A70D4}
Windows Live Messenger-->MsiExec.exe /X{BA289EB6-331F-40EB-A31E-52F5B39EBA61}
Windows Live Messenger-->MsiExec.exe /X{E5E83E00-1144-4821-B6B6-7A16C41EFC39}
Windows Live MIME IFilter-->MsiExec.exe /I{C6E57DC0-5699-47D4-9263-CEE00A4BB1FC}
Windows Live Photo Common-->MsiExec.exe /X{983FA94A-A7DD-40B1-B7F9-F45D2B4FD1DE}
Windows Live PIMT Platform-->MsiExec.exe /I{59307833-CB98-4440-B644-0CD352F61907}
Windows Live SOXE Definitions-->MsiExec.exe /I{8F66BFDE-B213-48E2-93EF-7151277A2916}
Windows Live SOXE-->MsiExec.exe /I{C87DF7BB-4F5C-4BBE-B041-A59FFF4A1D07}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6093CCDD-5CC8-4C0D-A349-8807B58D19EE}
Windows Live UX Platform-->MsiExec.exe /I{94532CD5-C66D-49E3-9131-5FB04D7647A1}
Windows Live Writer Resources-->MsiExec.exe /X{6617D6C3-6904-478C-81D1-1EC8336F7F49}
Windows Live Writer-->MsiExec.exe /X{9797D7BA-A333-4DF1-AF55-AC745D216EDB}
WinRAR 5.00 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
======System event log======
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88230
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88229
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88228
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88227
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88226
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
=====Application event log=====
Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20131118083746.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20131118083746.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20131118083745.836400-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: 37L4247F27-25
Event Code: 4625
Message: SubsystĂ©m EventSystem zabraĹ�uje vytvářenĂ duplicitnĂch záznamĹŻ v protokolu událostĂ po dobu 86400 sekund. Tuto dobu lze zmÄ›nit pomocĂ hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujĂcĂm klĂÄŤi registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20131118083745.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1532
Message: SluĹľba Profil uĹľivatele byla zastavena.
Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: 37L4247F27-25
Event Code: 4672
Message: NovĂ©mu pĹ™ihlášenĂ byla pĹ™iĹ™azena zvláštnĂ oprávnÄ›nĂ.
Předmět:
ID zabezpeÄŤenĂ: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID pĹ™ihlášenĂ: 0x3e7
OprávnÄ›nĂ: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083743.324800-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpeÄŤenĂ: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID pĹ™ihlášenĂ: 0x3e7
Typ pĹ™ihlášenĂ: 5
NovĂ© pĹ™ihlášenĂ:
ID zabezpeÄŤenĂ: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID pĹ™ihlášenĂ: 0x3e7
GUID pĹ™ihlášenĂ: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1ac
Název procesu: C:\Windows\System32\services.exe
Informace o sĂti:
Název pracovnà stanice:
Adresa zdrojovĂ© sĂtÄ› -
ZdrojovĂ˝ port: -
PodrobnĂ© informace o ověřenĂ:
Proces pĹ™ihlášenĂ: Advapi
BalĂÄŤek ověřenĂ: Negotiate
Přenosové služby: -
Název balĂÄŤku (pouze NTLM): -
DĂ©lka klĂÄŤe: 0
Tato událost je generována po vytvoĹ™enĂ relace pĹ™ihlášenĂ. Je generována v poÄŤĂtaÄŤi, ke kterĂ©mu byl zĂskán pĹ™Ăstup.
Pole s pĹ™edmÄ›tem oznaÄŤujà účet v mĂstnĂm systĂ©mu, kterĂ˝ poĹľadoval pĹ™ihlášenĂ. Jedná se nejÄŤastÄ›ji o sluĹľbu, napĹ™Ăklad sluĹľbu serveru nebo mĂstnĂ proces, napĹ™Ăklad Winlogon.exe nebo Services.exe.
Pole Typ pĹ™ihlášenĂ oznaÄŤuje, k jakĂ©mu typu pĹ™ihlášenĂ došlo. NejběžnÄ›jšà typy jsou 2 (interaktivnĂ) a 3 (sĂĹĄ).
Pole Nové přihlášenà označujà účet, pro který bylo nové přihlášenà vytvořeno, tj. účet, který byl přihlášen.
Pole SĂĹĄ oznaÄŤujĂ pĹŻvod poĹľadavku na vzdálenĂ© pĹ™ihlášenĂ. Název pracovnĂ stanice nenĂ vĹľdy k dispozici a v nÄ›kterĂ˝ch pĹ™Ăpadech mĹŻĹľe bĂ˝t toto pole prázdnĂ©.
Pole s informacemi o ověřenĂ poskytujĂ podrobnĂ© informace o tomto konkrĂ©tnĂm poĹľadavku na pĹ™ihlášenĂ.
- GUID pĹ™ihlášenĂ je jednoznaÄŤnĂ˝ identifikátor, kterĂ˝ je moĹľnĂ© pouĹľĂt ke spojenĂ tĂ©to události s událostĂ KDC.
- PĹ™enosovĂ© sluĹľby oznaÄŤujĂ, kterĂ© pomocnĂ© sluĹľby se podĂlely na tomto poĹľadavku na pĹ™ihlášenĂ.
- Název balĂÄŤku oznaÄŤuje, kterĂ˝ dĂlÄŤĂ protokol z protokolĹŻ NTLM byl pouĹľit.
- DĂ©lka klĂÄŤe oznaÄŤuje dĂ©lku generovanĂ©ho klĂÄŤe relace. Tato hodnota bude 0, pokud nebyl poĹľadován žádnĂ˝ klĂÄŤ relace.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083743.324800-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
PoÄŤet prvkĹŻ: 0
ID zásady: 0x327d7
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083743.075200-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpeÄŤenĂ: S-1-0-0
Název účtu: -
Doména účtu: -
ID pĹ™ihlášenĂ: 0x0
Typ pĹ™ihlášenĂ: 0
NovĂ© pĹ™ihlášenĂ:
ID zabezpeÄŤenĂ: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID pĹ™ihlášenĂ: 0x3e7
GUID pĹ™ihlášenĂ: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o sĂti:
Název pracovnà stanice: -
Adresa zdrojovĂ© sĂtÄ› -
ZdrojovĂ˝ port: -
PodrobnĂ© informace o ověřenĂ:
Proces pĹ™ihlášenĂ: -
BalĂÄŤek ověřenĂ: -
Přenosové služby: -
Název balĂÄŤku (pouze NTLM): -
DĂ©lka klĂÄŤe: 0
Tato událost je generována po vytvoĹ™enĂ relace pĹ™ihlášenĂ. Je generována v poÄŤĂtaÄŤi, ke kterĂ©mu byl zĂskán pĹ™Ăstup.
Pole s pĹ™edmÄ›tem oznaÄŤujà účet v mĂstnĂm systĂ©mu, kterĂ˝ poĹľadoval pĹ™ihlášenĂ. Jedná se nejÄŤastÄ›ji o sluĹľbu, napĹ™Ăklad sluĹľbu serveru nebo mĂstnĂ proces, napĹ™Ăklad Winlogon.exe nebo Services.exe.
Pole Typ pĹ™ihlášenĂ oznaÄŤuje, k jakĂ©mu typu pĹ™ihlášenĂ došlo. NejběžnÄ›jšà typy jsou 2 (interaktivnĂ) a 3 (sĂĹĄ).
Pole Nové přihlášenà označujà účet, pro který bylo nové přihlášenà vytvořeno, tj. účet, který byl přihlášen.
Pole SĂĹĄ oznaÄŤujĂ pĹŻvod poĹľadavku na vzdálenĂ© pĹ™ihlášenĂ. Název pracovnĂ stanice nenĂ vĹľdy k dispozici a v nÄ›kterĂ˝ch pĹ™Ăpadech mĹŻĹľe bĂ˝t toto pole prázdnĂ©.
Pole s informacemi o ověřenĂ poskytujĂ podrobnĂ© informace o tomto konkrĂ©tnĂm poĹľadavku na pĹ™ihlášenĂ.
- GUID pĹ™ihlášenĂ je jednoznaÄŤnĂ˝ identifikátor, kterĂ˝ je moĹľnĂ© pouĹľĂt ke spojenĂ tĂ©to události s událostĂ KDC.
- PĹ™enosovĂ© sluĹľby oznaÄŤujĂ, kterĂ© pomocnĂ© sluĹľby se podĂlely na tomto poĹľadavku na pĹ™ihlášenĂ.
- Název balĂÄŤku oznaÄŤuje, kterĂ˝ dĂlÄŤĂ protokol z protokolĹŻ NTLM byl pouĹľit.
- DĂ©lka klĂÄŤe oznaÄŤuje dĂ©lku generovanĂ©ho klĂÄŤe relace. Tato hodnota bude 0, pokud nebyl poĹľadován žádnĂ˝ klĂÄŤ relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083742.997200-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouštà se systém Windows.
Tato událost je zaznamenána pĹ™i spuštÄ›nĂ procesu LSASS.EXE a inicializaci kontrolnĂho podsystĂ©mu.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083742.997200-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=6
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_LEVEL"=16
"PROCESSOR_REVISION"=0a00
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"windows_tracing_flags"=3
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
-----------------EOF-----------------
ComboFix 14-02-24.02 - Tata 25.02.2014 20:35:04.2.6 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8191.7442 [GMT 1:00]
Spuštěný z: c:\users\Tata\Downloads\ComboFix.exe
AV: AVG AntiVirus 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-25 do 2014-02-25 )))))))))))))))))))))))))))))))
.
.
2014-02-25 19:37 . 2014-02-25 19:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-25 18:24 . 2014-02-25 18:24 -------- d-----w- C:\DVR
2014-02-24 06:47 . 2014-02-24 06:47 -------- d-----w- c:\program files\Windows Live
2014-02-24 06:11 . 2014-02-25 18:42 -------- d-----w- c:\users\Tata\AppData\Roaming\DefaultTab
2014-02-24 06:11 . 2014-02-24 06:11 -------- d-----w- c:\users\Tata\.android
2014-02-24 06:09 . 2014-02-24 06:10 -------- d-----w- c:\program files (x86)\PCData
2014-02-24 06:09 . 2014-02-24 06:09 -------- d-----w- c:\program files (x86)\Seznam.cz
2014-02-24 06:09 . 2014-02-25 17:27 -------- d-----w- c:\users\Tata\AppData\Roaming\Seznam.cz
2014-02-24 06:09 . 2014-02-24 07:12 -------- d-----w- c:\program files (x86)\Surftastic
2014-02-24 06:02 . 2014-02-24 06:02 -------- d-----w- C:\Plytki
2014-02-24 06:02 . 2014-02-24 06:02 914432 ----a-w- c:\windows\SysWow64\7z.dll
2014-02-24 06:02 . 2014-02-24 06:02 718848 ----a-w- c:\windows\SysWow64\cc3290mt.dll
2014-02-20 07:05 . 2014-02-08 16:18 599840 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-02-18 20:19 . 2014-02-18 20:22 -------- d-----w- c:\users\Tata\AppData\Roaming\Nico Mak Computing
2014-02-18 20:19 . 2012-02-08 09:29 18760 ----a-w- c:\windows\system32\roboot64.exe
2014-02-18 20:18 . 2014-02-18 20:18 -------- d-----w- c:\program files (x86)\FreeTime
2014-02-12 20:47 . 2004-02-26 23:00 962612 ----a-w- c:\windows\SysWow64\mfc42d.dll
2014-02-12 20:47 . 2004-02-16 23:00 434252 ----a-w- c:\windows\SysWow64\MSVCRTD.DLL
2014-02-12 20:46 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-02-12 20:46 . 2001-09-05 03:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-02-12 20:46 . 2001-09-05 03:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-02-12 20:46 . 2001-09-05 03:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-02-12 20:46 . 2002-07-25 09:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2014-02-12 20:46 . 2009-07-16 10:38 15416 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2014-02-12 08:14 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 08:14 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 06:04 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-01-28 12:21 . 2014-01-28 12:21 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-01-28 12:17 . 2014-01-15 23:13 1515296 ----a-w- c:\windows\system32\nvdispgenco6433467.dll
2014-01-28 12:17 . 2014-01-15 23:13 1885472 ----a-w- c:\windows\system32\nvdispco6433467.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-25 19:01 . 2014-01-19 12:30 3501 ----a-w- c:\users\Tata\IP_Log_Data.js
2014-02-25 19:01 . 2014-01-18 09:00 10889 ----a-w- c:\users\Tata\Network_Meter_Data.js
2014-02-24 21:00 . 2013-11-19 06:55 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-21 20:40 . 2013-11-19 06:55 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-02-16 22:34 . 2013-11-18 09:22 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2013-11-18 09:19 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-02-08 18:34 . 2013-11-18 09:19 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-02-08 18:34 . 2013-10-27 08:12 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2013-10-27 08:12 15740232 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-02-08 18:34 . 2013-10-27 08:12 31432480 ----a-w- c:\windows\system32\nvoglv64.dll
2014-02-08 18:34 . 2013-10-27 08:12 14669032 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-02-08 18:34 . 2013-10-27 08:12 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 18:34 . 2013-10-27 08:12 2713728 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-08 17:42 . 2013-11-18 09:19 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2013-11-18 09:19 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2013-11-18 09:19 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2013-11-18 09:19 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2013-11-18 09:19 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2013-11-18 09:19 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-05 17:52 . 2013-11-18 09:19 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-01-21 02:53 . 2013-11-18 12:28 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-21 02:53 . 2013-11-18 12:28 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-17 19:54 . 2013-11-19 06:55 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-01-16 16:47 . 2014-01-16 16:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-01-16 16:09 . 2014-01-16 16:09 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-10 12:40 . 2014-01-10 12:40 58560 ----a-w- c:\windows\SysWow64\sirenacm.dll
2014-01-07 13:40 . 2014-01-07 13:40 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-12-27 18:42 . 2014-01-23 16:26 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-27 18:42 . 2014-01-23 16:26 33056 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-27 18:42 . 2013-11-18 12:23 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-19 20:33 . 2014-01-10 18:34 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
2013-12-19 20:33 . 2014-01-10 18:34 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
2013-11-28 13:38 . 2014-01-10 18:34 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-11-28 13:38 . 2014-01-10 18:34 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
c:\users\Tata\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-01-08 18:15 3349528 ----a-w- c:\program files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]
2014-02-21 04:55 249632 ----a-w- c:\program files (x86)\Surftastic\SurftasticBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll" [2014-01-08 3349528]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-02-17 3598680]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-03-01 18643560]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"cz.seznam.software.autoupdate"="c:\users\Tata\AppData\Roaming\Seznam.cz\szninstall.exe" [BU]
"cz.seznam.software.szndesktop"="c:\users\Tata\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-01-22 4962320]
"CTxfiHlp"="CTXFIHLP.EXE" [2012-12-18 24576]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-02-04 2552856]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Display Manager.lnk - c:\program files (x86)\Dell\Dell Display Manager\ddm.exe [2014-1-14 575120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 Update Surftastic;Update Surftastic;c:\program files (x86)\Surftastic\updateSurftastic.exe;c:\program files (x86)\Surftastic\updateSurftastic.exe [x]
R2 Util Surftastic;Util Surftastic;c:\program files (x86)\Surftastic\bin\utilSurftastic.exe;c:\program files (x86)\Surftastic\bin\utilSurftastic.exe [x]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 06:54 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-18 11:39]
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-18 11:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-01-21 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-01-21 2234144]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} - hxxp://dilna.boulit.cz:10080/HiDvrOcx.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-NextLive - c:\users\Tata\AppData\Roaming\newnext.me\nengine.dll
AddRemove-AliSetup - c:\users\Tata\AppData\Local\Alibaba\AliSetup\0.1.0.52\uninst.exe
AddRemove-DefaultTab - c:\users\Tata\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} - c:\users\Tata\AppData\Local\SwvUpdater\Updater.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-199519330-752907083-356625622-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-199519330-752907083-356625622-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-25 20:38:08
ComboFix-quarantined-files.txt 2014-02-25 19:38
ComboFix2.txt 2014-02-25 18:50
.
Před spuštěním: Volných bajtů: 41 825 153 024
Po spuštění: Volných bajtů: 41 653 313 536
.
- - End Of File - - 42E46DC032B45C489B41E2860B846C00
5C616939100B85E558DA92B899A0FC36
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
# AdwCleaner v3.019 - Report created 25/02/2014 at 21:45:10
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tata - TATA-PC
# Running from : C:\Users\Tata\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Google Chrome v33.0.1750.117
[ File : C:\Users\Tata\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8842 octets] - [25/02/2014 20:45:29]
AdwCleaner[R1].txt - [1278 octets] - [25/02/2014 20:54:42]
AdwCleaner[R2].txt - [1003 octets] - [25/02/2014 20:59:22]
AdwCleaner[R3].txt - [1519 octets] - [25/02/2014 21:01:23]
AdwCleaner[S0].txt - [8788 octets] - [25/02/2014 20:45:55]
AdwCleaner[S1].txt - [1008 octets] - [25/02/2014 20:57:47]
AdwCleaner[S2].txt - [1064 octets] - [25/02/2014 20:59:52]
AdwCleaner[S3].txt - [1042 octets] - [25/02/2014 21:45:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1102 octets] ##########
-------------------------------------------------------------------------------------------------------------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tata at 2014-02-25 21:58:26
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 40 GB (35%) free of 114 GB
Total RAM: 8191 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:30, on 25.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\EPU\EPU.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tata.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Pomocná služba pro přihlášenà k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll (file missing)
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tata\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tata\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.alipay.com
O15 - Trusted Zone: http://*.alisoft.com
O15 - Trusted Zone: http://*.taobao.com
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} (HiDvrOcx Control) - http://dilna.boulit.cz:10080/HiDvrOcx.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: SluĹľba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: SluĹľba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Surftastic - Unknown owner - C:\Program Files (x86)\Surftastic\updateSurftastic.exe (file missing)
O23 - Service: Util Surftastic - Unknown owner - C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9388 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=274d8668-fe89-4434-8cbc-6b30c30b3a4d /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\168f3e65-9da8-4906-9b98-773b1e15cd67-19c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
taskeng.exe {3E3CE1C1-75D9-449E-96A5-2DE95A559F21}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
taskeng.exe {8FD2BAB2-35BB-4401-AC32-FB0955CB13C4}
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe"
\??\C:\Windows\system32\conhost.exe "529537612-328013494-847907018-1068845434-593623326-1834429670-664281756-1372422261
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe"
WLIDSvcM.exe 2788
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Windows\System32\Ctxfihlp.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=48950b14-0e19-4d05-908c-52485064b84a /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\0693b71a-c3ce-4368-ba9a-886148a35247-c70-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\SysWOW64\CTXFISPI.EXE" -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\splwow64.exe 12288
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Fraps\fraps64.dat"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5832.0.1756526370\1876925296" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27,33 --gpu-vendor-id=0x10de --gpu-device-id=0x1189 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3489 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/15-pct/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_60/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="5832.3.1679842467\113674858" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/15-pct/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_60/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="5832.4.1263608674\977903760" /prefetch:673131151
"C:\Users\Tata\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášenà k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]
Surftastic - C:\Program Files (x86)\Surftastic\Surftasticbho.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-08-01 8290584]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-01-21 1179576]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-02-17 3598680]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-03-01 18643560]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"cz.seznam.software.autoupdate"=C:\Users\Tata\AppData\Roaming\Seznam.cz\szninstall.exe -c []
"cz.seznam.software.szndesktop"=C:\Users\Tata\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-01-22 4962320]
"CTxfiHlp"=CTXFIHLP.EXE []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-02-25 21:58:26 ----D---- C:\rsit
2014-02-25 21:58:26 ----D---- C:\Program Files\trend micro
2014-02-25 20:45:26 ----D---- C:\AdwCleaner
2014-02-25 20:38:11 ----SHD---- C:\$RECYCLE.BIN
2014-02-25 20:38:10 ----D---- C:\Windows\temp
2014-02-25 20:38:08 ----A---- C:\ComboFix.txt
2014-02-25 20:33:57 ----A---- C:\Windows\ntbtlog.txt
2014-02-25 19:35:23 ----A---- C:\Windows\zip.exe
2014-02-25 19:35:23 ----A---- C:\Windows\SWSC.exe
2014-02-25 19:35:23 ----A---- C:\Windows\SWREG.exe
2014-02-25 19:35:23 ----A---- C:\Windows\sed.exe
2014-02-25 19:35:23 ----A---- C:\Windows\PEV.exe
2014-02-25 19:35:23 ----A---- C:\Windows\NIRCMD.exe
2014-02-25 19:35:23 ----A---- C:\Windows\MBR.exe
2014-02-25 19:35:23 ----A---- C:\Windows\grep.exe
2014-02-25 19:35:04 ----D---- C:\Qoobox
2014-02-25 19:34:58 ----D---- C:\Windows\erdnt
2014-02-25 19:24:43 ----D---- C:\DVR
2014-02-25 19:24:43 ----A---- C:\ProgramData\RmUserCfg.ini
2014-02-24 07:47:31 ----D---- C:\Program Files\Windows Live
2014-02-24 07:09:52 ----D---- C:\Program Files (x86)\PCData
2014-02-24 07:09:49 ----D---- C:\Program Files (x86)\Seznam.cz
2014-02-24 07:09:34 ----D---- C:\Users\Tata\AppData\Roaming\Seznam.cz
2014-02-24 07:02:33 ----D---- C:\Plytki
2014-02-24 07:02:03 ----A---- C:\Windows\SYSWOW64\cc3290mt.dll
2014-02-24 07:02:03 ----A---- C:\Windows\SYSWOW64\7z.dll
2014-02-20 08:05:10 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-20 08:01:37 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvinitx.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\NvIFR64.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\NvFBC64.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvdispgenco6433489.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvdispco6433489.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-20 08:01:37 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-20 08:01:36 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-20 08:01:36 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-18 21:19:13 ----D---- C:\Users\Tata\AppData\Roaming\Nico Mak Computing
2014-02-18 21:18:50 ----D---- C:\Program Files (x86)\FreeTime
2014-02-12 21:47:32 ----A---- C:\Windows\SYSWOW64\MSVCRTD.DLL
2014-02-12 21:47:32 ----A---- C:\Windows\SYSWOW64\mfc42d.dll
2014-02-12 21:46:21 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2014-02-12 09:14:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-12 09:14:15 ----A---- C:\Windows\system32\vbscript.dll
2014-02-12 09:13:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-12 09:13:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-12 09:13:52 ----A---- C:\Windows\system32\msrating.dll
2014-02-12 09:13:52 ----A---- C:\Windows\system32\ieui.dll
2014-02-12 09:13:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-12 09:13:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\iernonce.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 09:13:51 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-12 09:13:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\mshtml.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-12 09:13:50 ----A---- C:\Windows\system32\iesetup.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-12 09:13:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-12 09:13:50 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-12 09:13:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-12 09:13:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-12 09:13:49 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-12 09:13:49 ----A---- C:\Windows\system32\wininet.dll
2014-02-12 09:13:49 ----A---- C:\Windows\system32\urlmon.dll
2014-02-12 09:13:49 ----A---- C:\Windows\system32\iertutil.dll
2014-02-12 09:13:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-12 09:13:48 ----A---- C:\Windows\system32\ieframe.dll
2014-02-12 09:13:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-12 09:13:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-12 09:13:47 ----A---- C:\Windows\system32\jscript9.dll
2014-02-12 07:04:31 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-12 07:04:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-12 07:04:31 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-12 07:04:31 ----A---- C:\Windows\system32\msxml3.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-12 07:04:27 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\secproc.dll
2014-02-12 07:04:27 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:04:27 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:04:27 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:04:27 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-12 07:04:27 ----A---- C:\Windows\system32\msdrm.dll
2014-02-12 07:04:24 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-12 07:04:24 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-12 07:04:24 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-12 07:04:24 ----A---- C:\Windows\system32\d2d1.dll
2014-01-28 13:21:16 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-01-28 13:17:52 ----A---- C:\Windows\system32\nvdispgenco6433467.dll
2014-01-28 13:17:51 ----A---- C:\Windows\system32\nvdispco6433467.dll
======List of files/folders modified in the last 1 month======
2014-02-25 21:58:26 ----RD---- C:\Program Files
2014-02-25 21:57:33 ----D---- C:\Program Files (x86)\Origin
2014-02-25 21:57:30 ----D---- C:\Windows\system32\Tasks
2014-02-25 21:57:30 ----D---- C:\Fraps
2014-02-25 21:57:16 ----D---- C:\ProgramData\NVIDIA
2014-02-25 21:24:23 ----D---- C:\Windows\SysWOW64
2014-02-25 21:24:19 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-02-25 21:21:37 ----D---- C:\ProgramData
2014-02-25 21:16:35 ----D---- C:\Windows\System32
2014-02-25 21:16:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-25 21:16:34 ----D---- C:\Windows\inf
2014-02-25 20:57:09 ----D---- C:\Windows\Prefetch
2014-02-25 20:52:55 ----D---- C:\Windows\system32\config
2014-02-25 20:45:56 ----RD---- C:\Program Files (x86)
2014-02-25 20:45:56 ----D---- C:\Program Files (x86)\Common Files
2014-02-25 20:44:20 ----D---- C:\ProgramData\MFAData
2014-02-25 20:41:17 ----D---- C:\Windows
2014-02-25 20:38:10 ----D---- C:\Windows\system32\drivers
2014-02-25 20:37:37 ----D---- C:\Windows\Tasks
2014-02-25 20:37:16 ----A---- C:\Windows\system.ini
2014-02-25 20:36:05 ----D---- C:\Windows\SYSWOW64\drivers
2014-02-25 20:36:05 ----D---- C:\Windows\AppPatch
2014-02-25 20:04:01 ----D---- C:\Windows\SoftwareDistribution
2014-02-25 20:03:55 ----D---- C:\Windows\Downloaded Program Files
2014-02-25 19:43:35 ----D---- C:\Windows\system32\drivers\etc
2014-02-25 19:35:31 ----SHD---- C:\System Volume Information
2014-02-25 19:35:18 ----D---- C:\ProgramData\Origin
2014-02-25 19:34:36 ----D---- C:\Windows\system32\catroot2
2014-02-25 18:51:01 ----D---- C:\Users\Tata\AppData\Roaming\Skype
2014-02-24 14:00:17 ----D---- C:\Windows\system32\wdi
2014-02-24 07:47:48 ----SHD---- C:\Windows\Installer
2014-02-24 07:47:39 ----D---- C:\Program Files (x86)\Windows Live
2014-02-24 07:46:09 ----D---- C:\Windows\Logs
2014-02-24 07:46:09 ----D---- C:\Windows\debug
2014-02-24 07:35:45 ----D---- C:\Windows\Minidump
2014-02-24 07:11:37 ----HD---- C:\Windows\system32\GroupPolicy
2014-02-24 07:11:37 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-02-24 07:10:51 ----D---- C:\ProgramData\AVG2014
2014-02-24 07:10:01 ----D---- C:\Users\Tata\AppData\Roaming\NVIDIA
2014-02-23 19:58:04 ----D---- C:\Windows\rescache
2014-02-20 08:05:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-20 08:05:08 ----D---- C:\Windows\system32\DriverStore
2014-02-20 08:05:08 ----D---- C:\Windows\system32\catroot
2014-02-16 23:35:33 ----D---- C:\Windows\system32\MRT
2014-02-16 23:34:53 ----A---- C:\Windows\system32\MRT.exe
2014-02-13 19:23:47 ----D---- C:\Windows\Microsoft.NET
2014-02-13 14:17:51 ----RSD---- C:\Windows\assembly
2014-02-12 21:58:38 ----D---- C:\Program Files\CCleaner
2014-02-12 21:56:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-02-12 21:56:16 ----D---- C:\Program Files (x86)\ASUS
2014-02-12 14:06:02 ----D---- C:\Windows\winsxs
2014-02-12 14:05:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-12 14:05:05 ----D---- C:\Windows\system32\cs-CZ
2014-02-12 14:05:05 ----D---- C:\Program Files\Internet Explorer
2014-02-12 14:05:05 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-12 09:15:13 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\OpenCL.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvapi64.dll
2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvsvc64.dll
2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvcpl.dll
2014-02-08 18:42:33 ----A---- C:\Windows\system32\nvvsvc.exe
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvsvcr.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvshext.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvmctray.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-04-29 239136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-25 150808]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-01-07 46368]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-16 283064]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2012-12-18 232880]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2012-12-18 703152]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2012-12-18 1448368]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2012-12-18 97712]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2012-12-18 18352]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2012-12-18 215472]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2012-12-18 120752]
R3 ha20x22k;Creative 20X2 HAL Driver; C:\Windows\system32\drivers\ha20x22k.sys [2012-12-18 1617328]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-04-25 28704]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2012-12-18 181680]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2012-12-18 232880]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2012-12-18 583088]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2012-12-18 1448368]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2012-12-18 97712]
S3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2012-12-18 1572272]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-01-22 3788816]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-04-19 625184]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-04-19 207904]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-01-17 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-02-25 214392]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;SluĹľba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-18 116648]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE EXEC /i C:\ComboFix\REGT.3XE /S C:\ComboFix\CregB.dat []
S2 Update Surftastic;Update Surftastic; C:\Program Files (x86)\Surftastic\updateSurftastic.exe []
S2 Util Surftastic;Util Surftastic; C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-11-18 79360]
S3 gupdatem;SluĹľba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-18 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-18 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.09 2014-02-25 21:58:31
======Uninstall list======
-->"C:\Program Files (x86)\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files (x86)\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->2BB63178448D27E1
-->MsiExec /X{80407BA7-7763-4395-AB98-5233F1B34E65}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
Adobe Reader XI (11.0.06) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
AliSetup 0.1.0.52-->C:\Users\Tata\AppData\Local\Alibaba\AliSetup\0.1.0.52\uninst.exe
AVG 2014-->"C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2014-->MsiExec.exe /I{7C4C5901-A58F-4018-A93B-01C93EF8D3F3}
AVG 2014-->MsiExec.exe /I{CE470020-CCCF-4C09-9AB9-B710A4FBE2C8}
Battlefield 4™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 4\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CPUID CPU-Z 1.68-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
Creative Audio Control Panel-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative MediaSource 5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove
Creative Sound Blaster Properties x64 Edition-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x0009
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Dell Display Manager-->"C:\Program Files (x86)\Dell\Dell Display Manager\unins000.exe"
EPU-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}\setup.exe" -l0x9
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
FormatFactory 3.3.1.0-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Junk Mail filter update-->MsiExec.exe /I{24758B1D-9345-4538-A69A-05660F63A296}
Logitech Gaming Software 8.50-->C:\Program Files\Logitech Gaming Software\uninstallhlpr.exe /bitness=x64 /silentmode=off /langid=CSY /downgrade=no
Logitech Gaming Software-->MsiExec.exe /I{690285C2-2481-44FB-8402-162EA970A6DD}
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{50813B8C-FCBB-3C61-8039-EAAA93029066}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Mouse and Keyboard Center-->C:\Program Files\Microsoft Mouse and Keyboard Center\setup.exe /uninstall
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610-->"C:\ProgramData\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610-->"C:\ProgramData\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610-->MsiExec.exe /X{764384C5-BCA9-307C-9AAC-FD443662686A}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610-->MsiExec.exe /X{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610-->MsiExec.exe /X{3D6AD258-61EA-35F5-812C-B7A02152996E}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610-->MsiExec.exe /X{E7D4E834-93EB-351F-B8FB-82CDAE623003}
MPC-HC 1.7.1 (64-bit)-->"C:\Program Files\MPC-HC\unins000.exe"
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0409 -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
NVIDIA GeForce Experience 1.8.2-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D79079CB-9507-4E06-88AF-F639456DB7F2}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA OvladaÄŤ 3D Vision 334.89-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{46471CA9-D688-49D1-A7F3-6073B365573E}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA OvladaÄŤ HD audia 1.3.30.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{46471CA9-D688-49D1-A7F3-6073B365573E}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA OvladaÄŤ Ĺ™ĂdĂcĂ jednotky 3D Vision 334.89-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{46471CA9-D688-49D1-A7F3-6073B365573E}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA OvladaÄŤe grafiky 334.89-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{46471CA9-D688-49D1-A7F3-6073B365573E}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{80407BA7-7763-4395-AB98-5233F1B34E65}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.13.1220-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{3976898C-34BC-4CE6-87A0-3FC3FE967A23}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Virtual Audio 1.2.20-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D79079CB-9507-4E06-88AF-F639456DB7F2}\NVI2.DLL",UninstallPackage VirtualAudio.Driver
OpenAL-->"C:\Program Files (x86)\OpenAL\OALInst.exe" /U
OpenOffice 4.0.1-->MsiExec.exe /I{220C463A-2890-4C7F-B97C-C49FE175B849}
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
Photo Common-->MsiExec.exe /X{5C1D9C2A-B542-4A21-94A4-783C5A4681DF}
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Skype™ 6.3-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Surftastic-->C:\Program Files (x86)\Surftastic\Surftasticuninstall.exe
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Windows Live Communications Platform-->MsiExec.exe /I{A9FFEC6C-9C44-4597-8E23-EDD78BF5D0B2}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{5FDED311-B6BA-4FE7-83C1-7D2F10A5AAE0}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{CE52672C-A0E9-4450-8875-88A221D5CD50}
Windows Live Installer-->MsiExec.exe /I{4260CAAE-D108-4223-A1C5-96B67062FE86}
Windows Live Mail-->MsiExec.exe /I{2C01080F-AAD8-40A7-AF6B-725DCCC802DB}
Windows Live Mail-->MsiExec.exe /I{72D9236D-C6EA-4DA6-A18C-CC24521A70D4}
Windows Live Messenger-->MsiExec.exe /X{BA289EB6-331F-40EB-A31E-52F5B39EBA61}
Windows Live Messenger-->MsiExec.exe /X{E5E83E00-1144-4821-B6B6-7A16C41EFC39}
Windows Live MIME IFilter-->MsiExec.exe /I{C6E57DC0-5699-47D4-9263-CEE00A4BB1FC}
Windows Live Photo Common-->MsiExec.exe /X{983FA94A-A7DD-40B1-B7F9-F45D2B4FD1DE}
Windows Live PIMT Platform-->MsiExec.exe /I{59307833-CB98-4440-B644-0CD352F61907}
Windows Live SOXE Definitions-->MsiExec.exe /I{8F66BFDE-B213-48E2-93EF-7151277A2916}
Windows Live SOXE-->MsiExec.exe /I{C87DF7BB-4F5C-4BBE-B041-A59FFF4A1D07}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6093CCDD-5CC8-4C0D-A349-8807B58D19EE}
Windows Live UX Platform-->MsiExec.exe /I{94532CD5-C66D-49E3-9131-5FB04D7647A1}
Windows Live Writer Resources-->MsiExec.exe /X{6617D6C3-6904-478C-81D1-1EC8336F7F49}
Windows Live Writer-->MsiExec.exe /X{9797D7BA-A333-4DF1-AF55-AC745D216EDB}
WinRAR 5.00 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
======System event log======
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88230
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88229
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88228
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88227
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
Computer Name: Tata-PC
Event Code: 3
Message: Data error on device.
Device: \Device\RaidPort0
Model: KINGSTON SV300S37A120G
Firmware Version: 505A
Serial Number: 50026B732C01D744
Port: 2
Record Number: 88226
Source Name: nvstor64
Time Written: 20140120121410.921000-000
Event Type: Chyba
User:
=====Application event log=====
Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20131118083746.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20131118083746.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20131118083745.836400-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: 37L4247F27-25
Event Code: 4625
Message: SubsystĂ©m EventSystem zabraĹ�uje vytvářenĂ duplicitnĂch záznamĹŻ v protokolu událostĂ po dobu 86400 sekund. Tuto dobu lze zmÄ›nit pomocĂ hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujĂcĂm klĂÄŤi registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20131118083745.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1532
Message: SluĹľba Profil uĹľivatele byla zastavena.
Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: 37L4247F27-25
Event Code: 4672
Message: NovĂ©mu pĹ™ihlášenĂ byla pĹ™iĹ™azena zvláštnĂ oprávnÄ›nĂ.
Předmět:
ID zabezpeÄŤenĂ: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID pĹ™ihlášenĂ: 0x3e7
OprávnÄ›nĂ: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083743.324800-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpeÄŤenĂ: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID pĹ™ihlášenĂ: 0x3e7
Typ pĹ™ihlášenĂ: 5
NovĂ© pĹ™ihlášenĂ:
ID zabezpeÄŤenĂ: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID pĹ™ihlášenĂ: 0x3e7
GUID pĹ™ihlášenĂ: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1ac
Název procesu: C:\Windows\System32\services.exe
Informace o sĂti:
Název pracovnà stanice:
Adresa zdrojovĂ© sĂtÄ› -
ZdrojovĂ˝ port: -
PodrobnĂ© informace o ověřenĂ:
Proces pĹ™ihlášenĂ: Advapi
BalĂÄŤek ověřenĂ: Negotiate
Přenosové služby: -
Název balĂÄŤku (pouze NTLM): -
DĂ©lka klĂÄŤe: 0
Tato událost je generována po vytvoĹ™enĂ relace pĹ™ihlášenĂ. Je generována v poÄŤĂtaÄŤi, ke kterĂ©mu byl zĂskán pĹ™Ăstup.
Pole s pĹ™edmÄ›tem oznaÄŤujà účet v mĂstnĂm systĂ©mu, kterĂ˝ poĹľadoval pĹ™ihlášenĂ. Jedná se nejÄŤastÄ›ji o sluĹľbu, napĹ™Ăklad sluĹľbu serveru nebo mĂstnĂ proces, napĹ™Ăklad Winlogon.exe nebo Services.exe.
Pole Typ pĹ™ihlášenĂ oznaÄŤuje, k jakĂ©mu typu pĹ™ihlášenĂ došlo. NejběžnÄ›jšà typy jsou 2 (interaktivnĂ) a 3 (sĂĹĄ).
Pole Nové přihlášenà označujà účet, pro který bylo nové přihlášenà vytvořeno, tj. účet, který byl přihlášen.
Pole SĂĹĄ oznaÄŤujĂ pĹŻvod poĹľadavku na vzdálenĂ© pĹ™ihlášenĂ. Název pracovnĂ stanice nenĂ vĹľdy k dispozici a v nÄ›kterĂ˝ch pĹ™Ăpadech mĹŻĹľe bĂ˝t toto pole prázdnĂ©.
Pole s informacemi o ověřenĂ poskytujĂ podrobnĂ© informace o tomto konkrĂ©tnĂm poĹľadavku na pĹ™ihlášenĂ.
- GUID pĹ™ihlášenĂ je jednoznaÄŤnĂ˝ identifikátor, kterĂ˝ je moĹľnĂ© pouĹľĂt ke spojenĂ tĂ©to události s událostĂ KDC.
- PĹ™enosovĂ© sluĹľby oznaÄŤujĂ, kterĂ© pomocnĂ© sluĹľby se podĂlely na tomto poĹľadavku na pĹ™ihlášenĂ.
- Název balĂÄŤku oznaÄŤuje, kterĂ˝ dĂlÄŤĂ protokol z protokolĹŻ NTLM byl pouĹľit.
- DĂ©lka klĂÄŤe oznaÄŤuje dĂ©lku generovanĂ©ho klĂÄŤe relace. Tato hodnota bude 0, pokud nebyl poĹľadován žádnĂ˝ klĂÄŤ relace.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083743.324800-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
PoÄŤet prvkĹŻ: 0
ID zásady: 0x327d7
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083743.075200-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpeÄŤenĂ: S-1-0-0
Název účtu: -
Doména účtu: -
ID pĹ™ihlášenĂ: 0x0
Typ pĹ™ihlášenĂ: 0
NovĂ© pĹ™ihlášenĂ:
ID zabezpeÄŤenĂ: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID pĹ™ihlášenĂ: 0x3e7
GUID pĹ™ihlášenĂ: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o sĂti:
Název pracovnà stanice: -
Adresa zdrojovĂ© sĂtÄ› -
ZdrojovĂ˝ port: -
PodrobnĂ© informace o ověřenĂ:
Proces pĹ™ihlášenĂ: -
BalĂÄŤek ověřenĂ: -
Přenosové služby: -
Název balĂÄŤku (pouze NTLM): -
DĂ©lka klĂÄŤe: 0
Tato událost je generována po vytvoĹ™enĂ relace pĹ™ihlášenĂ. Je generována v poÄŤĂtaÄŤi, ke kterĂ©mu byl zĂskán pĹ™Ăstup.
Pole s pĹ™edmÄ›tem oznaÄŤujà účet v mĂstnĂm systĂ©mu, kterĂ˝ poĹľadoval pĹ™ihlášenĂ. Jedná se nejÄŤastÄ›ji o sluĹľbu, napĹ™Ăklad sluĹľbu serveru nebo mĂstnĂ proces, napĹ™Ăklad Winlogon.exe nebo Services.exe.
Pole Typ pĹ™ihlášenĂ oznaÄŤuje, k jakĂ©mu typu pĹ™ihlášenĂ došlo. NejběžnÄ›jšà typy jsou 2 (interaktivnĂ) a 3 (sĂĹĄ).
Pole Nové přihlášenà označujà účet, pro který bylo nové přihlášenà vytvořeno, tj. účet, který byl přihlášen.
Pole SĂĹĄ oznaÄŤujĂ pĹŻvod poĹľadavku na vzdálenĂ© pĹ™ihlášenĂ. Název pracovnĂ stanice nenĂ vĹľdy k dispozici a v nÄ›kterĂ˝ch pĹ™Ăpadech mĹŻĹľe bĂ˝t toto pole prázdnĂ©.
Pole s informacemi o ověřenĂ poskytujĂ podrobnĂ© informace o tomto konkrĂ©tnĂm poĹľadavku na pĹ™ihlášenĂ.
- GUID pĹ™ihlášenĂ je jednoznaÄŤnĂ˝ identifikátor, kterĂ˝ je moĹľnĂ© pouĹľĂt ke spojenĂ tĂ©to události s událostĂ KDC.
- PĹ™enosovĂ© sluĹľby oznaÄŤujĂ, kterĂ© pomocnĂ© sluĹľby se podĂlely na tomto poĹľadavku na pĹ™ihlášenĂ.
- Název balĂÄŤku oznaÄŤuje, kterĂ˝ dĂlÄŤĂ protokol z protokolĹŻ NTLM byl pouĹľit.
- DĂ©lka klĂÄŤe oznaÄŤuje dĂ©lku generovanĂ©ho klĂÄŤe relace. Tato hodnota bude 0, pokud nebyl poĹľadován žádnĂ˝ klĂÄŤ relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083742.997200-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouštà se systém Windows.
Tato událost je zaznamenána pĹ™i spuštÄ›nĂ procesu LSASS.EXE a inicializaci kontrolnĂho podsystĂ©mu.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20131118083742.997200-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=6
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_LEVEL"=16
"PROCESSOR_REVISION"=0a00
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"windows_tracing_flags"=3
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
-----------------EOF-----------------
