Nefunguje DNS + otravné vyskakující okno

[Faposlav]

Dobrý den, chtěl bych zažádat o kontrolu logu, znova mi zničeho nic vypadlo DNS, a začalo mi vyskakovat otravné okno s reklamou na bet365, chrome mi ji automaticky blokuje ale pokud projíždím steam tak tam vyskakuje.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Faposlav at 2014-05-30 13:33:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 407 GB (43%) free of 941 GB
Total RAM: 4095 MB (58% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Pirrit\AutoUpdater.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000730
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 4bd2c546-cb1f-4d68-bdf1-a904108f1fd9 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1618163679-286392606863581324-1965105381-20746542711854145375-1188574136-246822326
\??\C:\Windows\system32\conhost.exe "-998175043593050820-519499932260885511-1241608131435867585-42415814512212153
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fcaeedd0-f98b-4e32-8799-b06736c96170 -SystemEventPortName:HostProcess-462ba43e-06aa-4b73-ba8b-3b32557285ae -IoCancelEventPortName:HostProcess-10d3bdba-62bd-48d0-8d58-880e4049419b -NonStateChangingEventPortName:HostProcess-f92698a7-6eae-4de6-9d73-e0576676449b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fb5fa3eb-b0ff-4483-bc82-666c32cc638f -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Faposlav\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4104.1.1360581511\1365658690" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4104.2.1275646343\992601240" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4104.3.715531626\627332247" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="4104.4.1684185114\1824166224" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0e23 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --lang=en-US --log-severity=disable /prefetch:822062411
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Program Files (x86)\Steam\vr\runtime\bin\vrclient.dllC:\Program Files (x86)\Steam\vr\runtime\bin\vrserver.exe
\??\C:\Windows\system32\conhost.exe "1858843452-1855833243-1381204420-579623880-1989960816-250385340-754917277-917982422
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="4104.7.1240887701\307317944" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Faposlav\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-04-08 2333400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
IEExtension.Extension - C:\Windows\system32\mscoree.dll [2010-11-05 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PC-Doctor for Windows localizer"=C:\Program Files\PC-Doctor for Windows\localizer.exe []
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify"=C:\Users\Faposlav\AppData\Roaming\Spotify\Spotify.exe [2014-05-16 6170168]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Spotify Web Helper"=C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-05-16 1176632]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-05-22 737872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-05-05 182352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.xtor"=DxtoryCodec64.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 2 months======

2014-05-30 13:33:24 ----D---- C:\rsit
2014-05-30 12:40:34 ----RD---- C:\Program Files (x86)\Skype
2014-05-30 10:18:46 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-30 10:09:36 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-30 10:09:36 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-05-30 10:09:35 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-30 10:09:35 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-30 10:09:35 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-05-30 10:09:35 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\nvinitx.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-30 10:09:34 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-30 10:09:34 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-30 10:09:34 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-30 10:09:33 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-30 10:09:33 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-30 10:09:33 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-30 10:09:32 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-30 10:09:32 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-30 10:09:32 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-30 10:09:32 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-30 10:09:32 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-30 10:09:32 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-30 10:09:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-30 10:09:30 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-29 20:44:51 ----D---- C:\Users\Faposlav\AppData\Roaming\Fatshark
2014-05-25 10:07:11 ----D---- C:\Program Files (x86)\Razer
2014-05-25 10:07:08 ----D---- C:\ProgramData\Razer
2014-05-25 10:03:57 ----D---- C:\Program Files (x86)\Ubisoft
2014-05-22 12:09:33 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-05-22 12:00:53 ----A---- C:\Windows\system32\nvdispgenco6433750.dll
2014-05-22 12:00:53 ----A---- C:\Windows\system32\nvdispco6433750.dll
2014-05-22 11:45:38 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-05-22 11:45:38 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-05-21 16:17:40 ----SHD---- C:\ProgramData\DSS
2014-05-21 16:14:10 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2014-05-17 09:29:55 ----D---- C:\ProgramData\Bohemia Interactive
2014-05-14 22:54:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 22:54:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 22:54:44 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 22:54:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 13:55:38 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 13:55:38 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 13:55:36 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 13:55:35 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 13:55:07 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 13:55:06 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 13:55:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 13:55:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 13:55:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 13:55:03 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 13:55:03 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 13:55:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 13:55:02 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 13:55:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 13:55:00 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 13:54:59 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 13:54:59 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 13:54:58 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 13:54:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 13:54:58 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 13:54:58 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 13:54:58 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 13:54:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 13:54:57 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 13:54:57 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 13:54:57 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 13:54:56 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 13:54:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 13:54:56 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 13:54:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 13:54:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-13 20:06:43 ----D---- C:\Adobe Photoshop CS6
2014-05-11 14:33:03 ----D---- C:\Users\Faposlav\AppData\Roaming\.technic
2014-05-06 19:43:05 ----SD---- C:\Windows\system32\CompatTel
2014-05-02 09:13:52 ----D---- C:\Users\Faposlav\AppData\Roaming\NCSOFT
2014-04-30 07:00:01 ----A---- C:\Users\Faposlav\AppData\Roaming\Network Meter_Usage.ini
2014-04-29 20:16:02 ----A---- C:\Windows\SYSWOW64\DxtoryCodec.dll
2014-04-29 20:16:02 ----A---- C:\Windows\system32\DxtoryCodec64.dll
2014-04-29 20:16:01 ----D---- C:\Program Files (x86)\Dxtory Software
2014-04-27 12:51:28 ----A---- C:\Users\Faposlav\AppData\Roaming\Network Meter_Settings.ini
2014-04-18 14:32:14 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2014-04-17 23:08:10 ----D---- C:\Users\Faposlav\AppData\Roaming\WizardWars
2014-04-17 23:07:59 ----A---- C:\Windows\SYSWOW64\EasyAntiCheat.exe
2014-04-16 03:10:23 ----D---- C:\Program Files\Microsoft.NET
2014-04-14 16:33:08 ----AC---- C:\RAMDisk.img.bak
2014-04-14 16:24:57 ----D---- C:\Program Files (x86)\RAMDisk
2014-04-12 03:05:35 ----A---- C:\Windows\system32\ieui.dll
2014-04-12 03:05:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-12 03:05:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-12 03:05:32 ----A---- C:\Windows\system32\vbscript.dll
2014-04-12 03:05:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 03:05:27 ----A---- C:\Windows\system32\iernonce.dll
2014-04-12 03:05:27 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 03:05:27 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-12 03:05:26 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-12 03:05:26 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-12 03:05:26 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-12 03:05:26 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-12 03:05:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-12 03:05:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-12 03:05:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-12 03:05:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-12 03:05:25 ----A---- C:\Windows\system32\msrating.dll
2014-04-12 03:05:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-12 03:05:25 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-12 03:05:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-12 03:05:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-12 03:05:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-12 03:05:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-12 03:05:24 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-12 03:05:24 ----A---- C:\Windows\system32\iesetup.dll
2014-04-12 03:05:22 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-12 03:05:22 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-12 03:05:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-12 03:05:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-12 03:05:22 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-12 03:05:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 03:05:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-12 03:05:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-12 03:05:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-12 03:05:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-12 03:05:20 ----A---- C:\Windows\system32\wininet.dll
2014-04-12 03:05:20 ----A---- C:\Windows\system32\urlmon.dll
2014-04-12 03:05:20 ----A---- C:\Windows\system32\iertutil.dll
2014-04-12 03:05:12 ----A---- C:\Windows\system32\ieframe.dll
2014-04-12 03:05:11 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-12 03:05:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-12 03:05:10 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 17:20:10 ----D---- C:\Program Files (x86)\Audacity
2014-04-09 17:11:27 ----A---- C:\Windows\SYSWOW64\yv12vfw.dll
2014-04-09 17:11:27 ----A---- C:\Windows\SYSWOW64\MPG4c32.dll
2014-04-09 17:11:26 ----D---- C:\Program Files (x86)\Supertintin for Skype
2014-04-09 15:16:54 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 15:16:54 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 15:16:54 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 15:16:54 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 15:16:54 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 15:13:03 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 15:13:02 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 15:13:02 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 15:13:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 15:13:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 15:13:02 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 15:13:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 15:13:02 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 15:13:02 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 15:13:02 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 15:13:02 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 15:13:01 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-01 16:57:57 ----D---- C:\ProgramData\GFACE
2014-04-01 16:57:37 ----D---- C:\Program Files (x86)\Crytek
2014-03-31 22:07:55 ----D---- C:\ProgramData\Splashtop
2014-03-31 22:07:34 ----D---- C:\Program Files (x86)\Splashtop
2014-03-31 18:36:53 ----D---- C:\Users\Faposlav\AppData\Roaming\Battle.net
2014-03-31 18:36:40 ----D---- C:\ProgramData\Blizzard Entertainment
2014-03-31 18:36:40 ----D---- C:\Program Files (x86)\Battle.net
2014-03-31 18:34:28 ----D---- C:\ProgramData\Battle.net

======List of files/folders modified in the last 2 months======

2014-05-30 13:33:07 ----D---- C:\Windows\temp
2014-05-30 13:32:52 ----D---- C:\Users\Faposlav\AppData\Roaming\Skype
2014-05-30 13:31:44 ----D---- C:\Windows\system32\config
2014-05-30 13:21:11 ----D---- C:\Users\Faposlav\AppData\Roaming\Spotify
2014-05-30 13:20:17 ----D---- C:\Program Files (x86)\Steam
2014-05-30 13:15:56 ----D---- C:\Windows\system32\Tasks
2014-05-30 13:14:20 ----D---- C:\Windows
2014-05-30 13:11:31 ----D---- C:\ProgramData\NVIDIA
2014-05-30 13:11:16 ----D---- C:\Windows\SysWOW64
2014-05-30 13:11:16 ----D---- C:\Windows\System32
2014-05-30 13:11:16 ----D---- C:\Program Files (x86)
2014-05-30 12:40:46 ----SHD---- C:\Windows\Installer
2014-05-30 12:40:34 ----D---- C:\Program Files (x86)\Common Files
2014-05-30 12:40:32 ----D---- C:\ProgramData\Skype
2014-05-30 10:35:10 ----D---- C:\Windows\winsxs
2014-05-30 10:22:43 ----D---- C:\Users\Faposlav\AppData\Roaming\SpotifyController
2014-05-30 10:21:58 ----D---- C:\Users\Faposlav\AppData\Roaming\Seznam.cz
2014-05-30 10:21:35 ----D---- C:\ProgramData
2014-05-30 10:20:01 ----D---- C:\Windows\system32\catroot
2014-05-30 10:20:00 ----D---- C:\Windows\system32\DriverStore
2014-05-30 10:20:00 ----D---- C:\Windows\inf
2014-05-30 10:18:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-30 10:12:18 ----D---- C:\Windows\Prefetch
2014-05-30 10:11:35 ----D---- C:\Windows\system32\drivers
2014-05-30 10:11:26 ----D---- C:\Windows\system32\catroot2
2014-05-29 20:43:41 ----RSD---- C:\Windows\assembly
2014-05-29 17:50:58 ----D---- C:\ProgramData\Origin
2014-05-29 15:42:41 ----D---- C:\Program Files (x86)\Origin
2014-05-28 22:54:51 ----D---- C:\Users\Faposlav\AppData\Roaming\uTorrent
2014-05-28 19:49:13 ----D---- C:\Users\Faposlav\AppData\Roaming\TS3Client
2014-05-28 00:47:11 ----D---- C:\NVIDIA
2014-05-27 19:01:51 ----D---- C:\Users\Faposlav\AppData\Roaming\vlc
2014-05-25 14:58:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-22 11:47:08 ----D---- C:\Windows\Microsoft.NET
2014-05-21 16:17:03 ----D---- C:\ProgramData\Electronic Arts
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-20 03:25:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvshext.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvmctray.dll
2014-05-18 03:02:20 ----D---- C:\ProgramData\Microsoft Help
2014-05-16 15:41:45 ----D---- C:\Windows\rescache
2014-05-15 16:40:06 ----D---- C:\Windows\system32\en-US
2014-05-14 22:39:53 ----A---- C:\Windows\win.ini
2014-05-13 21:53:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-13 21:47:53 ----D---- C:\HRY
2014-05-13 21:28:07 ----RSD---- C:\Windows\Fonts
2014-05-13 16:50:01 ----D---- C:\ProgramData\Package Cache
2014-05-13 16:49:53 ----D---- C:\Program Files (x86)\Avira
2014-05-09 16:12:43 ----D---- C:\Program Files (x86)\Origin Games
2014-05-06 17:33:49 ----D---- C:\Program Files (x86)\Overwolf
2014-05-02 10:27:52 ----SHD---- C:\System Volume Information
2014-04-30 20:29:25 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-04-30 20:29:03 ----A---- C:\Windows\system32\nvspcap64.dll
2014-04-25 15:15:03 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-04-24 23:22:11 ----D---- C:\ProgramData\NVIDIA Corporation
2014-04-21 17:14:55 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-04-18 00:46:19 ----SD---- C:\Users\Faposlav\AppData\Roaming\Microsoft
2014-04-17 20:14:50 ----D---- C:\ProgramData\Tunngle
2014-04-17 20:14:49 ----D---- C:\Users\Faposlav\AppData\Roaming\Tunngle
2014-04-16 03:10:23 ----RD---- C:\Program Files
2014-04-16 03:10:23 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-16 03:10:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-12 03:24:45 ----D---- C:\Program Files\Internet Explorer
2014-04-12 03:24:44 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-12 03:24:43 ----D---- C:\Windows\PolicyDefinitions
2014-04-12 03:24:40 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-10 19:22:58 ----D---- C:\ProgramData\LogMeIn
2014-04-10 03:30:36 ----D---- C:\Windows\AppPatch
2014-04-05 14:09:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-05 11:01:22 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2014-03-31 18:42:42 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-03-31 13:47:48 ----D---- C:\Windows\Tasks
2014-03-31 09:35:08 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-05-22 130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-07 283064]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-05-22 112080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-15 2004128]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-07-30 339744]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 19744]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2013-11-27 42016]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-12-06 35232]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-03-25 115272]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RegFltrX64;RegFltrX64; \??\C:\Users\Faposlav\AppData\Local\07329b08247539ceea6b0ff7d305a9d7\RegFltrX64.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2011-12-07 74960]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-05-22 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-05-22 430160]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-05-05 124496]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-02-28 9216]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1618888]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21009352]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PirritUpdater;PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [2014-02-14 59904]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-04-21 76888]
R2 SplashtopRemoteService;Splashtop® Remote Service; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2014-03-24 790880]
R2 SSUService;Splashtop Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-10-09 609056]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S2 47f8c8da2174662.exe;47f8c8da2174662.exe; C:\Users\Faposlav\AppData\Local\07329b08247539ceea6b0ff7d305a9d7\47f8c8da2174662.exe []
S2 6419090fe1a3ba7.exe;6419090fe1a3ba7.exe; C:\Users\Faposlav\AppData\Local\1a0a11a1093806e8883ee1f07dbb2422\6419090fe1a3ba7.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-01-19 49152]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-04-17 93048]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-12-30 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-27 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-05-22 1039952]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
/

[Faposlav]

Zároveň přidávám log z adwcleaneru


# AdwCleaner v3.018 - Report created 30/05/2014 at 13:44:15
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Faposlav - FAPOS
# Running from : C:\Users\Faposlav\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : SSUService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Splashtop
Folder Deleted : C:\Program Files (x86)\Splashtop
Folder Deleted : C:\Users\Faposlav\AppData\Local\Splashtop

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Splashtop Inc.
Key Deleted : HKLM\Software\Splashtop Inc.
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v

[ File : C:\Users\Faposlav\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Faposlav\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1132 octets] - [16/02/2014 17:05:51]
AdwCleaner[R1].txt - [1007 octets] - [16/02/2014 19:16:10]
AdwCleaner[R2].txt - [1604 octets] - [30/05/2014 13:43:26]
AdwCleaner[S0].txt - [1202 octets] - [16/02/2014 17:07:03]
AdwCleaner[S1].txt - [1068 octets] - [16/02/2014 19:17:05]
AdwCleaner[S2].txt - [1458 octets] - [30/05/2014 13:44:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1518 octets] ##########

[motji]

Zdravím

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[Faposlav]

Fajn, DNS zase funguje


ComboFix 14-05-29.01 - Faposlav 30.05.2014 15:23:27.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2372 [GMT 2:00]
Spuštěný z: c:\users\Faposlav\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Faposlav\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Faposlav\Desktop\Setup.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-28 do 2014-05-30 )))))))))))))))))))))))))))))))
.
.
2014-05-30 13:37 . 2014-05-30 13:37 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-05-30 13:37 . 2014-05-30 13:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-30 13:13 . 2014-05-30 13:13 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6402062D-CDEC-430E-9BC2-9BEF10ACAFF0}\offreg.dll
2014-05-30 11:33 . 2014-05-30 11:33 -------- d-----w- C:\rsit
2014-05-30 10:40 . 2014-05-30 10:40 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-30 10:40 . 2014-05-30 10:40 -------- d-----r- c:\program files (x86)\Skype
2014-05-30 08:18 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-30 07:26 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6402062D-CDEC-430E-9BC2-9BEF10ACAFF0}\mpengine.dll
2014-05-29 18:44 . 2014-05-29 18:44 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Fatshark
2014-05-25 08:08 . 2014-05-30 08:22 -------- d-----w- c:\users\Faposlav\AppData\Local\Razer
2014-05-25 08:07 . 2014-05-30 08:22 -------- d-----w- c:\program files (x86)\Razer
2014-05-25 08:07 . 2014-05-30 08:22 -------- d-----w- c:\programdata\Razer
2014-05-25 08:04 . 2014-05-25 08:13 -------- d-----w- c:\users\Faposlav\AppData\Local\Ubisoft Game Launcher
2014-05-25 08:03 . 2014-05-25 08:03 -------- d-----w- c:\program files (x86)\Ubisoft
2014-05-22 10:09 . 2014-05-22 10:09 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-05-22 10:00 . 2014-03-27 12:45 1890080 ----a-w- c:\windows\system32\nvdispco6433750.dll
2014-05-22 10:00 . 2014-03-27 12:45 1539416 ----a-w- c:\windows\system32\nvdispgenco6433750.dll
2014-05-22 09:45 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-05-22 09:45 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-05-21 14:17 . 2014-05-21 14:17 -------- d-sh--w- c:\programdata\DSS
2014-05-21 14:14 . 2014-05-21 14:14 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2014-05-17 07:29 . 2014-05-17 13:43 -------- d-----w- c:\users\Faposlav\AppData\Local\Arma 3
2014-05-17 07:29 . 2014-05-17 07:29 -------- d-----w- c:\programdata\Bohemia Interactive
2014-05-14 20:54 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-14 20:54 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-14 20:54 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-14 20:54 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-14 11:54 . 2014-03-04 09:44 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-13 18:06 . 2014-05-13 18:30 -------- d-----w- C:\Adobe Photoshop CS6
2014-05-12 13:55 . 2014-05-12 13:55 -------- d-sh--w- c:\users\Faposlav\AppData\Local\EmieUserList
2014-05-12 13:55 . 2014-05-12 13:55 -------- d-sh--w- c:\users\Faposlav\AppData\Local\EmieSiteList
2014-05-11 12:33 . 2014-05-11 12:33 -------- d-----w- c:\users\Faposlav\AppData\Roaming\.technic
2014-05-06 17:43 . 2014-05-15 14:40 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-02 07:13 . 2014-05-02 07:13 -------- d-----w- c:\users\Faposlav\AppData\Roaming\NCSOFT
2014-05-02 07:13 . 2014-05-02 07:13 -------- d-----w- c:\users\Faposlav\AppData\Local\NCSOFT
2014-05-01 14:32 . 2014-05-30 08:49 -------- d-----w- c:\users\Faposlav\AppData\Local\DayZ
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-30 13:00 . 2014-04-27 11:00 15160 ----a-w- c:\users\Faposlav\Network_Meter_Data.js
2014-05-30 11:48 . 2014-04-27 10:50 1144 ----a-w- c:\users\Faposlav\IP_Log_Data.js
2014-05-22 09:24 . 2013-12-25 12:20 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-22 09:24 . 2013-12-25 12:20 112080 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-05-20 02:44 . 2014-02-07 14:07 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2014-02-05 15:33 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2014-02-05 15:33 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2014-02-05 15:33 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-12-25 12:31 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2013-12-25 12:31 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-05-20 02:44 . 2013-12-25 12:28 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 01:25 . 2009-09-29 09:37 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2009-09-29 09:37 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2009-09-29 09:38 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2009-09-29 09:37 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2009-09-29 09:37 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-14 23:49 . 2013-12-25 12:31 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-13 19:53 . 2014-01-03 10:40 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-13 19:53 . 2013-12-26 18:34 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-30 18:29 . 2013-12-25 12:10 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2013-12-25 12:10 1225920 ----a-w- c:\windows\system32\nvspcap64.dll
2014-04-25 13:15 . 2013-12-26 10:48 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-04-25 13:15 . 2013-12-26 10:37 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-04-25 13:10 . 2013-12-26 10:37 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-04-21 15:14 . 2013-12-26 10:37 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-04-17 19:27 . 2014-04-17 21:07 93048 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2014-03-31 16:42 . 2013-12-25 11:47 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-03-31 07:35 . 2013-12-25 11:55 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-07 20:26 . 2014-03-07 20:23 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-03-06 09:31 . 2014-04-12 01:05 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-12 01:05 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-12 01:05 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-12 01:05 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-12 01:05 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-12 01:05 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-12 01:05 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-12 01:05 574976 ----a-w- c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-12 01:05 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-12 01:05 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-12 01:05 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-12 01:05 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-12 01:05 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-12 01:05 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-12 01:05 586240 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-12 01:05 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-12 01:05 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-12 01:05 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-12 01:05 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-12 01:05 195584 ----a-w- c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-12 01:05 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-12 01:05 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-12 01:05 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-12 01:05 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-12 01:05 628736 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-12 01:05 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-12 01:05 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-12 01:05 13551104 ----a-w- c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-12 01:05 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-12 01:05 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-12 01:05 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-12 01:05 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-12 01:05 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-09 13:13 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 13:13 243712 ----a-w- c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 13:13 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-05-14 11:54 340992 ----a-w- c:\windows\system32\schannel.dll
2014-03-04 09:44 . 2014-04-09 13:13 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 13:13 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-05-14 11:54 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-03-04 09:17 . 2014-04-09 13:13 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 13:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 13:13 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 13:13 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 13:13 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 13:13 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-04-08 12:22 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-04-08 12:22 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-04-08 12:22 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\Faposlav\AppData\Roaming\Spotify\Spotify.exe" [2014-05-16 6170168]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
"Spotify Web Helper"="c:\users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-05-16 1176632]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-22 737872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-05-05 182352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 47f8c8da2174662.exe;47f8c8da2174662.exe;c:\users\Faposlav\AppData\Local\07329b08247539ceea6b0ff7d305a9d7\47f8c8da2174662.exe;c:\users\Faposlav\AppData\Local\07329b08247539ceea6b0ff7d305a9d7\47f8c8da2174662.exe [x]
R2 6419090fe1a3ba7.exe;6419090fe1a3ba7.exe;c:\users\Faposlav\AppData\Local\1a0a11a1093806e8883ee1f07dbb2422\6419090fe1a3ba7.exe;c:\users\Faposlav\AppData\Local\1a0a11a1093806e8883ee1f07dbb2422\6419090fe1a3ba7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 PirritUpdater;PirritUpdater;c:\program files (x86)\Pirrit\AutoUpdater.exe;c:\program files (x86)\Pirrit\AutoUpdater.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]
R3 RegFltrX64;RegFltrX64;c:\users\Faposlav\AppData\Local\07329b08247539ceea6b0ff7d305a9d7\RegFltrX64.sys;c:\users\Faposlav\AppData\Local\07329b08247539ceea6b0ff7d305a9d7\RegFltrX64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-22 10:03 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-03 19:53]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 11:44]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 11:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-04-08 12:18 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-04-08 12:18 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-04-08 12:18 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [BU]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:19369
uInternet Settings,ProxyOverride = <local>;*origin.com;*ea.com;*akamaihd.net
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.200.4 192.168.200.5
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Celkový čas: 2014-05-30 16:00:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-30 14:00
ComboFix2.txt 2014-02-17 17:12
ComboFix3.txt 2014-02-16 19:18
.
Před spuštěním: 427 181 690 880 bytes free
Po spuštění: 427 801 628 672 bytes free
.
- - End Of File - - C8F48E463DB065E1C7E0DA9B5F36A3D5
BF946F05580CB54061CFF68818A67CFF

[motji]

Otestujte na www.virustotal.com
c:\windows\SysWow64\nvStreaming.exe

[Faposlav]

https://www.virustotal.com/cs/file/3b63 ... 401470688/

[motji]

Tyto složky znáte?

c:\users\Faposlav\AppData\Local\NCSOFT
c:\users\Faposlav\AppData\Local\DayZ

[Faposlav]

Ano
EDIT: NCSOFT jsem smazal

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Killall::
Folder::
c:\users\Faposlav\AppData\Local\07329b08247539ceea6b0ff7d305a9d7
c:\users\Faposlav\AppData\Local\1a0a11a1093806e8883ee1f07dbb2422
Driver::
47f8c8da2174662.exe
6419090fe1a3ba7.exe

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[Faposlav]

ComboFix 14-05-29.01 - Faposlav 30.05.2014 19:51:55.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2293 [GMT 2:00]
Spuštěný z: c:\users\Faposlav\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Faposlav\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_47f8c8da2174662.exe
-------\Service_6419090fe1a3ba7.exe
-------\Legacy_RegFltrX64
-------\Service_RegFltrX64
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-28 do 2014-05-30 )))))))))))))))))))))))))))))))
.
.
2014-05-30 18:04 . 2014-05-30 18:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-05-30 18:04 . 2014-05-30 18:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-30 13:13 . 2014-05-30 16:38 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6402062D-CDEC-430E-9BC2-9BEF10ACAFF0}\offreg.dll
2014-05-30 11:33 . 2014-05-30 11:33 -------- d-----w- C:\rsit
2014-05-30 10:40 . 2014-05-30 10:40 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-30 10:40 . 2014-05-30 10:40 -------- d-----r- c:\program files (x86)\Skype
2014-05-30 08:18 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-30 07:26 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6402062D-CDEC-430E-9BC2-9BEF10ACAFF0}\mpengine.dll
2014-05-29 18:44 . 2014-05-29 18:44 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Fatshark
2014-05-25 08:08 . 2014-05-30 08:22 -------- d-----w- c:\users\Faposlav\AppData\Local\Razer
2014-05-25 08:07 . 2014-05-30 08:22 -------- d-----w- c:\program files (x86)\Razer
2014-05-25 08:07 . 2014-05-30 08:22 -------- d-----w- c:\programdata\Razer
2014-05-25 08:04 . 2014-05-25 08:13 -------- d-----w- c:\users\Faposlav\AppData\Local\Ubisoft Game Launcher
2014-05-25 08:03 . 2014-05-25 08:03 -------- d-----w- c:\program files (x86)\Ubisoft
2014-05-22 10:09 . 2014-05-22 10:09 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-05-22 10:00 . 2014-03-27 12:45 1890080 ----a-w- c:\windows\system32\nvdispco6433750.dll
2014-05-22 10:00 . 2014-03-27 12:45 1539416 ----a-w- c:\windows\system32\nvdispgenco6433750.dll
2014-05-22 09:45 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-05-22 09:45 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-05-21 14:17 . 2014-05-21 14:17 -------- d-sh--w- c:\programdata\DSS
2014-05-21 14:14 . 2014-05-21 14:14 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2014-05-17 07:29 . 2014-05-17 13:43 -------- d-----w- c:\users\Faposlav\AppData\Local\Arma 3
2014-05-17 07:29 . 2014-05-17 07:29 -------- d-----w- c:\programdata\Bohemia Interactive
2014-05-14 20:54 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-14 20:54 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-14 20:54 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-14 20:54 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-14 11:54 . 2014-03-04 09:44 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-13 18:06 . 2014-05-13 18:30 -------- d-----w- C:\Adobe Photoshop CS6
2014-05-12 13:55 . 2014-05-12 13:55 -------- d-sh--w- c:\users\Faposlav\AppData\Local\EmieUserList
2014-05-12 13:55 . 2014-05-12 13:55 -------- d-sh--w- c:\users\Faposlav\AppData\Local\EmieSiteList
2014-05-11 12:33 . 2014-05-11 12:33 -------- d-----w- c:\users\Faposlav\AppData\Roaming\.technic
2014-05-06 17:43 . 2014-05-15 14:40 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-02 07:13 . 2014-05-02 07:13 -------- d-----w- c:\users\Faposlav\AppData\Roaming\NCSOFT
2014-05-01 14:32 . 2014-05-30 16:08 -------- d-----w- c:\users\Faposlav\AppData\Local\DayZ
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-30 15:32 . 2013-12-26 10:48 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-05-30 15:32 . 2013-12-26 10:37 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-05-30 15:32 . 2013-12-26 10:37 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-05-30 13:00 . 2014-04-27 11:00 15160 ----a-w- c:\users\Faposlav\Network_Meter_Data.js
2014-05-30 11:48 . 2014-04-27 10:50 1144 ----a-w- c:\users\Faposlav\IP_Log_Data.js
2014-05-22 09:24 . 2013-12-25 12:20 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-22 09:24 . 2013-12-25 12:20 112080 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-05-20 02:44 . 2014-02-07 14:07 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2014-02-05 15:33 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2014-02-05 15:33 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2014-02-05 15:33 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-12-25 12:31 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2013-12-25 12:31 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-05-20 02:44 . 2013-12-25 12:28 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 01:25 . 2009-09-29 09:37 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2009-09-29 09:37 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2009-09-29 09:38 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2009-09-29 09:37 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2009-09-29 09:37 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-14 23:49 . 2013-12-25 12:31 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-13 19:53 . 2014-01-03 10:40 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-13 19:53 . 2013-12-26 18:34 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-30 18:29 . 2013-12-25 12:10 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2013-12-25 12:10 1225920 ----a-w- c:\windows\system32\nvspcap64.dll
2014-04-21 15:14 . 2013-12-26 10:37 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-04-17 19:27 . 2014-04-17 21:07 93048 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2014-03-31 16:42 . 2013-12-25 11:47 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-03-31 07:35 . 2013-12-25 11:55 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-07 20:26 . 2014-03-07 20:23 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-03-06 09:31 . 2014-04-12 01:05 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-12 01:05 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-12 01:05 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-12 01:05 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-12 01:05 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-12 01:05 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-12 01:05 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-12 01:05 574976 ----a-w- c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-12 01:05 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-12 01:05 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-12 01:05 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-12 01:05 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-12 01:05 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-12 01:05 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-12 01:05 586240 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-12 01:05 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-12 01:05 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-12 01:05 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-12 01:05 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-12 01:05 195584 ----a-w- c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-12 01:05 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-12 01:05 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-12 01:05 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-12 01:05 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-12 01:05 628736 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-12 01:05 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-12 01:05 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-12 01:05 13551104 ----a-w- c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-12 01:05 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-12 01:05 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-12 01:05 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-12 01:05 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-12 01:05 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-09 13:13 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 13:13 243712 ----a-w- c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 13:13 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-05-14 11:54 340992 ----a-w- c:\windows\system32\schannel.dll
2014-03-04 09:44 . 2014-04-09 13:13 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 13:13 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-05-14 11:54 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-03-04 09:17 . 2014-04-09 13:13 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 13:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 13:13 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 13:13 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 13:13 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 13:13 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-04-08 12:22 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-04-08 12:22 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-04-08 12:22 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\Faposlav\AppData\Roaming\Spotify\Spotify.exe" [2014-05-16 6170168]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
"Spotify Web Helper"="c:\users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-05-16 1176632]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-22 737872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-05-05 182352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PirritUpdater;PirritUpdater;c:\program files (x86)\Pirrit\AutoUpdater.exe;c:\program files (x86)\Pirrit\AutoUpdater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-22 10:03 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-03 19:53]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 11:44]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 11:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-04-08 12:18 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-04-08 12:18 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-04-08 12:18 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [BU]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:19369
uInternet Settings,ProxyOverride = <local>;*origin.com;*ea.com;*akamaihd.net
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.200.4 192.168.200.5
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Celkový čas: 2014-05-30 20:27:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-30 18:27
ComboFix2.txt 2014-05-30 14:00
ComboFix3.txt 2014-02-17 17:12
ComboFix4.txt 2014-02-16 19:18
.
Před spuštěním: 427 823 550 464 bytes free
Po spuštění: 427 564 421 120 bytes free
.
- - End Of File - - 6463B6F77BAA90BC723295D7895A1294
BF946F05580CB54061CFF68818A67CFF

[motji]

Jak to teď s pc vypadá?

[Faposlav]

Konečně funguje DNS, reklamy snad zmizely, a je o něco svižnější.
Díky za pomoc

[motji]

Ještě uklidíme

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[Faposlav]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Faposlav at 2014-05-30 23:52:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 410 GB (44%) free of 941 GB
Total RAM: 4095 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:53:16, on 30.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Faposlav\AppData\Roaming\Spotify\spotify.exe
C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files\trend micro\Faposlav.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:19369
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL
O2 - BHO: (no name) - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [Spotify] "C:\Users\Faposlav\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PirritUpdater - Unknown owner - C:\Program Files (x86)\Pirrit\AutoUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11973 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {084BE0C4-8DA1-458B-9789-90C8CF1E2B86}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\Faposlav\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Pirrit\AutoUpdater.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000680
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 4bd2c546-cb1f-4d68-bdf1-a904108f1fd9 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-27875d01-1fd9-4f3f-a336-5a154199e66c -SystemEventPortName:HostProcess-fa9abf74-7f9f-43a3-b67e-108694d03d2b -IoCancelEventPortName:HostProcess-0b3d3f72-08b0-4ba0-b9e2-a48295fc5cb7 -NonStateChangingEventPortName:HostProcess-ac284b6a-5188-4ada-8b14-74aada23a1db -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:134da514-bae4-47cd-bafc-c25fb8762aef -DeviceGroupId:WpdFsGroup
\??\C:\Windows\system32\conhost.exe "52631970-1314222420225805852-203259099943542448642103824-2110897492-862161426
\??\C:\Windows\system32\conhost.exe "195355048-1078966120-52554654-108202420-1669116641-1820278269-675386714-1784655844
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2204.0.1035788326\497825437" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2204.1.2146093765\859758949" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2204.2.13078051\1962981584" /prefetch:673131151
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="2204.3.848078125\288286334" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="2204.4.889192554\1000132086" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0e23 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --lang=en-US --log-severity=disable /prefetch:822062411
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Faposlav\Desktop\RSITx64.exe"
taskeng.exe {6DE167A2-1FA2-431A-97D1-23E5E1518A92}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-04-25 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-04-08 2333400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-04-25 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL [2014-04-08 1728216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify"=C:\Users\Faposlav\AppData\Roaming\Spotify\Spotify.exe [2014-05-16 6170168]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Spotify Web Helper"=C:\Users\Faposlav\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-05-16 1176632]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-05-20 6160152]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-05-22 737872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-05-05 182352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-05-30 23:52:25 ----D---- C:\rsit
2014-05-30 23:41:17 ----D---- C:\Program Files (x86)\MPC-HC
2014-05-30 23:30:53 ----SHD---- C:\$RECYCLE.BIN
2014-05-30 23:25:56 ----D---- C:\Program Files\CCleaner
2014-05-30 21:02:13 ----A---- C:\Windows\wawx_dumpreg64.dll
2014-05-30 21:02:13 ----A---- C:\Users\Faposlav\AppData\Roaming\twow_sysprepdt.dat
2014-05-30 20:59:07 ----D---- C:\Program Files (x86)\Eurobattle.net
2014-05-30 20:28:17 ----D---- C:\Windows\temp
2014-05-30 12:40:34 ----RD---- C:\Program Files (x86)\Skype
2014-05-30 10:18:46 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-30 10:09:36 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-30 10:09:36 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-05-30 10:09:35 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-30 10:09:35 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-30 10:09:35 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-05-30 10:09:35 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\nvinitx.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-30 10:09:35 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-30 10:09:34 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-30 10:09:34 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-30 10:09:34 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-30 10:09:33 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-30 10:09:33 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-30 10:09:33 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-30 10:09:32 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-30 10:09:32 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-30 10:09:32 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-30 10:09:32 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-30 10:09:32 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-30 10:09:32 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-30 10:09:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-30 10:09:30 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-29 20:44:51 ----D---- C:\Users\Faposlav\AppData\Roaming\Fatshark
2014-05-25 10:07:11 ----D---- C:\Program Files (x86)\Razer
2014-05-25 10:07:08 ----D---- C:\ProgramData\Razer
2014-05-25 10:03:57 ----D---- C:\Program Files (x86)\Ubisoft
2014-05-22 12:09:33 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-05-22 12:00:53 ----A---- C:\Windows\system32\nvdispgenco6433750.dll
2014-05-22 12:00:53 ----A---- C:\Windows\system32\nvdispco6433750.dll
2014-05-22 11:45:38 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-05-22 11:45:38 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-05-21 16:17:40 ----SHD---- C:\ProgramData\DSS
2014-05-21 16:14:10 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2014-05-17 09:29:55 ----D---- C:\ProgramData\Bohemia Interactive
2014-05-14 22:54:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 22:54:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 22:54:44 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 22:54:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 13:55:38 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 13:55:38 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 13:55:36 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 13:55:35 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 13:55:07 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 13:55:06 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 13:55:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 13:55:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 13:55:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 13:55:03 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 13:55:03 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 13:55:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 13:55:02 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 13:55:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 13:55:00 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 13:54:59 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 13:54:59 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 13:54:58 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 13:54:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 13:54:58 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 13:54:58 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 13:54:58 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 13:54:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 13:54:57 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 13:54:57 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 13:54:57 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 13:54:57 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 13:54:56 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 13:54:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 13:54:56 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 13:54:56 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 13:54:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 13:54:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-13 20:06:43 ----D---- C:\Adobe Photoshop CS6
2014-05-11 14:33:03 ----D---- C:\Users\Faposlav\AppData\Roaming\.technic
2014-05-06 19:43:05 ----SD---- C:\Windows\system32\CompatTel
2014-05-02 09:13:52 ----D---- C:\Users\Faposlav\AppData\Roaming\NCSOFT

======List of files/folders modified in the last 1 month======

2014-05-30 23:53:16 ----D---- C:\Program Files\trend micro
2014-05-30 23:50:44 ----D---- C:\Users\Faposlav\AppData\Roaming\Spotify
2014-05-30 23:45:11 ----D---- C:\Users\Faposlav\AppData\Roaming\Skype
2014-05-30 23:43:08 ----D---- C:\Windows
2014-05-30 23:43:07 ----D---- C:\ProgramData\NVIDIA
2014-05-30 23:41:17 ----D---- C:\Program Files (x86)
2014-05-30 23:37:53 ----D---- C:\Program Files (x86)\VideoLAN
2014-05-30 23:36:25 ----D---- C:\Windows\SysWOW64
2014-05-30 23:36:05 ----D---- C:\Windows\System32
2014-05-30 23:31:02 ----D---- C:\Users\Faposlav\AppData\Roaming\DAEMON Tools Lite
2014-05-30 23:31:02 ----D---- C:\Program Files (x86)\Steam
2014-05-30 23:31:01 ----D---- C:\Users\Faposlav\AppData\Roaming\TS3Client
2014-05-30 23:30:53 ----D---- C:\Windows\Panther
2014-05-30 23:30:53 ----D---- C:\Windows\Minidump
2014-05-30 23:30:53 ----D---- C:\Windows\Logs
2014-05-30 23:30:53 ----D---- C:\Windows\inf
2014-05-30 23:30:53 ----D---- C:\Windows\debug
2014-05-30 23:25:58 ----D---- C:\Windows\system32\Tasks
2014-05-30 23:25:56 ----RD---- C:\Program Files
2014-05-30 23:23:07 ----SHD---- C:\System Volume Information
2014-05-30 23:22:14 ----D---- C:\Windows\system32\restore
2014-05-30 20:57:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-30 20:46:39 ----D---- C:\HRY
2014-05-30 20:28:24 ----D---- C:\Windows\system32\drivers
2014-05-30 20:27:15 ----D---- C:\Windows\system32\config
2014-05-30 20:10:58 ----A---- C:\Windows\system.ini
2014-05-30 20:07:41 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2014-05-30 20:06:14 ----D---- C:\ProgramData\Origin
2014-05-30 19:57:14 ----D---- C:\Windows\SYSWOW64\drivers
2014-05-30 19:57:14 ----D---- C:\Windows\AppPatch
2014-05-30 19:57:13 ----D---- C:\Program Files (x86)\Common Files
2014-05-30 17:32:39 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-05-30 17:24:58 ----D---- C:\Program Files (x86)\Origin
2014-05-30 15:38:36 ----A---- C:\Users\Faposlav\AppData\Roaming\Network Meter_Usage.ini
2014-05-30 15:37:59 ----D---- C:\Windows\system32\drivers\etc
2014-05-30 15:29:55 ----D---- C:\ProgramData\Temp
2014-05-30 13:44:16 ----D---- C:\ProgramData
2014-05-30 12:40:46 ----SHD---- C:\Windows\Installer
2014-05-30 12:40:32 ----D---- C:\ProgramData\Skype
2014-05-30 10:35:10 ----D---- C:\Windows\winsxs
2014-05-30 10:22:43 ----D---- C:\Users\Faposlav\AppData\Roaming\SpotifyController
2014-05-30 10:22:31 ----D---- C:\Program Files (x86)\Crytek
2014-05-30 10:21:58 ----D---- C:\Users\Faposlav\AppData\Roaming\Seznam.cz
2014-05-30 10:20:04 ----D---- C:\Program Files (x86)\RAMDisk
2014-05-30 10:20:01 ----D---- C:\Windows\system32\catroot
2014-05-30 10:20:00 ----D---- C:\Windows\system32\DriverStore
2014-05-30 10:18:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-30 10:12:18 ----D---- C:\Windows\Prefetch
2014-05-30 10:11:26 ----D---- C:\Windows\system32\catroot2
2014-05-29 20:43:41 ----RSD---- C:\Windows\assembly
2014-05-28 22:54:51 ----D---- C:\Users\Faposlav\AppData\Roaming\uTorrent
2014-05-22 11:47:08 ----D---- C:\Windows\Microsoft.NET
2014-05-21 16:17:03 ----D---- C:\ProgramData\Electronic Arts
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-20 03:25:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvshext.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvmctray.dll
2014-05-18 03:02:20 ----D---- C:\ProgramData\Microsoft Help
2014-05-16 15:41:45 ----D---- C:\Windows\rescache
2014-05-15 16:40:06 ----D---- C:\Windows\system32\en-US
2014-05-14 22:39:53 ----A---- C:\Windows\win.ini
2014-05-13 21:53:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-13 21:28:07 ----RSD---- C:\Windows\Fonts
2014-05-13 16:50:01 ----D---- C:\ProgramData\Package Cache
2014-05-13 16:49:53 ----D---- C:\Program Files (x86)\Avira
2014-05-09 16:12:43 ----D---- C:\Program Files (x86)\Origin Games
2014-05-06 17:33:49 ----D---- C:\Program Files (x86)\Overwolf

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-05-22 130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-07 283064]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-05-22 112080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-15 2004128]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-07-30 339744]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 19744]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2013-11-27 42016]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-12-06 35232]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-03-25 115272]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2011-12-07 74960]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-05-22 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-05-22 430160]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-05-05 124496]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1618888]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21009352]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PirritUpdater;PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [2014-02-14 59904]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-04-21 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-02-28 9216]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-01-19 49152]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-04-17 93048]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-12-30 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-27 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-05-22 1039952]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[motji]

Zkuste v ccleaneru najít a odinstalovat
C:\Program Files (x86)\Pirrit