Trochu zpomalený počítač

[ninja_girl]

Zdravím,
zdá se mi, že mi trochu blbne počítač, nabíhá déle než obvykle a občas je zpomalený. Proto prosím o kontrolu logu, děkuji!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Dana (administrator) on HOME on 23-07-2014 10:51:21
Running from C:\Users\Dana\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\xampp\mysql\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PSIService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Dropbox, Inc.) C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe
() C:\Program Files (x86)\Trillian\plugins\skypekit.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Dana\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows

\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-

30] (NVIDIA Corporation)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-04-25] (Check

Point Software Technologies Ltd.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2171904 2009-06-05] (VIA)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft

Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations

GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira

Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-

21] (LogMeIn Inc.)
HKU\S-1-5-21-1602808253-430055931-27258192-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe

[8192 2011-01-17] ()
HKU\S-1-5-21-1602808253-430055931-27258192-1001\...\Run: [Google Update] => C:\Users\Dana\AppData\Local\Google

\Update\GoogleUpdate.exe [136176 2011-09-28] (Google Inc.)
HKU\S-1-5-21-1602808253-430055931-27258192-1001\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnTranslator.lnk
ShortcutTarget: OnTranslator.lnk -> C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {06A8AFCA-3834-4726-BC43-1F90B285805F} URL = http://search.zonealarm.com/search?

src=sp&tbid=goughGA&Lan=en&q={searchTerms}

&gu=a901895e28814c1ea3984a7c10e4d418&tu=10GXy00B02C01g0&sku=&tstsId=&ver=&&r=170
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin

\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin

\jp2ssv.dll (Oracle Corporation)
BHO-x32: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files (x86)\Check

Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java

\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->

C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files

(x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google

\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files

(x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com.tw/common/asusTek_sys_ctrl.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F}

http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB}

http://www.nvidia.com/content/DriverDow ... rtScan.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000}

https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame

\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype

\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle

Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft

Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe

Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT

SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT

SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

(Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle

Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll (

Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery

\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery

\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery

\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA

Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision

\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @software602.cz/602XML Filler - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602

a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update

\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update

\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @spoon.net/Spoon Plugin 3.33 - C:\Users\Dana\AppData\Local\Spoon\3.33.3.13\npMozillaSpoonPlugin.dll

No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dana\AppData\Local\Google\Update

\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dana\AppData\Local\Google\Update

\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dana\AppData\LocalLow\Unity\WebPlayer\loader

\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: SEO Workers Analysis Tool - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default

\Extensions\seoanalysistool@seoworkers [2014-05-04]
FF Extension: SeoQuake - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\Extensions\{317B5128

-0B0B-49b2-B2DB-1E7560E16C74} [2014-05-12]
FF Extension: Dust-Me Selectors - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\Extensions

\{3c6e1eed-a07e-4c80-9cf3-66ea0bf40b37} [2013-10-04]
FF Extension: Flashblock - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\Extensions

\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-11-25]
FF Extension: Classic Theme Restorer - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default

\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-01]
FF Extension: Firebug - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\Extensions

\firebug@software.joehewitt.com.xpi [2011-09-28]
FF Extension: MozBar - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\Extensions

\toolbar@seomoz.org.xpi [2014-05-06]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles

\1ggffnvb.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-09-09]
FF Extension: Gmail Manager - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\Extensions

\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi [2011-09-28]
FF Extension: YouTube High Definition - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default

\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-10]
FF Extension: Adblock Plus - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\Extensions

\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-28]
FF Extension: Screenshoter - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\Extensions

\{d9babd10-47de-11df-9879-0800200c9a66}.xpi [2011-12-01]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint

\ZAForceField\WOW64\TrustChecker

Chrome:
=======
CHR Extension: (MozBar) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions

\eakacpaijcpapndcfffdgphdiccmpknp [2014-07-08]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions

\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-07-22]
CHR Extension: (AdBlock) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions

\gighmmpiobklfepjocnamgkkbiglidom [2014-06-10]
CHR Extension: (LiveJournal Extension) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions

\jkmfgnboikinlhnaomlhalipemjbmfgi [2014-07-22]
CHR Extension: (Google Mail Checker) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions

\mihcahmgecmbnbcchbopgniflfhgnkff [2014-07-22]
CHR Extension: (Google Wallet) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions

\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

==================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10]

(Software602 a.s.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations

GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH

& Co. KG)
R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2013-02-23] (Apache Software Foundation) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira

Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe [51016 2014-06

-26] (Google Inc.)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud

\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [147368 2012-09-24] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
R2 mysql; C:\xampp\mysql\bin\mysqld.exe [8151040 2013-05-16] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30]

(NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA

Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-15] ()
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-10-22] (Crawler.com)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-04-25] (Check Point Software

Technologies Ltd.)
S2 XAMPP; C:\xampp\service.exe [60928 2013-03-30] () [File not signed]
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [92176 2014-04-09] (Check

Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2011-09-16] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA

Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-12-13] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-11-04] (Oracle Corporation)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450968 2014-04-24] (Check Point Software Technologies Ltd.)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-23 10:51 - 2014-07-23 10:54 - 00023669 _____ () C:\Users\Dana\Desktop\FRST.txt
2014-07-23 10:51 - 2014-07-23 10:53 - 00000000 ____D () C:\FRST
2014-07-23 10:46 - 2014-07-23 10:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 10:43 - 2014-07-23 10:43 - 00112640 _____ (forum.viry.cz) C:\Users\Dana\Desktop\FRSTLauncher.exe
2014-07-23 10:42 - 2014-07-23 10:42 - 02090496 _____ (Farbar) C:\Users\Dana\Desktop\FRST64.exe
2014-07-23 09:01 - 2014-07-23 09:45 - 00000549 _____ () C:\Users\Dana\Desktop\Novy10.txt
2014-07-23 07:54 - 2014-07-23 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\LogMeIn Hamachi
2014-07-23 07:54 - 2014-07-23 07:54 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-23 00:03 - 2014-07-23 00:03 - 00000000 ____D () C:\ProgramData\Google
2014-07-23 00:00 - 2014-07-23 00:00 - 07746048 _____ () C:\Users\Dana\Downloads\chromeremotedesktophost.msi
2014-07-23 00:00 - 2014-07-23 00:00 - 07746048 _____ () C:\Users\Dana\Downloads\chromeremotedesktophost (1).msi
2014-07-22 20:31 - 2014-07-22 20:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{1B626FB7-A07D-41D0-B4E7-

2A507B1618E0}
2014-07-22 08:31 - 2014-07-22 08:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{26435277-E1B2-4A47-98AE-

854006F73428}
2014-07-21 20:30 - 2014-07-21 20:30 - 00000000 ____D () C:\Users\Dana\AppData\Local\{8F4A49D5-01D9-423D-

B86D-A2214AFF56E9}
2014-07-21 16:31 - 2014-07-21 16:31 - 15642692 _____ () C:\Users\Dana\Desktop\Set-of-10-simple-patterns-Vol.-1.zip
2014-07-21 16:31 - 2014-07-21 16:31 - 00872454 _____ () C:\Users\Dana\Desktop\12-Flat-Responsive-Web-Mockups.zip
2014-07-21 16:31 - 2014-07-21 16:31 - 00193947 _____ () C:\Users\Dana\Desktop\Outline-Live-Icons.zip
2014-07-21 16:31 - 2014-07-21 16:31 - 00001664 _____ () C:\Users\Dana\Desktop\Summer-of-09-Lightroom-Preset.zip
2014-07-21 16:16 - 2014-07-21 16:31 - 32330564 _____ () C:\Users\Dana\Desktop\ThePack-Vector-PSD-Identities.zip
2014-07-21 08:30 - 2014-07-21 08:30 - 00000000 ____D () C:\Users\Dana\AppData\Local\{C1E84F63-2A18-47BF-8C9D-

3F12E0706E71}
2014-07-20 19:10 - 2014-07-21 16:51 - 00222627 _____ () C:\Users\Dana\Desktop\config.yml
2014-07-20 13:11 - 2014-07-20 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\AIMP3
2014-07-20 09:22 - 2014-07-20 09:22 - 00000000 ____D () C:\Users\Dana\AppData\Local\{C5923A43-D6F7-4F68-ABF8-

C823338C3BA1}
2014-07-19 11:38 - 2014-07-19 11:38 - 00000000 ____D () C:\Users\Dana\AppData\Local\{821C7159-BE21-4D92-9B88-

2609563EF648}
2014-07-18 23:37 - 2014-07-18 23:38 - 00000000 ____D () C:\Users\Dana\AppData\Local\{37B43C52-5138-4DA2-AD62-

4D54953F0DB8}
2014-07-17 21:51 - 2014-07-17 21:51 - 00168928 _____ () C:\Users\Dana\Desktop\kits-edited.txt
2014-07-17 21:18 - 2014-07-17 21:18 - 00028478 _____ () C:\Users\Dana\Desktop\Sešit1.csv
2014-07-17 21:02 - 2014-07-17 21:02 - 00024820 _____ () C:\Users\Dana\Desktop\Sešit1.ods
2014-07-17 17:09 - 2014-07-17 23:08 - 00039484 _____ () C:\Users\Dana\Desktop\Sešit1.xlsx
2014-07-17 16:48 - 2014-07-22 14:58 - 00000600 _____ () C:\Users\Dana\AppData\Roaming\winscp.rnd
2014-07-17 16:12 - 2014-07-22 14:58 - 00014235 _____ () C:\Users\Dana\Desktop\WinSCP.ini
2014-07-17 16:12 - 2014-06-10 11:41 - 10664280 _____ (Martin Prikryl) C:\Users\Dana\Desktop\WinSCP.exe
2014-07-17 16:12 - 2014-06-10 11:41 - 00293272 _____ (Martin Prikryl) C:\Users\Dana\Desktop\WinSCP.com
2014-07-17 15:02 - 2014-07-17 15:02 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\LG Electronics
2014-07-17 14:33 - 2014-07-17 14:33 - 00000000 ____D () C:\Users\Dana\AppData\Local\{05B3EDC2-DC2A-4715-

957B-5561B3FAD983}
2014-07-17 14:32 - 2014-07-17 14:32 - 00000000 ____D () C:\Users\Dana\AppData\Local\{2B1259D3-ACAC-4DF8-88C3

-CEAD5A941EB9}
2014-07-16 23:08 - 2014-07-16 23:08 - 00168928 _____ () C:\Users\Dana\Desktop\current kits.txt
2014-07-16 14:36 - 2014-07-22 21:45 - 00000000 ____D () C:\Users\Dana\Desktop\XNALara_XPS
2014-07-16 13:36 - 2014-07-16 13:37 - 00000000 ____D () C:\Users\Dana\AppData\Local\{82267466-BB89-4C21-AEDF-

655FDC5FFEDF}
2014-07-15 21:25 - 2014-07-15 21:26 - 00000000 ____D () C:\Users\Dana\AppData\Local\{8507E61B-EBFF-42CF-8F92-

BE150B715EEA}
2014-07-15 18:19 - 2014-07-15 20:53 - 00000000 ____D () C:\Users\Dana\Documents\XNALara
2014-07-15 18:18 - 2014-07-15 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-07-15 09:25 - 2014-07-15 09:25 - 00000000 ____D () C:\Users\Dana\AppData\Local\{BBF4DBA5-FF5A-4D5E-BC97

-EC3D26E2E5EA}
2014-07-14 21:24 - 2014-07-14 21:25 - 00000000 ____D () C:\Users\Dana\AppData\Local\{D224A22E-2B3C-4A90-8634-

ABAAA591127E}
2014-07-14 19:35 - 2014-07-14 19:35 - 00009225 _____ () C:\Users\Dana\Desktop\kits.ods
2014-07-14 19:09 - 2014-07-14 19:34 - 00005583 _____ () C:\Users\Dana\Desktop\kits.csv
2014-07-14 19:07 - 2014-07-14 19:16 - 00004336 _____ () C:\Users\Dana\Desktop\kits.txt
2014-07-14 16:09 - 2014-07-14 16:09 - 03444750 _____ () C:\Users\Dana\Desktop\Indranil-Wireframe.zip
2014-07-14 16:09 - 2014-07-14 16:09 - 00455972 _____ () C:\Users\Dana\Desktop\Vintage-Branding-Kit.zip
2014-07-14 10:55 - 2014-07-14 10:55 - 00693876 _____ () C:\Users\Dana\Desktop\sb-admin-v2.zip
2014-07-14 10:43 - 2014-07-14 10:43 - 00059959 _____ () C:\Users\Dana\Desktop\foundation-5.3.0.custom.zip
2014-07-14 09:23 - 2014-07-14 09:24 - 00000000 ____D () C:\Users\Dana\AppData\Local\{2BCD5AAC-1AE1-4C5F-

BA6F-567843C666E8}
2014-07-13 14:45 - 2014-07-13 14:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{35D6D617-991C-42FE-8969-

7C90E5B868D6}
2014-07-13 09:50 - 2014-07-13 09:50 - 00000236 _____ () C:\.htaccess
2014-07-13 09:12 - 2014-07-13 08:08 - 163433099 _____ () C:\Users\Dana\Desktop

\the.dead.files.s06e01.the.aftermath.480p.hdtv.x264.rmteam.mkv
2014-07-12 14:26 - 2014-07-12 14:26 - 00000000 ____D () C:\Users\Dana\Desktop\ajax-pagination-basic
2014-07-12 10:11 - 2014-07-12 10:11 - 00028890 _____ () C:\Users\Dana\Desktop\spells.xlsx
2014-07-12 10:00 - 2014-07-12 10:18 - 00018852 _____ () C:\Users\Dana\Desktop\spells.ods
2014-07-12 09:52 - 2014-07-12 09:57 - 00010699 _____ () C:\Users\Dana\Desktop\spells.csv
2014-07-12 09:51 - 2014-07-12 10:08 - 00046080 _____ () C:\Users\Dana\Desktop\spells.xls
2014-07-12 09:39 - 2014-07-12 10:11 - 00032624 _____ () C:\Users\Dana\Desktop\spells.txt
2014-07-12 09:30 - 2014-07-12 10:13 - 00000287 _____ () C:\Users\Dana\Desktop\Novy1.txt
2014-07-11 21:07 - 2014-07-11 21:07 - 00000000 ____D () C:\Users\Dana\AppData\Local\{0C37F603-2A19-4A4E-B336-

ABD3E241A328}
2014-07-11 14:29 - 2014-07-11 14:29 - 00000000 ____D () C:\Users\Dana\AppData\Local\LG Electronics
2014-07-11 14:29 - 2014-07-11 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG

PC Suite
2014-07-11 14:26 - 2014-07-11 14:28 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-07-11 09:06 - 2014-07-11 09:07 - 00000000 ____D () C:\Users\Dana\AppData\Local\{8DF6D277-2061-48E5-A70B-

60691582A3C5}
2014-07-10 21:06 - 2014-07-10 21:06 - 00000000 ____D () C:\Users\Dana\AppData\Local\{3D500043-3027-479E-9D2C-

867E7EADD5D1}
2014-07-10 15:19 - 2014-07-10 15:19 - 07030606 _____ () C:\Users\Dana\Desktop\themeforest-5480975-plasma-

onepage-multipurpose-html-template.zip
2014-07-10 15:01 - 2014-07-10 15:01 - 00014848 _____ () C:\Users\Dana\Desktop\e-shop kalkulátor.xls
2014-07-10 09:05 - 2014-07-10 09:05 - 00000000 ____D () C:\Users\Dana\AppData\Local\{68E9B0DC-144D-4AEC-BC87

-35E81BC522A9}
2014-07-09 18:47 - 2014-05-09 12:11 - 00000000 ____D () C:\Users\Dana\Desktop\wordpress
2014-07-09 18:46 - 2014-07-09 18:46 - 06725210 _____ () C:\Users\Dana\Desktop\wordpress-3.9.1-cs_CZ.zip
2014-07-09 18:41 - 2014-07-09 18:42 - 168813203 _____ () C:\Users\Dana\Desktop\uvdb1_active24_cz.sql
2014-07-09 12:05 - 2014-07-09 12:05 - 00000000 ____D () C:\Users\Dana\AppData\Local\{F6666057-5914-416A-BCE4-

40BB76385FEB}
2014-07-09 08:33 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 08:33 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 08:33 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 08:33 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 08:33 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 08:33 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 08:33 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 08:33 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 08:33 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 08:33 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 08:33 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 08:33 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 08:33 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 08:33 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 08:33 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 08:33 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 08:33 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 08:33 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows

\system32\MsSpellCheckingFacility.exe
2014-07-09 08:33 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 08:33 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows

\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:33 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 08:33 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 08:33 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 08:33 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 08:33 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 08:33 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 08:33 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 08:33 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 08:33 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 08:33 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 08:33 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 08:33 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 08:33 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 08:33 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 08:33 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 08:33 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 08:33 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 08:33 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 08:33 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 08:33 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 08:33 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows

\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:33 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 08:33 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 08:33 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 08:33 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 08:33 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 08:33 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 08:33 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 08:33 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 08:33 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 08:33 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 08:33 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 08:33 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 08:33 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 08:33 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 08:33 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 08:33 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 08:33 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 08:33 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 08:33 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 08:33 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 08:33 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 08:33 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 08:33 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 08:33 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 08:33 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 08:33 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 08:33 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 08:33 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 08:33 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 08:33 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 08:33 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 08:33 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 08:33 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 08:33 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 08:33 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 08:32 - 2014-07-09 08:32 - 00001785 _____ () C:\Users\Dana\Desktop\dana.zip
2014-07-09 08:32 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 08:32 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 08:32 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 21:49 - 2014-07-08 21:50 - 00000000 ____D () C:\Users\Dana\AppData\Local\{62C51D8B-59F3-4651-BD34-

E52AE50667EA}
2014-07-08 15:14 - 2014-07-08 15:14 - 00077486 _____ () C:\Users\Dana\Desktop\reshira.txt
2014-07-08 12:41 - 2014-07-08 12:43 - 26943026 _____ () C:\Users\Dana\Documents\broadcast (01).mp4
2014-07-08 09:48 - 2014-07-08 09:48 - 00000000 ____D () C:\Users\Dana\AppData\Local\{8B4EE554-7EB4-4213-AA06-

76539D64AB06}
2014-07-08 08:59 - 2014-07-23 09:06 - 00000000 ___RD () C:\Users\Dana\Dropbox
2014-07-08 08:58 - 2014-07-22 21:04 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Dropbox
2014-07-08 08:57 - 2014-07-23 09:06 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Dropbox
2014-07-07 21:47 - 2014-07-07 21:48 - 00000000 ____D () C:\Users\Dana\AppData\Local\{6DC37C8F-754F-49D6-

83DA-C3A5192816DE}
2014-07-07 09:47 - 2014-07-07 09:47 - 00000000 ____D () C:\Users\Dana\AppData\Local\{79FF0519-27FD-4D0F-817D-

56B188A82FB4}
2014-07-06 20:45 - 2014-07-06 20:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{4A99E58C-D710-46B4-B454-

3413DE31670E}
2014-07-06 14:44 - 2014-07-06 15:22 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Notepad++
2014-07-06 14:44 - 2014-07-06 14:44 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Notepad++
2014-07-06 14:44 - 2014-07-06 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Notepad++
2014-07-06 14:44 - 2014-07-06 14:44 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-07-06 08:44 - 2014-07-06 08:44 - 00000000 ____D () C:\Users\Dana\AppData\Local\{51C11962-2DC7-49EE-

8A2C-EB5E2B01A03E}
2014-07-05 16:44 - 2014-07-05 16:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{C3DE21B5-95E9-4623-8EB9-

2FDCCC9E4DD6}
2014-07-04 14:36 - 2014-07-04 14:36 - 00028107 _____ () C:\Users\Dana\Desktop\balnearia-logo-new.ai
2014-07-04 13:38 - 2014-07-04 13:31 - 00016636 _____ () C:\Users\Dana\Desktop\Záloha_balnearia-logo-new.cdr
2014-07-04 13:31 - 2014-07-04 13:38 - 00016916 _____ () C:\Users\Dana\Desktop\balnearia-logo-new.cdr
2014-07-04 13:10 - 2014-07-04 13:10 - 00000000 ____D () C:\Users\Dana\AppData\Local\{1581CD41-40BF-4CF4-9786-

95CFB4727A12}
2014-07-04 10:41 - 2014-07-04 10:41 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-07-04 10:41 - 2014-07-04 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit

Reader
2014-07-04 09:45 - 2014-07-04 09:45 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-04 09:45 - 2014-07-04 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\CCleaner
2014-07-03 21:32 - 2014-07-03 21:32 - 00000000 ____D () C:\Users\Dana\AppData\Local\{CF36CF98-45B1-4B1D-AD98

-BDD6A994F53B}
2014-07-03 15:38 - 2014-07-03 15:38 - 00007391 _____ () C:\Users\Dana\AppData\Local\recently-used.xbel
2014-07-03 10:45 - 2014-07-03 10:45 - 21449561 _____ () C:\Users\Dana\Downloads\prestashop_1.6.0.8.zip
2014-07-03 09:31 - 2014-07-03 09:32 - 00000000 ____D () C:\Users\Dana\AppData\Local\{771004D4-ED1D-4472-86FA-

669696822B8E}
2014-07-02 23:29 - 2014-07-04 19:38 - 17009948 _____ () C:\Users\Dana\Desktop\nový-1.cpt
2014-07-02 21:31 - 2014-07-02 21:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{ED920E3F-81AC-452B-83D4

-F734F640A1D2}
2014-07-02 09:30 - 2014-07-02 09:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{E6EAF983-62A1-4410-9C9C-

B6CA55D6BAC9}
2014-07-01 23:20 - 2014-07-01 23:25 - 86133575 _____ () C:\Users\Dana\Documents\broadcast.mp4
2014-07-01 15:54 - 2014-07-01 15:54 - 00000000 ____D () C:\Users\Dana\AppData\Local\{28550DD3-DCE6-46AC-

A37F-8F7ED7CD5E60}
2014-07-01 10:32 - 2014-07-01 10:32 - 00000000 ____D () C:\Users\Dana\AppData\Local\{A4A2FA16-F4F2-44C5-B21E-

7FCF5E2E925A}
2014-06-30 20:45 - 2014-06-30 20:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{F878B1C3-C382-4D1C-876E-

922C10187B27}
2014-06-30 08:45 - 2014-06-30 08:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{52A59F35-C2FE-44A2-8ED0-

FC53CE1611DF}
2014-06-29 20:44 - 2014-06-29 20:44 - 00000000 ____D () C:\Users\Dana\AppData\Local\{3F61B0B2-04E2-4A3C-A63A-

0B4297D6C66E}
2014-06-29 10:08 - 2014-06-29 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Inkscape-0.48
2014-06-29 10:08 - 2014-06-29 10:09 - 00000000 ____D () C:\Program Files\Inkscape-0.48
2014-06-29 10:08 - 2014-06-29 10:08 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Inkscape-0.48
2014-06-29 08:43 - 2014-06-29 08:43 - 00000000 ____D () C:\Users\Dana\AppData\Local\{08BA9314-C58B-4FBE-9547-

B06A5D400446}
2014-06-27 10:12 - 2014-06-27 10:12 - 00000000 ____D () C:\Users\Dana\AppData\Local\{57216CEB-CB28-4E01-B365-

81398538C26A}
2014-06-26 14:55 - 2014-07-03 14:46 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\PilotEdit
2014-06-26 14:55 - 2014-07-03 14:46 - 00000000 ____D () C:\Program Files\PilotEdit x64
2014-06-26 10:43 - 2014-06-26 10:43 - 00000000 ____D () C:\Users\Dana\AppData\Local\{86DF0FCD-EC60-40AA-9694

-9E894E18F0C7}
2014-06-25 14:46 - 2014-06-25 14:47 - 00000000 ____D () C:\Users\Dana\AppData\Local\{BD3E49F2-21F1-467A-A9A7-

9B2ACF4BC9D7}
2014-06-23 09:31 - 2014-06-23 09:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{BFA14EF8-D1B0-4019-A98B-

2497E8F85DEB}

==================== One Month Modified Files and Folders =======

2014-07-23 10:54 - 2014-07-23 10:51 - 00023669 _____ () C:\Users\Dana\Desktop\FRST.txt
2014-07-23 10:53 - 2014-07-23 10:51 - 00000000 ____D () C:\FRST
2014-07-23 10:49 - 2013-01-18 12:24 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\AIMP3
2014-07-23 10:48 - 2012-04-24 22:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 10:47 - 2014-02-12 15:26 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-23 10:46 - 2014-07-23 10:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 10:44 - 2014-02-14 10:21 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-

1602808253-430055931-27258192-1001UA.job
2014-07-23 10:43 - 2014-07-23 10:43 - 00112640 _____ (forum.viry.cz) C:\Users\Dana\Desktop\FRSTLauncher.exe
2014-07-23 10:42 - 2014-07-23 10:42 - 02090496 _____ (Farbar) C:\Users\Dana\Desktop\FRST64.exe
2014-07-23 10:32 - 2012-12-01 11:37 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-23 09:45 - 2014-07-23 09:01 - 00000549 _____ () C:\Users\Dana\Desktop\Novy10.txt
2014-07-23 09:12 - 2012-09-01 22:03 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\OnTranslator
2014-07-23 09:12 - 2009-07-14 06:45 - 00015296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-

9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-23 09:12 - 2009-07-14 06:45 - 00015296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-

9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-23 09:08 - 2011-09-28 21:47 - 01195437 _____ () C:\Windows\WindowsUpdate.log
2014-07-23 09:06 - 2014-07-08 08:59 - 00000000 ___RD () C:\Users\Dana\Dropbox
2014-07-23 09:06 - 2014-07-08 08:57 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Dropbox
2014-07-23 09:05 - 2014-06-09 08:53 - 00023956 _____ () C:\Windows\setupact.log
2014-07-23 09:05 - 2012-01-15 15:15 - 00000000 ____D () C:\Users\Dana\AppData\Local\LogMeIn Hamachi
2014-07-23 09:03 - 2014-02-12 15:26 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-23 09:03 - 2011-09-29 10:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-23 09:03 - 2009-07-14 07:08 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-23 09:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-23 08:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-23 07:54 - 2014-07-23 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\LogMeIn Hamachi
2014-07-23 07:54 - 2014-07-23 07:54 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-23 00:03 - 2014-07-23 00:03 - 00000000 ____D () C:\ProgramData\Google
2014-07-23 00:02 - 2012-10-24 13:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-23 00:00 - 2014-07-23 00:00 - 07746048 _____ () C:\Users\Dana\Downloads\chromeremotedesktophost.msi
2014-07-23 00:00 - 2014-07-23 00:00 - 07746048 _____ () C:\Users\Dana\Downloads\chromeremotedesktophost (1).msi
2014-07-22 21:45 - 2014-07-16 14:36 - 00000000 ____D () C:\Users\Dana\Desktop\XNALara_XPS
2014-07-22 21:04 - 2014-07-08 08:58 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Dropbox
2014-07-22 20:31 - 2014-07-22 20:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{1B626FB7-A07D-41D0-B4E7-

2A507B1618E0}
2014-07-22 20:30 - 2012-09-14 14:09 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\.minecraft
2014-07-22 18:44 - 2014-02-14 10:21 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-

1602808253-430055931-27258192-1001Core.job
2014-07-22 18:30 - 2011-09-28 22:43 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\FileZilla
2014-07-22 18:00 - 2012-07-18 16:14 - 00000464 _____ () C:\Windows\Tasks\ParetoLogic Registration.job
2014-07-22 14:58 - 2014-07-17 16:48 - 00000600 _____ () C:\Users\Dana\AppData\Roaming\winscp.rnd
2014-07-22 14:58 - 2014-07-17 16:12 - 00014235 _____ () C:\Users\Dana\Desktop\WinSCP.ini
2014-07-22 11:33 - 2012-11-05 23:24 - 00000000 ____D () C:\de-zaloha
2014-07-22 08:31 - 2014-07-22 08:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{26435277-E1B2-4A47-98AE-

854006F73428}
2014-07-21 20:30 - 2014-07-21 20:30 - 00000000 ____D () C:\Users\Dana\AppData\Local\{8F4A49D5-01D9-423D-

B86D-A2214AFF56E9}
2014-07-21 16:51 - 2014-07-20 19:10 - 00222627 _____ () C:\Users\Dana\Desktop\config.yml
2014-07-21 16:31 - 2014-07-21 16:31 - 15642692 _____ () C:\Users\Dana\Desktop\Set-of-10-simple-patterns-Vol.-1.zip
2014-07-21 16:31 - 2014-07-21 16:31 - 00872454 _____ () C:\Users\Dana\Desktop\12-Flat-Responsive-Web-Mockups.zip
2014-07-21 16:31 - 2014-07-21 16:31 - 00193947 _____ () C:\Users\Dana\Desktop\Outline-Live-Icons.zip
2014-07-21 16:31 - 2014-07-21 16:31 - 00001664 _____ () C:\Users\Dana\Desktop\Summer-of-09-Lightroom-Preset.zip
2014-07-21 16:31 - 2014-07-21 16:16 - 32330564 _____ () C:\Users\Dana\Desktop\ThePack-Vector-PSD-Identities.zip
2014-07-21 08:30 - 2014-07-21 08:30 - 00000000 ____D () C:\Users\Dana\AppData\Local\{C1E84F63-2A18-47BF-8C9D-

3F12E0706E71}
2014-07-20 13:11 - 2014-07-20 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\AIMP3
2014-07-20 13:10 - 2013-01-18 12:24 - 00000000 ____D () C:\Program Files (x86)\AIMP3
2014-07-20 09:22 - 2014-07-20 09:22 - 00000000 ____D () C:\Users\Dana\AppData\Local\{C5923A43-D6F7-4F68-ABF8-

C823338C3BA1}
2014-07-19 12:30 - 2014-06-08 22:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-19 11:38 - 2014-07-19 11:38 - 00000000 ____D () C:\Users\Dana\AppData\Local\{821C7159-BE21-4D92-9B88-

2609563EF648}
2014-07-18 23:38 - 2014-07-18 23:37 - 00000000 ____D () C:\Users\Dana\AppData\Local\{37B43C52-5138-4DA2-AD62-

4D54953F0DB8}
2014-07-17 23:08 - 2014-07-17 17:09 - 00039484 _____ () C:\Users\Dana\Desktop\Sešit1.xlsx
2014-07-17 21:51 - 2014-07-17 21:51 - 00168928 _____ () C:\Users\Dana\Desktop\kits-edited.txt
2014-07-17 21:18 - 2014-07-17 21:18 - 00028478 _____ () C:\Users\Dana\Desktop\Sešit1.csv
2014-07-17 21:02 - 2014-07-17 21:02 - 00024820 _____ () C:\Users\Dana\Desktop\Sešit1.ods
2014-07-17 15:02 - 2014-07-17 15:02 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\LG Electronics
2014-07-17 14:33 - 2014-07-17 14:33 - 00000000 ____D () C:\Users\Dana\AppData\Local\{05B3EDC2-DC2A-4715-

957B-5561B3FAD983}
2014-07-17 14:33 - 2013-05-07 14:49 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers

\avnetflt.sys
2014-07-17 14:32 - 2014-07-17 14:32 - 00000000 ____D () C:\Users\Dana\AppData\Local\{2B1259D3-ACAC-4DF8-88C3

-CEAD5A941EB9}
2014-07-17 08:27 - 2009-07-14 06:45 - 03830688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-16 23:08 - 2014-07-16 23:08 - 00168928 _____ () C:\Users\Dana\Desktop\current kits.txt
2014-07-16 17:13 - 2011-09-28 22:20 - 00143672 _____ () C:\Users\Dana\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-16 13:37 - 2014-07-16 13:36 - 00000000 ____D () C:\Users\Dana\AppData\Local\{82267466-BB89-4C21-AEDF-

655FDC5FFEDF}
2014-07-15 21:26 - 2014-07-15 21:25 - 00000000 ____D () C:\Users\Dana\AppData\Local\{8507E61B-EBFF-42CF-8F92-

BE150B715EEA}
2014-07-15 20:53 - 2014-07-15 18:19 - 00000000 ____D () C:\Users\Dana\Documents\XNALara
2014-07-15 18:18 - 2014-07-15 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-07-15 17:21 - 2014-05-25 15:17 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-15 17:21 - 2012-06-13 18:29 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-15 17:21 - 2012-06-13 18:29 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-15 14:04 - 2014-03-10 12:24 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-15 14:04 - 2013-03-23 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-15 14:03 - 2013-03-23 18:18 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-15 09:25 - 2014-07-15 09:25 - 00000000 ____D () C:\Users\Dana\AppData\Local\{BBF4DBA5-FF5A-4D5E-BC97

-EC3D26E2E5EA}
2014-07-14 21:25 - 2014-07-14 21:24 - 00000000 ____D () C:\Users\Dana\AppData\Local\{D224A22E-2B3C-4A90-8634-

ABAAA591127E}
2014-07-14 19:35 - 2014-07-14 19:35 - 00009225 _____ () C:\Users\Dana\Desktop\kits.ods
2014-07-14 19:34 - 2014-07-14 19:09 - 00005583 _____ () C:\Users\Dana\Desktop\kits.csv
2014-07-14 19:16 - 2014-07-14 19:07 - 00004336 _____ () C:\Users\Dana\Desktop\kits.txt
2014-07-14 16:09 - 2014-07-14 16:09 - 03444750 _____ () C:\Users\Dana\Desktop\Indranil-Wireframe.zip
2014-07-14 16:09 - 2014-07-14 16:09 - 00455972 _____ () C:\Users\Dana\Desktop\Vintage-Branding-Kit.zip
2014-07-14 10:55 - 2014-07-14 10:55 - 00693876 _____ () C:\Users\Dana\Desktop\sb-admin-v2.zip
2014-07-14 10:43 - 2014-07-14 10:43 - 00059959 _____ () C:\Users\Dana\Desktop\foundation-5.3.0.custom.zip
2014-07-14 09:24 - 2014-07-14 09:23 - 00000000 ____D () C:\Users\Dana\AppData\Local\{2BCD5AAC-1AE1-4C5F-

BA6F-567843C666E8}
2014-07-13 14:45 - 2014-07-13 14:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{35D6D617-991C-42FE-8969-

7C90E5B868D6}
2014-07-13 09:50 - 2014-07-13 09:50 - 00000236 _____ () C:\.htaccess
2014-07-13 09:43 - 2011-10-09 16:03 - 00000000 ____D () C:\Users\Dana\Documents\IZArc2Go
2014-07-13 08:08 - 2014-07-13 09:12 - 163433099 _____ () C:\Users\Dana\Desktop

\the.dead.files.s06e01.the.aftermath.480p.hdtv.x264.rmteam.mkv
2014-07-12 17:10 - 2011-10-13 18:23 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Skype
2014-07-12 14:26 - 2014-07-12 14:26 - 00000000 ____D () C:\Users\Dana\Desktop\ajax-pagination-basic
2014-07-12 10:18 - 2014-07-12 10:00 - 00018852 _____ () C:\Users\Dana\Desktop\spells.ods
2014-07-12 10:13 - 2014-07-12 09:30 - 00000287 _____ () C:\Users\Dana\Desktop\Novy1.txt
2014-07-12 10:11 - 2014-07-12 10:11 - 00028890 _____ () C:\Users\Dana\Desktop\spells.xlsx
2014-07-12 10:11 - 2014-07-12 09:39 - 00032624 _____ () C:\Users\Dana\Desktop\spells.txt
2014-07-12 10:08 - 2014-07-12 09:51 - 00046080 _____ () C:\Users\Dana\Desktop\spells.xls
2014-07-12 09:57 - 2014-07-12 09:52 - 00010699 _____ () C:\Users\Dana\Desktop\spells.csv
2014-07-11 21:07 - 2014-07-11 21:07 - 00000000 ____D () C:\Users\Dana\AppData\Local\{0C37F603-2A19-4A4E-B336-

ABD3E241A328}
2014-07-11 14:29 - 2014-07-11 14:29 - 00000000 ____D () C:\Users\Dana\AppData\Local\LG Electronics
2014-07-11 14:29 - 2014-07-11 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG

PC Suite
2014-07-11 14:28 - 2014-07-11 14:26 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-07-11 09:38 - 2011-10-26 17:00 - 00000000 ____D () C:\Windows\System32\Tasks\Úlohy prohlížeče událostí
2014-07-11 09:07 - 2014-07-11 09:06 - 00000000 ____D () C:\Users\Dana\AppData\Local\{8DF6D277-2061-48E5-A70B-

60691582A3C5}
2014-07-10 21:06 - 2014-07-10 21:06 - 00000000 ____D () C:\Users\Dana\AppData\Local\{3D500043-3027-479E-9D2C-

867E7EADD5D1}
2014-07-10 15:19 - 2014-07-10 15:19 - 07030606 _____ () C:\Users\Dana\Desktop\themeforest-5480975-plasma-

onepage-multipurpose-html-template.zip
2014-07-10 15:01 - 2014-07-10 15:01 - 00014848 _____ () C:\Users\Dana\Desktop\e-shop kalkulátor.xls
2014-07-10 12:02 - 2013-03-02 21:20 - 00000000 ____D () C:\MCLAN
2014-07-10 09:05 - 2014-07-10 09:05 - 00000000 ____D () C:\Users\Dana\AppData\Local\{68E9B0DC-144D-4AEC-BC87

-35E81BC522A9}
2014-07-10 00:38 - 2009-07-14 09:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 00:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 00:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 18:46 - 2014-07-09 18:46 - 06725210 _____ () C:\Users\Dana\Desktop\wordpress-3.9.1-cs_CZ.zip
2014-07-09 18:42 - 2014-07-09 18:41 - 168813203 _____ () C:\Users\Dana\Desktop\uvdb1_active24_cz.sql
2014-07-09 12:19 - 2013-08-14 17:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 12:10 - 2011-09-29 10:08 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 12:05 - 2014-07-09 12:05 - 00000000 ____D () C:\Users\Dana\AppData\Local\{F6666057-5914-416A-BCE4-

40BB76385FEB}
2014-07-09 11:32 - 2012-12-01 11:37 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows

\SysWOW64\FlashPlayerApp.exe
2014-07-09 11:32 - 2012-12-01 11:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows

\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 11:32 - 2012-12-01 11:37 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 08:32 - 2014-07-09 08:32 - 00001785 _____ () C:\Users\Dana\Desktop\dana.zip
2014-07-08 21:50 - 2014-07-08 21:49 - 00000000 ____D () C:\Users\Dana\AppData\Local\{62C51D8B-59F3-4651-BD34-

E52AE50667EA}
2014-07-08 15:14 - 2014-07-08 15:14 - 00077486 _____ () C:\Users\Dana\Desktop\reshira.txt
2014-07-08 12:43 - 2014-07-08 12:41 - 26943026 _____ () C:\Users\Dana\Documents\broadcast (01).mp4
2014-07-08 09:48 - 2014-07-08 09:48 - 00000000 ____D () C:\Users\Dana\AppData\Local\{8B4EE554-7EB4-4213-AA06-

76539D64AB06}
2014-07-08 08:59 - 2011-09-28 21:51 - 00000000 ____D () C:\Users\Dana
2014-07-07 21:48 - 2014-07-07 21:47 - 00000000 ____D () C:\Users\Dana\AppData\Local\{6DC37C8F-754F-49D6-

83DA-C3A5192816DE}
2014-07-07 09:47 - 2014-07-07 09:47 - 00000000 ____D () C:\Users\Dana\AppData\Local\{79FF0519-27FD-4D0F-817D-

56B188A82FB4}
2014-07-06 20:45 - 2014-07-06 20:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{4A99E58C-D710-46B4-B454-

3413DE31670E}
2014-07-06 15:22 - 2014-07-06 14:44 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Notepad++
2014-07-06 14:44 - 2014-07-06 14:44 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Notepad++
2014-07-06 14:44 - 2014-07-06 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Notepad++
2014-07-06 14:44 - 2014-07-06 14:44 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-07-06 08:44 - 2014-07-06 08:44 - 00000000 ____D () C:\Users\Dana\AppData\Local\{51C11962-2DC7-49EE-

8A2C-EB5E2B01A03E}
2014-07-05 16:45 - 2014-07-05 16:44 - 00000000 ____D () C:\Users\Dana\AppData\Local\{C3DE21B5-95E9-4623-8EB9-

2FDCCC9E4DD6}
2014-07-05 08:29 - 2014-06-09 08:53 - 00002988 _____ () C:\Windows\PFRO.log
2014-07-04 19:38 - 2014-07-02 23:29 - 17009948 _____ () C:\Users\Dana\Desktop\nový-1.cpt
2014-07-04 14:36 - 2014-07-04 14:36 - 00028107 _____ () C:\Users\Dana\Desktop\balnearia-logo-new.ai
2014-07-04 13:38 - 2014-07-04 13:31 - 00016916 _____ () C:\Users\Dana\Desktop\balnearia-logo-new.cdr
2014-07-04 13:31 - 2014-07-04 13:38 - 00016636 _____ () C:\Users\Dana\Desktop\Záloha_balnearia-logo-new.cdr
2014-07-04 13:10 - 2014-07-04 13:10 - 00000000 ____D () C:\Users\Dana\AppData\Local\{1581CD41-40BF-4CF4-9786-

95CFB4727A12}
2014-07-04 11:10 - 2011-09-28 22:46 - 00000000 ____D () C:\Users\Dana\Documents\prace
2014-07-04 10:41 - 2014-07-04 10:41 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-07-04 10:41 - 2014-07-04 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit

Reader
2014-07-04 10:18 - 2014-03-11 16:49 - 00000000 ____D () C:\Program Files (x86)\FlashIntegro
2014-07-04 10:17 - 2012-03-29 14:00 - 00000000 ____D () C:\Program Files (x86)\Free Video Cutter
2014-07-04 10:11 - 2011-09-29 12:11 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-04 09:58 - 2011-12-19 15:07 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2014-07-04 09:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Games
2014-07-04 09:45 - 2014-07-04 09:45 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-04 09:45 - 2014-07-04 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\CCleaner
2014-07-03 21:32 - 2014-07-03 21:32 - 00000000 ____D () C:\Users\Dana\AppData\Local\{CF36CF98-45B1-4B1D-AD98

-BDD6A994F53B}
2014-07-03 15:39 - 2014-03-11 22:20 - 00000000 ____D () C:\Users\Dana\.gimp-2.8
2014-07-03 15:38 - 2014-07-03 15:38 - 00007391 _____ () C:\Users\Dana\AppData\Local\recently-used.xbel
2014-07-03 15:37 - 2011-09-29 11:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-03 15:05 - 2012-01-09 13:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-07-03 14:53 - 2012-06-02 23:24 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-07-03 14:47 - 2014-03-11 14:13 - 00000000 ____D () C:\Program Files (x86)\Lightworks
2014-07-03 14:46 - 2014-06-26 14:55 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\PilotEdit
2014-07-03 14:46 - 2014-06-26 14:55 - 00000000 ____D () C:\Program Files\PilotEdit x64
2014-07-03 14:46 - 2013-07-11 14:06 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-07-03 14:16 - 2011-09-28 22:28 - 00000000 ____D () C:\Users\Dana\Documents\Dana
2014-07-03 10:45 - 2014-07-03 10:45 - 21449561 _____ () C:\Users\Dana\Downloads\prestashop_1.6.0.8.zip
2014-07-03 09:32 - 2014-07-03 09:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{771004D4-ED1D-4472-86FA-

669696822B8E}
2014-07-02 21:31 - 2014-07-02 21:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{ED920E3F-81AC-452B-83D4

-F734F640A1D2}
2014-07-02 18:12 - 2012-08-08 17:47 - 00000000 ____D () C:\Users\Dana\Desktop\Floral Patterns
2014-07-02 15:22 - 2014-06-10 15:18 - 00000000 ____D () C:\Users\Dana\AppData\Local\gtk-2.0
2014-07-02 09:31 - 2014-07-02 09:30 - 00000000 ____D () C:\Users\Dana\AppData\Local\{E6EAF983-62A1-4410-9C9C-

B6CA55D6BAC9}
2014-07-01 23:25 - 2014-07-01 23:20 - 86133575 _____ () C:\Users\Dana\Documents\broadcast.mp4
2014-07-01 15:54 - 2014-07-01 15:54 - 00000000 ____D () C:\Users\Dana\AppData\Local\{28550DD3-DCE6-46AC-

A37F-8F7ED7CD5E60}
2014-07-01 10:32 - 2014-07-01 10:32 - 00000000 ____D () C:\Users\Dana\AppData\Local\{A4A2FA16-F4F2-44C5-B21E-

7FCF5E2E925A}
2014-06-30 20:45 - 2014-06-30 20:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{F878B1C3-C382-4D1C-876E-

922C10187B27}
2014-06-30 12:31 - 2014-03-09 15:32 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PROFIT.lnk
2014-06-30 12:31 - 2014-01-20 12:00 - 00000975 _____ () C:\Users\Public\Desktop\PROFIT.lnk
2014-06-30 12:31 - 2012-11-05 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\LPsoft PROFIT
2014-06-30 12:31 - 2012-11-05 23:13 - 00000000 ____D () C:\Program Files (x86)\PROFIT
2014-06-30 08:45 - 2014-06-30 08:45 - 00000000 ____D () C:\Users\Dana\AppData\Local\{52A59F35-C2FE-44A2-8ED0-

FC53CE1611DF}
2014-06-29 20:44 - 2014-06-29 20:44 - 00000000 ____D () C:\Users\Dana\AppData\Local\{3F61B0B2-04E2-4A3C-A63A-

0B4297D6C66E}
2014-06-29 10:11 - 2013-02-16 17:25 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\inkscape
2014-06-29 10:09 - 2014-06-29 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Inkscape-0.48
2014-06-29 10:09 - 2014-06-29 10:08 - 00000000 ____D () C:\Program Files\Inkscape-0.48
2014-06-29 10:08 - 2014-06-29 10:08 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Inkscape-0.48
2014-06-29 08:43 - 2014-06-29 08:43 - 00000000 ____D () C:\Users\Dana\AppData\Local\{08BA9314-C58B-4FBE-9547-

B06A5D400446}
2014-06-28 14:04 - 2011-09-28 23:06 - 00670658 _____ () C:\Windows\system32\perfh005.dat
2014-06-28 14:04 - 2011-09-28 23:06 - 00142270 _____ () C:\Windows\system32\perfc005.dat
2014-06-28 14:04 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-27 17:46 - 2014-01-05 14:20 - 00000000 ____D () C:\Program Files\OBS
2014-06-27 10:12 - 2014-06-27 10:12 - 00000000 ____D () C:\Users\Dana\AppData\Local\{57216CEB-CB28-4E01-B365-

81398538C26A}
2014-06-26 10:43 - 2014-06-26 10:43 - 00000000 ____D () C:\Users\Dana\AppData\Local\{86DF0FCD-EC60-40AA-9694

-9E894E18F0C7}
2014-06-25 14:47 - 2014-06-25 14:46 - 00000000 ____D () C:\Users\Dana\AppData\Local\{BD3E49F2-21F1-467A-A9A7-

9B2ACF4BC9D7}
2014-06-24 13:50 - 2013-03-25 17:00 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers

\avgntflt.sys
2014-06-23 17:02 - 2012-06-13 18:29 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-23 17:01 - 2014-06-08 23:21 - 00036870 _____ () C:\Windows\DirectX.log
2014-06-23 09:31 - 2014-06-23 09:31 - 00000000 ____D () C:\Users\Dana\AppData\Local\{BFA14EF8-D1B0-4019-A98B-

2497E8F85DEB}

Some content of TEMP:
====================
C:\Users\Dana\AppData\Local\Temp\API.dll
C:\Users\Dana\AppData\Local\Temp\avgnt.exe
C:\Users\Dana\AppData\Local\Temp\Base64.dll
C:\Users\Dana\AppData\Local\Temp\Calc.dll
C:\Users\Dana\AppData\Local\Temp\Canvas.dll
C:\Users\Dana\AppData\Local\Temp\Clipboard.dll
C:\Users\Dana\AppData\Local\Temp\CountInstallation.exe
C:\Users\Dana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpglemet.dll
C:\Users\Dana\AppData\Local\Temp\Dumper.dll
C:\Users\Dana\AppData\Local\Temp\eauninstall.exe
C:\Users\Dana\AppData\Local\Temp\Entry.dll
C:\Users\Dana\AppData\Local\Temp\Event.dll
C:\Users\Dana\AppData\Local\Temp\Expat.dll
C:\Users\Dana\AppData\Local\Temp\Fcntl.dll
C:\Users\Dana\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Dana\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Dana\AppData\Local\Temp\HiRes.dll
C:\Users\Dana\AppData\Local\Temp\HList.dll
C:\Users\Dana\AppData\Local\Temp\IO.dll
C:\Users\Dana\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-b3020jnks.dll
C:\Users\Dana\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dll
C:\Users\Dana\AppData\Local\Temp\Listbox.dll
C:\Users\Dana\AppData\Local\Temp\NBFrame.dll
C:\Users\Dana\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Dana\AppData\Local\Temp\OLE.dll
C:\Users\Dana\AppData\Local\Temp\PerfLib.dll
C:\Users\Dana\AppData\Local\Temp\Photo.dll
C:\Users\Dana\AppData\Local\Temp\Pixmap.dll
C:\Users\Dana\AppData\Local\Temp\POSIX.dll
C:\Users\Dana\AppData\Local\Temp\Process.dll
C:\Users\Dana\AppData\Local\Temp\Registry.dll
C:\Users\Dana\AppData\Local\Temp\Scale.dll
C:\Users\Dana\AppData\Local\Temp\Scrollbar.dll
C:\Users\Dana\AppData\Local\Temp\Shell.dll
C:\Users\Dana\AppData\Local\Temp\Shortcut.dll
C:\Users\Dana\AppData\Local\Temp\Socket.dll
C:\Users\Dana\AppData\Local\Temp\Sound.dll
C:\Users\Dana\AppData\Local\Temp\Text.dll
C:\Users\Dana\AppData\Local\Temp\The Sims 2_uninst.exe
C:\Users\Dana\AppData\Local\Temp\Tk.dll
C:\Users\Dana\AppData\Local\Temp\Win32.dll
C:\Users\Dana\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Dana\AppData\Local\Temp\Zlib.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash

\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1602808253-430055931-27258192-1001Core.job => C:\Users

\Dana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1602808253-430055931-27258192-1001UA.job => C:\Users

\Dana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {E6380B7E-D4B2-19F1-083E-56486607704B}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Dana\Desktop" je 3213 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent
"C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start

Menu^Programs^Startup^Monitor Apache Servers.lnk
C:\PROGRA~2\APACHE~1\Apache2.2\bin\APACHE~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder

\C:^Users^Dana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n�

aplikace OneNote 2007.lnk
C:\PROGRA~2\MICROS~3\Office12\ONENOTEM.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile

\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile

\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

Zdravim

Vycistete trosku plochu.

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[ninja_girl]

Jooo 3GB a 300MB je docela rozdíl. Vyčistím to a dám tam jenom zástupce. Díky za radu.

Tady je log:

# AdwCleaner v3.216 - Report created 23/07/2014 at 11:42:43
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Dana - HOME
# Running from : C:\Users\Dana\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\OCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\prefs.js ]

Line Deleted : user_pref("flashblock.whitelist", "hxxps://vine.co,hxxp://www.clixsense.com,hxxp://vimeo.com,instagram.com,lynda.com,tumblr.com,hxxp://www.veoh.com,vimeo.com,hxxps://play.spotify.com/,hxxp://vimeo.com[...]

-\\ Google Chrome v

[ File : C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5334 octets] - [23/09/2013 09:27:17]
AdwCleaner[R1].txt - [992 octets] - [23/09/2013 09:44:23]
AdwCleaner[R2].txt - [1530 octets] - [16/10/2013 11:49:02]
AdwCleaner[R3].txt - [3599 octets] - [14/12/2013 19:48:32]
AdwCleaner[R4].txt - [2645 octets] - [23/07/2014 11:41:35]
AdwCleaner[S0].txt - [4986 octets] - [23/09/2013 09:37:02]
AdwCleaner[S1].txt - [1052 octets] - [23/09/2013 09:45:46]
AdwCleaner[S2].txt - [1561 octets] - [16/10/2013 11:50:08]
AdwCleaner[S3].txt - [3724 octets] - [14/12/2013 19:51:49]
AdwCleaner[S4].txt - [2545 octets] - [23/07/2014 11:42:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [2605 octets] ##########

[Márty84]

Tak jsou tu i takovi, co maji na plose 200GB Jinak cim mene tam bude, tim lepe, takze kdyz tam bude mene nez tech 200MB, rozhodne to vadit nebude


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[ninja_girl]

Tak plochu jsem zvládla zmenšit na 50MB. Od teď už budu snad udržovat pořádek a pěkně třídit.

Tady je log z MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 23.7.2014
Scan Time: 12:32:30
Logfile: scan1.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.23.03
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dana

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 300985
Time Elapsed: 12 min, 10 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

MBAM odinstaluje

Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786

[ninja_girl]

Tu je:

[Márty84]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dana at 2014-07-23 13:35:07
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 223 GB (47%) free of 477 GB
Total RAM: 4095 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:35:22, on 23.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trillian\trillian.exe
c:\program files (x86)\trillian\plugins\skypekit.exe
C:\Program Files\trend micro\Dana.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost; 127.0.0.1; <local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Dropbox.lnk = C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: OnTranslator.lnk = C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Copy to Semagic - C:\Program Files (x86)\Semagic\copy.htm
O8 - Extra context menu item: Semagic - C:\Program Files (x86)\Semagic\link.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com.tw/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apache2.4 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

--
End of file - 12545 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\xampp\apache\bin\httpd.exe" -k runservice
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe" --type=host --daemon-pipe=376
C:\xampp\mysql\bin\mysqld.exe --defaults-file=C:\xampp\mysql\bin\my.ini mysql
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PSIService.exe
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2624
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
C:\xampp\apache\bin\httpd.exe -d C:/xampp/apache
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000788
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 9222bd9e-d09b-4682-8069-9bab272a6cff 1
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
\??\C:\Windows\system32\conhost.exe "888330319993279615-864340255-1264784423-59331029-18130602901541162147-2033248709
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b35ad4e6-f0c5-40a3-abfe-8617294d1af1 -SystemEventPortName:HostProcess-72df2c34-2db0-4614-88b8-404f299f7eae -IoCancelEventPortName:HostProcess-16c62a17-e7d9-4f1c-840a-453a82f4a028 -NonStateChangingEventPortName:HostProcess-89d33dc6-4b56-44f7-92f5-ed00344b1684 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1ed61503-6fb1-4ca4-9e5c-6c025edd6eb7 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe" /h
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
\??\C:\Windows\system32\conhost.exe "-1442689663694351033-1353648840-522351440-47204965-19002081731504474973945439263
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Trillian\trillian.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
skypekit.exe -p "50018" -f "c:\users\dana\appdata\roaming\trillian\users\dana%2esvedova\skype"
"taskhost.exe"
C:\Windows\system32\AUDIODG.EXE 0x874
taskeng.exe {536FDA1A-9B6A-4977-80F7-9F6B63E6B23D}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Dana\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1602808253-430055931-27258192-1001Core.job - C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1602808253-430055931-27258192-1001UA.job - C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ParetoLogic Registration.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns

=========Mozilla firefox=========

ProfilePath - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\extensions\
seoanalysistool@seoworkers
{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
{3c6e1eed-a07e-4c80-9cf3-66ea0bf40b37}
{3d7eb24f-2740-49df-8937-200b1cc08f8a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-12 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-12 211368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7}]
ChromeFrame BHO - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02 2215240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22 289168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"Google Update"=C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 136176]
""= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-06-24 750160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-09-16 57928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-07-21 3816784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
C:\PROGRA~2\APACHE~1\Apache2.2\bin\APACHE~1.EXE [2012-01-28 41051]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-04-25 137352]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-06-05 2171904]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-06-24 750160]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-07-07 189520]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-07-21 3816784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
OnTranslator.lnk - C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave4"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2014-07-23 11:59:05 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-23 11:42:23 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-23 10:51:08 ----D---- C:\FRST
2014-07-23 10:46:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-23 07:54:24 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-07-23 00:03:18 ----D---- C:\ProgramData\Google
2014-07-17 15:02:21 ----D---- C:\Users\Dana\AppData\Roaming\LG Electronics
2014-07-15 18:18:34 ----D---- C:\Program Files (x86)\Microsoft XNA
2014-07-11 14:26:32 ----D---- C:\Program Files (x86)\LG Electronics
2014-07-09 08:33:54 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 08:33:54 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 08:33:54 ----A---- C:\Windows\system32\osk.exe
2014-07-09 08:33:53 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 08:33:53 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 08:33:52 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 08:33:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-09 08:33:45 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 08:33:45 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 08:33:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 08:33:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 08:33:36 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 08:33:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 08:33:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 08:33:35 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:33:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 08:33:35 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 08:33:35 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 08:33:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 08:33:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 08:33:34 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 08:33:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:33:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 08:33:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 08:33:33 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 08:33:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 08:33:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 08:33:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 08:33:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 08:33:32 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 08:33:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 08:33:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 08:33:32 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 08:33:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 08:33:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 08:33:30 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 08:33:30 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 08:33:28 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 08:33:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 08:33:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 08:33:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 08:33:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 08:33:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 08:33:27 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 08:33:27 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 08:33:26 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 08:33:26 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 08:33:26 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 08:33:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 08:33:26 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 08:33:25 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 08:33:25 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 08:33:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 08:33:24 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 08:33:24 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 08:32:54 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-09 08:32:53 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 08:32:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 08:57:19 ----D---- C:\Users\Dana\AppData\Roaming\Dropbox
2014-07-06 14:44:51 ----D---- C:\Users\Dana\AppData\Roaming\Notepad++
2014-07-06 14:44:51 ----D---- C:\Program Files (x86)\Notepad++
2014-06-29 10:08:33 ----D---- C:\Program Files\Inkscape-0.48
2014-06-26 14:55:51 ----D---- C:\Users\Dana\AppData\Roaming\PilotEdit
2014-06-26 14:55:49 ----D---- C:\Program Files\PilotEdit x64

======List of files/folders modified in the last 1 month======

2014-07-23 13:35:24 ----D---- C:\Windows\Temp
2014-07-23 13:35:21 ----D---- C:\Program Files\trend micro
2014-07-23 13:30:18 ----D---- C:\Windows\system32\drivers
2014-07-23 12:38:07 ----D---- C:\Users\Dana\AppData\Roaming\.minecraft
2014-07-23 12:03:15 ----D---- C:\Windows\system32\config
2014-07-23 11:59:05 ----RD---- C:\Program Files (x86)
2014-07-23 11:59:05 ----D---- C:\ProgramData\Malwarebytes
2014-07-23 11:48:59 ----D---- C:\Users\Dana\AppData\Roaming\OnTranslator
2014-07-23 11:47:28 ----D---- C:\ProgramData\NVIDIA
2014-07-23 11:47:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 11:45:59 ----D---- C:\AdwCleaner
2014-07-23 11:42:23 ----D---- C:\Windows\SysWOW64
2014-07-23 11:12:14 ----D---- C:\Users\Dana\AppData\Roaming\AIMP3
2014-07-23 10:55:43 ----D---- C:\Windows
2014-07-23 10:48:29 ----D---- C:\Windows\Prefetch
2014-07-23 08:59:34 ----D---- C:\Windows\system32\NDF
2014-07-23 08:02:16 ----SHD---- C:\System Volume Information
2014-07-23 07:55:24 ----SHD---- C:\Windows\Installer
2014-07-23 00:03:18 ----D---- C:\ProgramData
2014-07-23 00:02:02 ----D---- C:\Program Files (x86)\Google
2014-07-22 18:30:21 ----D---- C:\Users\Dana\AppData\Roaming\FileZilla
2014-07-22 17:19:11 ----D---- C:\Windows\Internet Logs
2014-07-22 11:33:07 ----D---- C:\de-zaloha
2014-07-20 13:10:48 ----D---- C:\Program Files (x86)\AIMP3
2014-07-19 12:30:37 ----D---- C:\Program Files (x86)\Steam
2014-07-16 16:32:09 ----RSD---- C:\Windows\Fonts
2014-07-15 18:18:59 ----RSD---- C:\Windows\assembly
2014-07-15 17:21:23 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-07-15 17:21:17 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-07-15 14:04:23 ----D---- C:\ProgramData\Package Cache
2014-07-15 14:03:58 ----D---- C:\Program Files (x86)\Avira
2014-07-12 17:10:17 ----D---- C:\Users\Dana\AppData\Roaming\Skype
2014-07-11 14:28:48 ----D---- C:\Windows\inf
2014-07-11 14:28:31 ----D---- C:\Windows\system32\catroot
2014-07-11 14:28:30 ----D---- C:\Windows\system32\DriverStore
2014-07-11 14:28:12 ----D---- C:\Windows\system32\catroot2
2014-07-10 12:02:20 ----D---- C:\MCLAN
2014-07-10 09:00:36 ----D---- C:\Windows\winsxs
2014-07-10 00:38:06 ----D---- C:\Program Files\Windows Journal
2014-07-10 00:38:05 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-10 00:38:04 ----D---- C:\Windows\system32\Dism
2014-07-10 00:38:02 ----D---- C:\Windows\System32
2014-07-10 00:38:02 ----D---- C:\Windows\ehome
2014-07-10 00:38:00 ----D---- C:\Windows\system32\en-US
2014-07-10 00:38:00 ----D---- C:\Windows\system32\cs-CZ
2014-07-10 00:38:00 ----D---- C:\Program Files\Internet Explorer
2014-07-10 00:37:58 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-10 00:37:54 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 12:19:10 ----D---- C:\Windows\system32\MRT
2014-07-09 12:10:45 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 11:32:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-04 11:31:43 ----D---- C:\Windows\Microsoft.NET
2014-07-04 10:18:54 ----D---- C:\Program Files (x86)\FlashIntegro
2014-07-04 10:17:04 ----D---- C:\Program Files (x86)\Free Video Cutter
2014-07-04 10:11:40 ----D---- C:\Program Files\CCleaner
2014-07-04 09:58:53 ----D---- C:\Program Files (x86)\EA GAMES
2014-07-04 09:45:19 ----D---- C:\Windows\system32\Tasks
2014-07-03 15:37:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-03 15:05:39 ----SD---- C:\ProgramData\Microsoft
2014-07-03 15:05:35 ----D---- C:\Program Files (x86)\Microsoft Expression
2014-07-03 14:53:10 ----D---- C:\ProgramData\Ubisoft
2014-07-03 14:47:06 ----D---- C:\Program Files (x86)\Lightworks
2014-07-03 14:46:30 ----D---- C:\Program Files (x86)\eRightSoft
2014-06-30 12:31:43 ----D---- C:\Program Files (x86)\PROFIT
2014-06-29 10:11:36 ----D---- C:\Users\Dana\AppData\Roaming\inkscape
2014-06-29 10:08:33 ----RD---- C:\Program Files
2014-06-28 14:04:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-27 17:46:07 ----D---- C:\Program Files\OBS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-06-03 130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-07 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-04-24 450968]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-06-24 117712]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2011-09-16 72216]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2013-12-13 51496]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2011-09-16 11552]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 36720]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-07-03 18456]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-06-02 1207808]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2013-04-18 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2013-06-28 36352]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2013-11-27 42016]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-12-06 35232]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2011-11-04 117040]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-06-24 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-06-24 430160]
R2 Apache2.4;Apache2.4; C:\xampp\apache\bin\httpd.exe [2013-02-23 22016]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-07-07 141392]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-07-21 2544976]
R2 chromoting;@C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_core.dll,-101; C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe [2014-06-26 51016]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-07-16 377616]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-12-13 194416]
R2 mysql;mysql; C:\xampp\mysql\bin\mysqld.exe [2013-05-16 8151040]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-15 76888]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-07-03 1228504]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-07-03 660184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-04-25 3592120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-29 1255736]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2012-09-24 147368]
S4 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2011-09-16 407424]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-10-22 1149104]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920]

-----------------EOF-----------------

[Márty84]

Davejte prosim logy tady, lepe se s tim pak pracuje


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[ninja_girl]

Tady je log. Ten předtím se mi nechtěl c&p celý.

ComboFix 14-07-22.01 - Dana 23.07.2014 14:06:31.5.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.1545 [GMT 2:00]
Spuštěný z: c:\users\Dana\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dana\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-23 do 2014-07-23 )))))))))))))))))))))))))))))))
.
.
2014-07-23 12:18 . 2014-07-23 12:18 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-23 12:18 . 2014-07-23 12:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-23 09:59 . 2014-07-23 11:30 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-23 09:42 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-23 08:51 . 2014-07-23 08:53 -------- d-----w- C:\FRST
2014-07-23 07:02 . 2014-07-23 09:46 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{20106FD1-AFA7-4681-BC74-BCA1510CC3AF}\offreg.dll
2014-07-23 06:02 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{20106FD1-AFA7-4681-BC74-BCA1510CC3AF}\mpengine.dll
2014-07-23 05:54 . 2014-07-23 05:54 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-07-17 13:02 . 2014-07-17 13:02 -------- d-----w- c:\users\Dana\AppData\Roaming\LG Electronics
2014-07-15 16:18 . 2014-07-15 16:18 -------- d-----w- c:\program files (x86)\Microsoft XNA
2014-07-11 12:29 . 2014-07-11 12:29 -------- d-----w- c:\users\Dana\AppData\Local\LG Electronics
2014-07-11 12:26 . 2014-07-11 12:28 -------- d-----w- c:\program files (x86)\LG Electronics
2014-07-09 06:34 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-09 06:34 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-09 06:34 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-09 06:34 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 06:34 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 06:32 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 06:32 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 06:32 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-08 06:59 . 2014-07-23 09:50 -------- d-----r- c:\users\Dana\Dropbox
2014-07-08 06:57 . 2014-07-23 09:50 -------- d-----w- c:\users\Dana\AppData\Roaming\Dropbox
2014-07-06 12:44 . 2014-07-06 13:22 -------- d-----w- c:\users\Dana\AppData\Roaming\Notepad++
2014-07-06 12:44 . 2014-07-06 12:44 -------- d-----w- c:\program files (x86)\Notepad++
2014-07-04 08:41 . 2014-07-04 08:41 -------- d-----w- c:\users\Public\Foxit Software
2014-06-29 08:08 . 2014-06-29 08:09 -------- d-----w- c:\program files\Inkscape-0.48
2014-06-26 12:55 . 2014-07-03 12:46 -------- d-----w- c:\users\Dana\AppData\Roaming\PilotEdit
2014-06-26 12:55 . 2014-07-03 12:46 -------- d-----w- c:\program files\PilotEdit x64
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-17 12:33 . 2013-05-07 12:49 42040 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-15 15:21 . 2012-06-13 16:29 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-07-15 15:21 . 2014-05-25 13:17 281392 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-07-15 15:21 . 2012-06-13 16:29 281392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-09 10:10 . 2011-09-29 08:08 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 09:32 . 2012-12-01 09:37 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 09:32 . 2012-12-01 09:37 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-24 11:50 . 2013-03-25 15:00 117712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-23 15:02 . 2012-06-13 16:29 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-06-03 12:56 . 2013-03-25 15:00 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-30 07:52 . 2014-07-09 06:33 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-29 23:07 . 2014-06-02 16:00 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-05-29 23:07 . 2013-10-29 11:31 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07 . 2014-06-02 16:00 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-05-29 23:07 . 2013-10-29 11:31 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-20 02:44 . 2014-06-02 16:11 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2014-05-20 02:44 . 2014-06-02 16:11 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-05-20 02:44 . 2014-06-02 16:11 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2014-06-02 16:11 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2014-06-02 16:11 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2014-05-20 02:44 . 2014-06-02 16:11 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2014-05-20 02:44 . 2014-06-02 16:11 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-05-20 02:44 . 2014-06-02 16:11 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-05-20 02:44 . 2014-06-02 16:11 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2014-05-20 02:44 . 2014-06-02 16:11 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-05-20 02:44 . 2014-06-02 16:11 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-05-20 02:44 . 2014-06-02 16:11 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-05-20 02:44 . 2014-06-02 16:11 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-06-02 16:11 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2014-06-02 16:11 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
2014-05-20 02:44 . 2014-06-02 16:11 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-05-20 02:44 . 2014-06-02 16:11 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-05-20 02:44 . 2014-06-02 16:11 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2014-05-20 02:44 . 2014-06-02 16:11 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-05-20 02:44 . 2014-06-02 16:11 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-05-20 02:44 . 2014-04-16 08:01 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2014-04-16 08:01 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2014-04-16 08:01 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2014-04-16 08:01 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2014-04-16 08:01 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2014-04-16 07:49 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2014-04-16 07:49 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-05-20 01:25 . 2014-04-16 07:50 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2014-04-16 07:50 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2014-04-16 07:50 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2014-04-16 07:50 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2014-04-16 07:50 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2014-04-16 07:50 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-19 23:10 . 2014-06-02 16:18 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-14 23:49 . 2014-06-02 16:17 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-12 17:05 . 2014-05-12 17:06 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-12 17:05 . 2014-05-12 17:05 189352 ----a-w- c:\windows\system32\javaw.exe
2014-05-12 17:05 . 2014-05-12 17:05 189352 ----a-w- c:\windows\system32\java.exe
2014-05-12 17:05 . 2014-05-12 17:05 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-09 06:14 . 2014-05-14 07:06 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 07:06 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-08 09:32 . 2014-06-12 07:04 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:32 . 2014-06-12 07:04 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-25 02:34 . 2014-06-12 07:04 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-12 07:04 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-04-24 21:03 . 2011-05-07 16:51 450968 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2009-09-27 07:39 369152 --sh--w- c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
2004-02-22 08:11 719872 --sh--w- c:\windows\SysWOW64\devil.dll
2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\i420vfw.dll
2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\yv12vfw.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2014-04-24 137352]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 2171904]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-07 189520]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-07-21 3816784]
.
c:\users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-21 35464216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
OnTranslator.lnk - c:\program files (x86)\OnTranslator.com\OnTranslator.exe /h [2012-12-29 1085440]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-7-3 563416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 XAMPP;XAMPP Service;c:\xampp\service.exe;c:\xampp\service.exe [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Apache2.4;Apache2.4;c:\xampp\apache\bin\httpd.exe;c:\xampp\apache\bin\httpd.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-01 09:32]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 11:51]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 11:51]
.
2014-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1602808253-430055931-27258192-1001Core.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 20:03]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1602808253-430055931-27258192-1001UA.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 20:03]
.
2014-07-22 c:\windows\Tasks\ParetoLogic Registration.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = localhost; 127.0.0.1; <local>
IE: Copy to Semagic - c:\program files (x86)\Semagic\copy.htm
IE: Semagic - c:\program files (x86)\Semagic\link.htm
FF - ProfilePath - c:\users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
------- Asociace souborů -------
.
txtfile="c:\program files (x86)\PSPad editor\PSPad.exe" "%1"
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91} - c:\program files (x86)\Corel\CorelDRAW Graphics Suite 13\Programs\MSILauncher {7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
c:\program files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PSIService.exe
.
**************************************************************************
.
Celkový čas: 2014-07-23 14:37:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-23 12:37
.
Před spuštěním: Volných bajtů: 233 962 123 264
Po spuštění: Volných bajtů: 233 739 943 936
.
- - End Of File - - 4F15B6C813133241FE37DCC1FE3FAB6D
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Vypnete trvale Windows Defender

Pokud jeste v pc je, odinstalujte Spyware Terminatora.


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\system32\DRIVERS\stflt.sys
c:\windows\SYSNATIVE\DRIVERS\stflt.sys

Folder::
c:\program files (x86)\Spyware Terminator

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Xvid"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

Driver::
SkypeUpdate
MBAMSwissArmy
ST2012_Svc
sp_rsdrv2

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[ninja_girl]

ComboFix 14-07-22.01 - Dana 23.07.2014 17:01:34.6.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.1963 [GMT 2:00]
Spuštěný z: c:\users\Dana\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Dana\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\DRIVERS\stflt.sys"
"c:\windows\system32\DRIVERS\stflt.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Spyware Terminator
c:\users\Dana\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MBAMSWISSARMY
-------\Legacy_SP_RSDRV2
-------\Service_MBAMSwissArmy
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-23 do 2014-07-23 )))))))))))))))))))))))))))))))
.
.
2014-07-23 15:13 . 2014-07-23 15:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-23 15:13 . 2014-07-23 15:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-23 09:59 . 2014-07-23 11:30 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-23 09:42 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-23 08:51 . 2014-07-23 08:53 -------- d-----w- C:\FRST
2014-07-23 07:02 . 2014-07-23 09:46 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{20106FD1-AFA7-4681-BC74-BCA1510CC3AF}\offreg.dll
2014-07-23 06:02 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{20106FD1-AFA7-4681-BC74-BCA1510CC3AF}\mpengine.dll
2014-07-23 05:54 . 2014-07-23 05:54 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-07-17 13:02 . 2014-07-17 13:02 -------- d-----w- c:\users\Dana\AppData\Roaming\LG Electronics
2014-07-15 16:18 . 2014-07-15 16:18 -------- d-----w- c:\program files (x86)\Microsoft XNA
2014-07-11 12:29 . 2014-07-11 12:29 -------- d-----w- c:\users\Dana\AppData\Local\LG Electronics
2014-07-11 12:26 . 2014-07-11 12:28 -------- d-----w- c:\program files (x86)\LG Electronics
2014-07-09 06:34 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-09 06:34 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-09 06:34 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-09 06:34 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 06:34 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 06:32 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 06:32 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 06:32 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-08 06:59 . 2014-07-23 14:57 -------- d-----r- c:\users\Dana\Dropbox
2014-07-08 06:57 . 2014-07-23 14:57 -------- d-----w- c:\users\Dana\AppData\Roaming\Dropbox
2014-07-06 12:44 . 2014-07-06 13:22 -------- d-----w- c:\users\Dana\AppData\Roaming\Notepad++
2014-07-06 12:44 . 2014-07-06 12:44 -------- d-----w- c:\program files (x86)\Notepad++
2014-07-04 08:41 . 2014-07-04 08:41 -------- d-----w- c:\users\Public\Foxit Software
2014-06-29 08:08 . 2014-06-29 08:09 -------- d-----w- c:\program files\Inkscape-0.48
2014-06-26 12:55 . 2014-07-03 12:46 -------- d-----w- c:\users\Dana\AppData\Roaming\PilotEdit
2014-06-26 12:55 . 2014-07-03 12:46 -------- d-----w- c:\program files\PilotEdit x64
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-17 12:33 . 2013-05-07 12:49 42040 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-15 15:21 . 2012-06-13 16:29 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-07-15 15:21 . 2014-05-25 13:17 281392 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-07-15 15:21 . 2012-06-13 16:29 281392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-09 10:10 . 2011-09-29 08:08 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 09:32 . 2012-12-01 09:37 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 09:32 . 2012-12-01 09:37 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-24 11:50 . 2013-03-25 15:00 117712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-23 15:02 . 2012-06-13 16:29 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-06-03 12:56 . 2013-03-25 15:00 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-30 07:52 . 2014-07-09 06:33 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-29 23:07 . 2014-06-02 16:00 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-05-29 23:07 . 2013-10-29 11:31 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07 . 2014-06-02 16:00 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-05-29 23:07 . 2013-10-29 11:31 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-20 02:44 . 2014-06-02 16:11 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2014-05-20 02:44 . 2014-06-02 16:11 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-05-20 02:44 . 2014-06-02 16:11 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2014-06-02 16:11 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2014-06-02 16:11 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2014-05-20 02:44 . 2014-06-02 16:11 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2014-05-20 02:44 . 2014-06-02 16:11 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-05-20 02:44 . 2014-06-02 16:11 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-05-20 02:44 . 2014-06-02 16:11 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2014-05-20 02:44 . 2014-06-02 16:11 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-05-20 02:44 . 2014-06-02 16:11 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-05-20 02:44 . 2014-06-02 16:11 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-05-20 02:44 . 2014-06-02 16:11 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-06-02 16:11 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2014-06-02 16:11 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
2014-05-20 02:44 . 2014-06-02 16:11 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-05-20 02:44 . 2014-06-02 16:11 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-05-20 02:44 . 2014-06-02 16:11 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2014-05-20 02:44 . 2014-06-02 16:11 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-05-20 02:44 . 2014-06-02 16:11 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-05-20 02:44 . 2014-04-16 08:01 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2014-04-16 08:01 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2014-04-16 08:01 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2014-04-16 08:01 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2014-04-16 08:01 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2014-04-16 07:49 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2014-04-16 07:49 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-05-20 01:25 . 2014-04-16 07:50 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2014-04-16 07:50 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2014-04-16 07:50 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2014-04-16 07:50 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2014-04-16 07:50 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2014-04-16 07:50 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-19 23:10 . 2014-06-02 16:18 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-14 23:49 . 2014-06-02 16:17 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-12 17:05 . 2014-05-12 17:06 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-12 17:05 . 2014-05-12 17:05 189352 ----a-w- c:\windows\system32\javaw.exe
2014-05-12 17:05 . 2014-05-12 17:05 189352 ----a-w- c:\windows\system32\java.exe
2014-05-12 17:05 . 2014-05-12 17:05 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-09 06:14 . 2014-05-14 07:06 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 07:06 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-08 09:32 . 2014-06-12 07:04 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:32 . 2014-06-12 07:04 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-25 02:34 . 2014-06-12 07:04 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-12 07:04 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-04-24 21:03 . 2011-05-07 16:51 450968 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2009-09-27 07:39 369152 --sh--w- c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
2004-02-22 08:11 719872 --sh--w- c:\windows\SysWOW64\devil.dll
2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\i420vfw.dll
2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\yv12vfw.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2014-04-24 137352]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 2171904]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-07 189520]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-07-21 3816784]
.
c:\users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-21 35464216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
OnTranslator.lnk - c:\program files (x86)\OnTranslator.com\OnTranslator.exe /h [2012-12-29 1085440]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-7-3 563416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 XAMPP;XAMPP Service;c:\xampp\service.exe;c:\xampp\service.exe [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Apache2.4;Apache2.4;c:\xampp\apache\bin\httpd.exe;c:\xampp\apache\bin\httpd.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-01 09:32]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 11:51]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 11:51]
.
2014-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1602808253-430055931-27258192-1001Core.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 20:03]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1602808253-430055931-27258192-1001UA.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 20:03]
.
2014-07-22 c:\windows\Tasks\ParetoLogic Registration.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = localhost; 127.0.0.1; <local>
IE: Copy to Semagic - c:\program files (x86)\Semagic\copy.htm
IE: Semagic - c:\program files (x86)\Semagic\link.htm
FF - ProfilePath - c:\users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\1ggffnvb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91} - c:\program files (x86)\Corel\CorelDRAW Graphics Suite 13\Programs\MSILauncher {7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
c:\program files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PSIService.exe
.
**************************************************************************
.
Celkový čas: 2014-07-23 17:23:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-23 15:23
ComboFix2.txt 2014-07-23 12:37
.
Před spuštěním: Volných bajtů: 233 518 616 576
Po spuštění: Volných bajtů: 233 278 337 024
.
- - End Of File - - 352ADCF31ADD1E53CBA42DDFE0C906E9
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Dejte novy log z RSIT

[ninja_girl]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dana at 2014-07-23 22:59:04
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 217 GB (46%) free of 477 GB
Total RAM: 4095 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:59:20, on 23.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Trillian\trillian.exe
c:\program files (x86)\trillian\plugins\skypekit.exe
C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXIT READER.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files\trend micro\Dana.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost; 127.0.0.1; <local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Dropbox.lnk = C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: OnTranslator.lnk = C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Copy to Semagic - C:\Program Files (x86)\Semagic\copy.htm
O8 - Extra context menu item: Semagic - C:\Program Files (x86)\Semagic\link.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com.tw/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apache2.4 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

--
End of file - 12563 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\xampp\apache\bin\httpd.exe" -k runservice
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe" --type=host --daemon-pipe=384
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
C:\xampp\mysql\bin\mysqld.exe --defaults-file=C:\xampp\mysql\bin\my.ini mysql
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PSIService.exe
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
WLIDSvcM.exe 2628
C:\xampp\apache\bin\httpd.exe -d C:/xampp/apache
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000774
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 9222bd9e-d09b-4682-8069-9bab272a6cff 1
\??\C:\Windows\system32\conhost.exe "605596003126506822512694474881666200540412524252028745577-45738-510386313
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d42603c0-ec79-41c3-8c3a-6b8358c2b31c -SystemEventPortName:HostProcess-9b1b3511-2ce5-4c7a-8c04-36351c705665 -IoCancelEventPortName:HostProcess-a2a336be-78e6-4b0b-b181-c70948ab93d7 -NonStateChangingEventPortName:HostProcess-2710ad8d-e26c-41ad-bc5c-02027e554c56 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:43dda332-1b51-4840-9e43-f10ecaff691b -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe" /h
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "6042440091364554180894892683424804036-11277085381649722022-929320884-105831686
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"
"C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding
"C:\Program Files (x86)\Trillian\trillian.exe"
skypekit.exe -p "51810" -f "c:\users\dana\appdata\roaming\trillian\users\dana%2esvedova\skype"
"C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXIT READER.EXE" "C:\Users\Dana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8A5QOGC8\nausnice logo - krivky.pdf"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=912.35ee99d0.177776780 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 912 "\\.\pipe\gecko-crash-server-pipe.912" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash1360.54F70D80.15013 --host-broker-channel=Flash1360.54F70D80.21526 --host-pid=1360 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=6516.0035F420.1156561963 --proxy-stub-channel=Flash1360.54F70D80.15013 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\AUDIODG.EXE 0x9d4
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Dana\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-12 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-12 211368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7}]
ChromeFrame BHO - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02 2215240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22 289168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-06-24 750160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-28 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-09-16 57928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-07-21 3816784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
C:\PROGRA~2\APACHE~1\Apache2.2\bin\APACHE~1.EXE [2012-01-28 41051]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-04-25 137352]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-06-05 2171904]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-06-24 750160]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-07-07 189520]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-07-21 3816784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
OnTranslator.lnk - C:\Program Files (x86)\OnTranslator.com\OnTranslator.exe
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave4"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======



.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2014-07-23 17:23:42 ----A---- C:\ComboFix.txt
2014-07-23 17:17:33 ----D---- C:\$RECYCLE.BIN
2014-07-23 17:13:50 ----D---- C:\Windows\temp
2014-07-23 14:04:04 ----A---- C:\Windows\zip.exe
2014-07-23 14:04:04 ----A---- C:\Windows\SWSC.exe
2014-07-23 14:04:04 ----A---- C:\Windows\SWREG.exe
2014-07-23 14:04:04 ----A---- C:\Windows\sed.exe
2014-07-23 14:04:04 ----A---- C:\Windows\PEV.exe
2014-07-23 14:04:04 ----A---- C:\Windows\NIRCMD.exe
2014-07-23 14:04:04 ----A---- C:\Windows\MBR.exe
2014-07-23 14:04:04 ----A---- C:\Windows\grep.exe
2014-07-23 14:03:54 ----D---- C:\Qoobox
2014-07-23 11:59:05 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-23 11:42:23 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-23 10:51:08 ----D---- C:\FRST
2014-07-23 10:46:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-23 07:54:24 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-07-23 00:03:18 ----D---- C:\ProgramData\Google
2014-07-17 15:02:21 ----D---- C:\Users\Dana\AppData\Roaming\LG Electronics
2014-07-15 18:18:34 ----D---- C:\Program Files (x86)\Microsoft XNA
2014-07-11 14:26:32 ----D---- C:\Program Files (x86)\LG Electronics
2014-07-09 08:33:54 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 08:33:54 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 08:33:54 ----A---- C:\Windows\system32\osk.exe
2014-07-09 08:33:53 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 08:33:53 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 08:33:52 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 08:33:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-09 08:33:45 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 08:33:45 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-09 08:33:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 08:33:44 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 08:33:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 08:33:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 08:33:36 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 08:33:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 08:33:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 08:33:35 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:33:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 08:33:35 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 08:33:35 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 08:33:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 08:33:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 08:33:34 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 08:33:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:33:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 08:33:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 08:33:33 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 08:33:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 08:33:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 08:33:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 08:33:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 08:33:32 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 08:33:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 08:33:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 08:33:32 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 08:33:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 08:33:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 08:33:30 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 08:33:30 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 08:33:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 08:33:28 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 08:33:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 08:33:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 08:33:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 08:33:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 08:33:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 08:33:27 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 08:33:27 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 08:33:26 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 08:33:26 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 08:33:26 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 08:33:26 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 08:33:26 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 08:33:25 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 08:33:25 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 08:33:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 08:33:24 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 08:33:24 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 08:32:54 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-09 08:32:53 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 08:32:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 08:57:19 ----D---- C:\Users\Dana\AppData\Roaming\Dropbox
2014-07-06 14:44:51 ----D---- C:\Users\Dana\AppData\Roaming\Notepad++
2014-07-06 14:44:51 ----D---- C:\Program Files (x86)\Notepad++
2014-06-29 10:08:33 ----D---- C:\Program Files\Inkscape-0.48
2014-06-26 14:55:51 ----D---- C:\Users\Dana\AppData\Roaming\PilotEdit
2014-06-26 14:55:49 ----D---- C:\Program Files\PilotEdit x64

======List of files/folders modified in the last 1 month======

2014-07-23 22:59:20 ----D---- C:\Windows\Prefetch
2014-07-23 22:59:17 ----D---- C:\Program Files\trend micro
2014-07-23 20:24:06 ----D---- C:\Users\Dana\AppData\Roaming\OnTranslator
2014-07-23 19:48:10 ----D---- C:\ProgramData\NVIDIA
2014-07-23 19:47:12 ----D---- C:\Windows\system32\config
2014-07-23 19:46:51 ----D---- C:\Program Files (x86)\Trillian
2014-07-23 17:29:57 ----D---- C:\Windows\Internet Logs
2014-07-23 17:23:45 ----D---- C:\Windows\system32\drivers
2014-07-23 17:17:35 ----D---- C:\Windows
2014-07-23 17:17:35 ----A---- C:\Windows\system.ini
2014-07-23 17:17:30 ----D---- C:\Windows\system32\drivers\etc
2014-07-23 17:17:01 ----D---- C:\Windows\system32\catroot2
2014-07-23 17:13:55 ----D---- C:\Windows\erdnt
2014-07-23 17:13:12 ----RD---- C:\Program Files (x86)
2014-07-23 17:09:21 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-23 17:09:21 ----D---- C:\Windows\SysWOW64
2014-07-23 17:09:21 ----D---- C:\Windows\AppPatch
2014-07-23 17:09:20 ----D---- C:\Program Files (x86)\Common Files
2014-07-23 16:50:26 ----D---- C:\Users\Dana\AppData\Roaming\AIMP3
2014-07-23 16:50:16 ----D---- C:\ProgramData
2014-07-23 14:14:00 ----D---- C:\ProgramData\Temp
2014-07-23 13:37:40 ----D---- C:\rsit
2014-07-23 12:38:07 ----D---- C:\Users\Dana\AppData\Roaming\.minecraft
2014-07-23 11:59:05 ----D---- C:\ProgramData\Malwarebytes
2014-07-23 11:47:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 11:45:59 ----D---- C:\AdwCleaner
2014-07-23 08:59:34 ----D---- C:\Windows\system32\NDF
2014-07-23 08:02:16 ----SHD---- C:\System Volume Information
2014-07-23 07:55:24 ----SHD---- C:\Windows\Installer
2014-07-23 00:02:02 ----D---- C:\Program Files (x86)\Google
2014-07-22 18:30:21 ----D---- C:\Users\Dana\AppData\Roaming\FileZilla
2014-07-22 11:33:07 ----D---- C:\de-zaloha
2014-07-20 13:10:48 ----D---- C:\Program Files (x86)\AIMP3
2014-07-19 12:30:37 ----D---- C:\Program Files (x86)\Steam
2014-07-16 16:32:09 ----RSD---- C:\Windows\Fonts
2014-07-15 18:18:59 ----RSD---- C:\Windows\assembly
2014-07-15 17:21:23 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-07-15 17:21:17 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-07-15 14:04:23 ----D---- C:\ProgramData\Package Cache
2014-07-15 14:03:58 ----D---- C:\Program Files (x86)\Avira
2014-07-12 17:10:17 ----D---- C:\Users\Dana\AppData\Roaming\Skype
2014-07-11 14:28:48 ----D---- C:\Windows\inf
2014-07-11 14:28:31 ----D---- C:\Windows\system32\catroot
2014-07-11 14:28:30 ----D---- C:\Windows\system32\DriverStore
2014-07-10 12:02:20 ----D---- C:\MCLAN
2014-07-10 09:00:36 ----D---- C:\Windows\winsxs
2014-07-10 00:38:06 ----D---- C:\Program Files\Windows Journal
2014-07-10 00:38:05 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-10 00:38:04 ----D---- C:\Windows\system32\Dism
2014-07-10 00:38:02 ----D---- C:\Windows\System32
2014-07-10 00:38:02 ----D---- C:\Windows\ehome
2014-07-10 00:38:00 ----D---- C:\Windows\system32\en-US
2014-07-10 00:38:00 ----D---- C:\Windows\system32\cs-CZ
2014-07-10 00:38:00 ----D---- C:\Program Files\Internet Explorer
2014-07-10 00:37:58 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-10 00:37:54 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 12:19:10 ----D---- C:\Windows\system32\MRT
2014-07-09 12:10:45 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 11:32:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-04 11:31:43 ----D---- C:\Windows\Microsoft.NET
2014-07-04 10:18:54 ----D---- C:\Program Files (x86)\FlashIntegro
2014-07-04 10:17:04 ----D---- C:\Program Files (x86)\Free Video Cutter
2014-07-04 10:11:40 ----D---- C:\Program Files\CCleaner
2014-07-04 09:58:53 ----D---- C:\Program Files (x86)\EA GAMES
2014-07-04 09:45:19 ----D---- C:\Windows\system32\Tasks
2014-07-03 15:37:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-03 15:05:39 ----SD---- C:\ProgramData\Microsoft
2014-07-03 15:05:35 ----D---- C:\Program Files (x86)\Microsoft Expression
2014-07-03 14:53:10 ----D---- C:\ProgramData\Ubisoft
2014-07-03 14:47:06 ----D---- C:\Program Files (x86)\Lightworks
2014-07-03 14:46:30 ----D---- C:\Program Files (x86)\eRightSoft
2014-06-30 12:31:43 ----D---- C:\Program Files (x86)\PROFIT
2014-06-29 10:11:36 ----D---- C:\Users\Dana\AppData\Roaming\inkscape
2014-06-29 10:08:33 ----RD---- C:\Program Files
2014-06-28 14:04:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-27 17:46:07 ----D---- C:\Program Files\OBS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======


R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-06-03 130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-07 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-04-24 450968]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-06-24 117712]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2011-09-16 72216]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2011-09-16 11552]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 36720]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-07-03 18456]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-06-02 1207808]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2013-04-18 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2013-06-28 36352]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2013-11-27 42016]
S3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-12-06 35232]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2011-11-04 117040]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-06-24 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-06-24 430160]
R2 Apache2.4;Apache2.4; C:\xampp\apache\bin\httpd.exe [2013-02-23 22016]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-07-07 141392]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-07-21 2544976]
R2 chromoting;@C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_core.dll,-101; C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe [2014-06-26 51016]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-07-16 377616]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-12-13 194416]
R2 mysql;mysql; C:\xampp\mysql\bin\mysqld.exe [2013-05-16 8151040]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-15 76888]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-07-03 1228504]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-07-03 660184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-04-25 3592120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-24 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-29 1255736]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2012-09-24 147368]
S4 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2011-09-16 407424]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920]

-----------------EOF-----------------

[Márty84]

Funguje vam Avira jak ma? ComboFixu se porad nelibi nejaka jeji soucast


Jeste jeden sken a budem mazat


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).