VIRY.CZ

Zdravím. Poprosím kontrolu logu. Po vložení USB kľúča a kopírovaní naň, detekuje AVGfree napadnutie aj ke´d dám chrániť, tak vytvorí z kopírovaného adresára súbor s príponou *.lnk . Ak na kľúči všetko zmažem, tak chvílinku to je čisté a zrazu sa tam objaví súbor happy.vbs. Včera kým som došiel na toto fórum som preskenoval systém MAM a robí to aj tak. Sken som spustil tak, že so dal kompletnú kontrolu a v PC som mal propojené 1xexterný HDD a 3xUSB kľúč. Na externom HDD sa to zatiaľ neprejavuje.
Sú tie kľúče napadnuté? T.j. šíritelia? Mám ich bokom, kým nevyriešim problém.
Vopred ďakujem za pomoc.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavol at 2014-07-25 06:50:10
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 55 GB (23%) free of 244 GB
Total RAM: 8190 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:50:16, on 25. 7. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\BENCHMARK\AIDA64 Extreme Edition\aida64.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\trend micro\Pavol.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
O4 - HKLM\..\Run: [happy] wscript.exe //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [happy] wscript.exe //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: happy.vbs
O4 - Startup: MultiSkypeLauncher.lnk = C:\Program Files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10805 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=2d779a1f-f6f0-4570-b9bd-511664a3ad51 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\20dfa476-393b-423b-bb42-b613ece7da22-150-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
"C:\Windows\System32\wscript.exe" //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
crypserv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\system32\svchost.exe -k imgsvc
ctfmon.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
WLIDSvcM.exe 3144
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /secondary /username=samanus97 /password=kresco2013 /minimized
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {54FCB784-585D-464A-ABD5-23D11EA09E31}
"C:\Program Files (x86)\BENCHMARK\AIDA64 Extreme Edition\aida64.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c471658d-5484-4b04-a755-052cfea8f542 -SystemEventPortName:HostProcess-79605f07-6f6d-4e52-a0f0-ae959a353567 -IoCancelEventPortName:HostProcess-7c1ebfbf-a814-437c-80da-2e4a8227090a -NonStateChangingEventPortName:HostProcess-706d38e7-42c6-4dfb-a0ad-01cf7b62ebf8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4487ea6b-6788-4366-ace9-1e8c423f3a85 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\Windows\splwow64.exe 12288
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Pavol\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-22 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-22 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"happy"=wscript.exe //B C:\Users\Pavol\AppData\Local\Temp\happy.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"happy"=wscript.exe //B C:\Users\Pavol\AppData\Local\Temp\happy.vbs []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-06-17 5179408]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2013-03-29 2081792]
"happy"=wscript.exe //B C:\Users\Pavol\AppData\Local\Temp\happy.vbs []

C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
happy.vbs
MultiSkypeLauncher.lnk - C:\Program Files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"TaskbarNoNotification"=0
"HideSCAHealth"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"TaskbarNoNotification"=0
"HideSCAHealth"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-07-25 06:50:10 ----D---- C:\rsit
2014-07-25 06:50:10 ----D---- C:\Program Files\trend micro
2014-07-24 20:38:35 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-07-24 20:38:13 ----D---- C:\ProgramData\Malwarebytes
2014-07-24 20:38:13 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 20:38:13 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-07-24 20:38:13 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-07-24 20:38:13 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-07-24 20:22:36 ----A---- C:\Windows\OutLog.txt
2014-07-24 19:08:37 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-24 19:08:13 ----D---- C:\AdwCleaner
2014-07-23 17:23:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-07-23 10:30:19 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-07-21 11:21:45 ----D---- C:\Users\Pavol\AppData\Roaming\.crazycraft2
2014-07-21 11:21:10 ----D---- C:\Users\Pavol\AppData\Roaming\.dreamcraft
2014-07-21 11:21:09 ----D---- C:\Users\Pavol\AppData\Roaming\.crazycraft
2014-07-12 10:54:44 ----A---- C:\Windows\SYSWOW64\setupempdrv03.exe
2014-07-12 10:54:44 ----A---- C:\Windows\SYSWOW64\EuGdiDrv.sys
2014-07-12 10:54:44 ----A---- C:\Windows\SYSWOW64\EuEpmGdi.dll
2014-07-12 10:54:44 ----A---- C:\Windows\SYSWOW64\epmntdrv.sys
2014-07-12 10:54:44 ----A---- C:\Windows\SYSWOW64\BootMan.exe
2014-07-12 10:54:44 ----A---- C:\Windows\system32\setupempdrvx64.exe
2014-07-12 10:54:44 ----A---- C:\Windows\system32\EuGdiDrv.sys
2014-07-12 10:54:44 ----A---- C:\Windows\system32\EuEpmGdi.dll
2014-07-12 10:54:44 ----A---- C:\Windows\system32\epmntdrv.sys
2014-07-12 10:54:44 ----A---- C:\Windows\system32\BootMan.exe
2014-07-12 10:54:37 ----D---- C:\Program Files (x86)\EaseUS
2014-07-09 20:06:53 ----D---- C:\ProgramData\ATI
2014-07-09 20:06:51 ----D---- C:\Program Files (x86)\AMD AVT
2014-07-09 20:06:50 ----D---- C:\Program Files (x86)\AMD APP
2014-07-09 20:06:47 ----D---- C:\Program Files\Common Files\ATI Technologies
2014-07-09 20:05:52 ----D---- C:\Program Files (x86)\ATI Technologies
2014-07-09 18:26:52 ----D---- C:\Program Files\ATI Technologies
2014-07-09 16:00:14 ----D---- C:\Program Files (x86)\Futuremark
2014-07-09 15:59:24 ----D---- C:\Users\Pavol\AppData\Roaming\InstallShield
2014-07-09 10:27:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 10:27:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 10:27:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 10:27:16 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 10:27:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 10:27:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 10:27:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 10:27:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 10:27:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 10:27:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 10:27:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:27:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 10:27:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 10:27:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 10:27:14 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 10:27:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 10:27:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 10:27:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 10:27:13 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 10:27:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 10:27:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 10:27:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:27:13 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 10:27:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 10:27:12 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 10:27:12 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 10:27:12 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 10:27:11 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 10:27:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 10:27:10 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 10:27:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 10:27:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 10:27:10 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 10:27:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 10:27:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 10:27:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 10:27:10 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 10:27:09 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 10:27:09 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 10:27:09 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 10:27:08 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:27:08 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 10:27:08 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 10:27:08 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 10:27:08 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 10:27:07 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 10:27:07 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 10:27:07 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 10:27:07 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 10:27:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 10:27:06 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 10:27:06 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 10:20:20 ----A---- C:\Windows\system32\aepdu.dll
2014-07-09 10:20:19 ----A---- C:\Windows\system32\aeinv.dll
2014-07-09 10:19:52 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 10:19:52 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 10:19:52 ----A---- C:\Windows\system32\osk.exe
2014-07-09 10:19:33 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 10:19:33 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 10:19:28 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 10:18:52 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-09 10:18:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-09 10:18:52 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-09 10:18:52 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-09 10:18:52 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-09 10:18:52 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-09 10:18:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-09 10:18:52 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 10:18:52 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 10:18:52 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 10:18:52 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 10:18:52 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 10:18:52 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 10:18:52 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 10:12:37 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-09 10:12:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 10:12:36 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 14:24:30 ----A---- C:\Windows\system32\drivers\AtiPcie.sys
2014-07-08 14:24:01 ----A---- C:\Windows\Language_trs.ini
2014-07-08 11:28:01 ----D---- C:\Windows\SYSWOW64\drivers\sk-SK
2014-07-08 11:28:00 ----D---- C:\Windows\sk-SK
2014-07-08 11:27:57 ----D---- C:\Windows\system32\drivers\sk-SK
2014-07-05 10:07:28 ----D---- C:\Log
2014-07-05 10:07:28 ----A---- C:\Windows\spwdr.INI
2014-07-05 10:07:21 ----A---- C:\Windows\Crypkey.ini
2014-07-05 10:07:18 ----RA---- C:\Windows\Setup_ck.exe
2014-07-05 10:07:18 ----A---- C:\Windows\system32\Crypserv.exe
2014-07-05 10:07:18 ----A---- C:\Windows\system32\Ckldrv.sys
2014-07-05 10:07:18 ----A---- C:\Windows\Setup_ck.dll
2014-07-05 10:07:18 ----A---- C:\Windows\Ckrfresh.exe
2014-07-05 10:07:18 ----A---- C:\Windows\Ckconfig.exe
2014-07-05 10:07:15 ----A---- C:\Windows\SYSWOW64\StellarProfile.dll
2014-07-05 10:07:15 ----A---- C:\Windows\SYSWOW64\PhoenixDll.dll
2014-07-05 10:07:14 ----D---- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2014-06-26 12:43:13 ----A---- C:\Windows\system32\CNMLMAE.DLL

======List of files/folders modified in the last 1 months======

2014-07-25 06:50:10 ----RD---- C:\Program Files
2014-07-25 06:46:21 ----D---- C:\Windows\Temp
2014-07-25 06:30:52 ----D---- C:\Windows\System32
2014-07-25 06:30:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-25 06:29:31 ----D---- C:\Users\Pavol\AppData\Roaming\Skype
2014-07-24 23:47:16 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-07-24 23:37:02 ----D---- C:\Windows\inf
2014-07-24 23:20:38 ----D---- C:\Windows\system32\drivers
2014-07-24 23:20:38 ----D---- C:\Windows\system
2014-07-24 20:51:51 ----D---- C:\Windows\addins
2014-07-24 20:51:06 ----HD---- C:\ProgramData
2014-07-24 20:50:42 ----D---- C:\Windows\SysWOW64
2014-07-24 20:38:13 ----RD---- C:\Program Files (x86)
2014-07-24 20:22:36 ----D---- C:\Windows
2014-07-24 19:37:14 ----D---- C:\Users\Pavol\AppData\Roaming\AIMP3
2014-07-24 19:37:08 ----D---- C:\Windows\SoftwareDistribution
2014-07-24 19:37:08 ----D---- C:\Windows\Minidump
2014-07-24 19:37:08 ----D---- C:\Windows\debug
2014-07-24 19:36:43 ----D---- C:\Program Files\CCleaner
2014-07-24 18:23:34 ----D---- C:\Windows\system32\catroot2
2014-07-24 17:37:52 ----D---- C:\ProgramData\MFAData
2014-07-24 14:50:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 21:12:01 ----D---- C:\Users\Pavol\AppData\Roaming\vlc
2014-07-23 13:28:08 ----D---- C:\Users\Pavol\AppData\Roaming\.minecraft
2014-07-23 13:15:35 ----D---- C:\Video
2014-07-23 10:30:19 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-07-23 07:20:46 ----D---- C:\Windows\system32\config
2014-07-18 14:39:31 ----D---- C:\ProgramData\AVG2014
2014-07-13 09:33:26 ----D---- C:\Windows\system32\Tasks
2014-07-12 02:00:01 ----D---- C:\ProgramData\Adobe
2014-07-09 22:46:48 ----D---- C:\Windows\rescache
2014-07-09 20:07:29 ----D---- C:\Windows\system32\catroot
2014-07-09 20:06:52 ----SHD---- C:\Windows\Installer
2014-07-09 20:06:51 ----D---- C:\ProgramData\AMD
2014-07-09 20:06:47 ----D---- C:\Program Files\Common Files
2014-07-09 20:06:47 ----D---- C:\Program Files (x86)\Common Files
2014-07-09 20:06:21 ----D---- C:\Windows\system32\DriverStore
2014-07-09 18:23:22 ----SHD---- C:\$Recycle.Bin
2014-07-09 18:23:01 ----RSD---- C:\Windows\assembly
2014-07-09 15:59:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-09 10:41:38 ----D---- C:\Windows\winsxs
2014-07-09 10:40:21 ----SD---- C:\Windows\system32\CompatTel
2014-07-09 10:40:21 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-09 10:40:21 ----D---- C:\Program Files\Windows Journal
2014-07-09 10:40:20 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-09 10:40:20 ----D---- C:\Windows\system32\en-US
2014-07-09 10:40:20 ----D---- C:\Windows\system32\Dism
2014-07-09 10:40:20 ----D---- C:\Windows\system32\cs-CZ
2014-07-09 10:40:20 ----D---- C:\Windows\ehome
2014-07-09 10:40:20 ----D---- C:\Program Files\Internet Explorer
2014-07-09 10:40:19 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 10:35:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 10:34:04 ----D---- C:\Windows\system32\MRT
2014-07-09 10:32:31 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 10:32:04 ----D---- C:\ProgramData\Microsoft Help
2014-07-09 10:06:01 ----D---- C:\Windows\system32\sk-SK
2014-07-08 14:18:59 ----D---- C:\Program Files (x86)\BENCHMARK
2014-07-08 11:56:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-07-08 11:46:32 ----D---- C:\Windows\system32\drivers\en-US
2014-07-08 11:28:05 ----D---- C:\Program Files\Windows Sidebar
2014-07-08 11:28:04 ----D---- C:\Windows\SYSWOW64\winrm
2014-07-08 11:28:04 ----D---- C:\Windows\SYSWOW64\slmgr
2014-07-08 11:28:04 ----D---- C:\Windows\SYSWOW64\migwiz
2014-07-08 11:28:04 ----D---- C:\Windows\SYSWOW64\en
2014-07-08 11:28:04 ----D---- C:\Windows\servicing
2014-07-08 11:28:04 ----D---- C:\Program Files\Windows Photo Viewer
2014-07-08 11:28:04 ----D---- C:\Program Files\Windows Media Player
2014-07-08 11:28:04 ----D---- C:\Program Files\Windows Mail
2014-07-08 11:28:04 ----D---- C:\Program Files\Windows Defender
2014-07-08 11:28:04 ----D---- C:\Program Files\DVD Maker
2014-07-08 11:28:04 ----D---- C:\Program Files\Common Files\System
2014-07-08 11:28:04 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-07-08 11:28:04 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-07-08 11:28:04 ----D---- C:\Program Files (x86)\Windows Media Player
2014-07-08 11:28:04 ----D---- C:\Program Files (x86)\Windows Mail
2014-07-08 11:28:04 ----D---- C:\Program Files (x86)\Windows Defender
2014-07-08 11:28:01 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2014-07-08 11:28:01 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-08 11:28:00 ----D---- C:\Windows\SYSWOW64\WCN
2014-07-08 11:28:00 ----D---- C:\Windows\SYSWOW64\wbem
2014-07-08 11:28:00 ----D---- C:\Windows\SYSWOW64\DriverStore
2014-07-08 11:28:00 ----D---- C:\Windows\en-US
2014-07-08 11:27:59 ----D---- C:\Windows\system32\winrm
2014-07-08 11:27:59 ----D---- C:\Windows\system32\sysprep
2014-07-08 11:27:59 ----D---- C:\Windows\system32\slmgr
2014-07-08 11:27:59 ----D---- C:\Windows\system32\oobe
2014-07-08 11:27:59 ----D---- C:\Windows\system32\migwiz
2014-07-08 11:27:59 ----D---- C:\Windows\system32\en
2014-07-08 11:27:59 ----D---- C:\Windows\system32\Boot
2014-07-08 11:27:59 ----D---- C:\Windows\PolicyDefinitions
2014-07-08 11:27:54 ----D---- C:\Windows\system32\WCN
2014-07-08 11:27:53 ----D---- C:\Windows\system32\wbem
2014-07-08 11:27:53 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2014-06-30 08:15:50 ----D---- C:\ProgramData\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-06-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2014-01-20 241696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-01-22 560184]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-17 153368]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-06-17 242968]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\BENCHMARK\AIDA64 Extreme Edition\kerneld.x64 [2011-10-25 28320]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-07-25 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 63704]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-01-10 58048]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-06-27 3241488]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2009-08-19 1705280]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 626208]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 206880]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-01-10 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-20 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

Zdravím. Nebudem klamať, domnievate sa správne. Na druhej strane, ak by bola ich obchodná politika iná, už by som ho mal zakúpený, ale ako otec štyroch detí so štandardným príjmom, naozaj nemám peniaze na vyhadzovanie. Nemyslíte si, že ma to netrápi. Minulý rok som v zime tri mesiace strávil skúšaním UBUNTU, kedy som sa rozhodol, že sa konečne vykašlem na win. Žiaľ ubuntu je nad moje sily, preto som po novom roku preinštaloval PC znovu s win... Ak má byť kvôli tomu problém, že mi poradíte, chápem to a ďakujem za Váš čas.

Nelegalnimi systemy se tu nezabyvame, ale dneska jsem neudelal jeste zadny dobry skutek a tak abychom Vas hned pri prvni navsteve naseho fora neposlali nekam, tak to polecime

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

• Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
• Spustte a kliknete na Deletion
• Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Ok, vďaka.

############################## | UsbFix V 7.134 | [Deletion]

User: Pavol (Administrator) # PAVOL-PC
Updated 06/09/2013 by El Desaparecido
Started at 11:24:49 | 25/07/2014

Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net

PC: System manufacturer (System Product Name) (x64-based PC)
CPU: AMD Athlon(tm) II X2 240 Processor (3430)
RAM -> [Total : 8190 | Free : 6398]
BIOS: BIOS Date: 07/23/10 17:10:34 Ver: 21.05
BOOT: Normal boot

OS: Microsoft Windows 7 Ultimate (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 11.0.9600.17207

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
AV: AVG AntiVirus Free Edition 2014 [(!) Disabled | Updated]
FW: Windows FireWall Service [(!) Disabled]

C:\ (%systemdrive%) -> Fixed drive # 238 Gb (52 Mb free - 22%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 75 Gb (73 Mb free - 98%) [SIMON HDD] # NTFS
F:\ -> Removable drive # 945 Mb (945 Mb free - 100%) [KHAKI] # FAT32
G:\ -> CD-ROM
H:\ -> Fixed drive # 1863 Gb (725 Mb free - 39%) [SAMSUNG] # NTFS
I:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [PQI] # FAT32
J:\ -> Removable drive # 937 Mb (937 Mb free - 100%) [KING] # FAT32

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [AMD AVT] - Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM\SOFTWARE | Run : [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKLM\SOFTWARE | Run : [happy] - wscript.exe //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
HKLM\SOFTWARE\wow6432Node | Run : [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE\wow6432Node | Run : [AMD AVT] - Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM\SOFTWARE\wow6432Node | Run : [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKLM\SOFTWARE\wow6432Node | Run : [happy] - wscript.exe //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\SOFTWARE | Run : [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\SOFTWARE | Run : [happy] - wscript.exe //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Stopped processes |

Stopped! C:\Windows\system32\atiesrxx.exe (332)
Stopped! C:\Windows\system32\atieclxx.exe (1312)
Stopped! C:\Windows\System32\spoolsv.exe (1544)
Stopped! C:\Windows\system32\taskhost.exe (1680)
Stopped! C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (1928)
Stopped! C:\Windows\system32\taskeng.exe (1632)
Stopped! C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (1768)
Stopped! C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (2004)
Stopped! C:\Windows\System32\wscript.exe (2076)
Stopped! C:\Program Files (x86)\AVG\AVG2014\avgui.exe (2196)
Stopped! C:\Windows\system32\crypserv.exe (2212)
Stopped! C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe (2732)
Stopped! C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (2796)
Stopped! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (2956)
Stopped! C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe (2980)
Stopped! C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (2600)
Stopped! C:\Windows\SysWOW64\ctfmon.exe (568)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3296)
Stopped! C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (3408)
Stopped! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (3480)
Stopped! C:\Program Files (x86)\Skype\Phone\Skype.exe (3500)
Stopped! C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (3528)
Stopped! C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (3588)
Stopped! C:\Program Files (x86)\Skype\Phone\Skype.exe (3908)
Stopped! C:\Windows\system32\taskeng.exe (3964)
Stopped! C:\Program Files (x86)\BENCHMARK\AIDA64 Extreme Edition\aida64.exe (2836)
Stopped! C:\Windows\system32\SearchIndexer.exe (2256)
Stopped! C:\Windows\System32\WUDFHost.exe (4540)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (4936)
Stopped! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (5952)
Stopped! C:\Windows\system32\sppsvc.exe (2672)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (5788)
Stopped! C:\Windows\system32\SearchFilterHost.exe (5388)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (2160)

################## | Files # Infected Folders |

Deleted ! F:\happy.vbs
Deleted ! I:\happy.vbs
Deleted ! J:\happy.vbs
Deleted ! C:\Users\Pavol\AppData\Local\Temp\happy.vbs
Deleted ! C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\happy.vbs

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|happy
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|happy

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e8879d87-8205-11e3-b5ae-806e6f6e6963}

################## | Listing |

[21/01/2014 - 20:43:56 | D ] C:\$AVG
[09/07/2014 - 18:23:22 | SHD ] C:\$Recycle.Bin
[24/07/2014 - 20:57:17 | D ] C:\AdwCleaner
[21/01/2014 - 20:31:32 | D ] C:\AMD
[30/04/2014 - 15:17:11 | D ] C:\argo
[30/09/2013 - 22:03:20 | N | 24332] C:\big_logo.png
[30/04/2014 - 15:17:11 | D ] C:\com
[30/04/2014 - 15:17:11 | D ] C:\cpw
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[13/06/2014 - 15:39:21 | D ] C:\games
[21/05/2014 - 13:51:33 | D ] C:\games (x86)
[25/07/2014 - 11:20:48 | ASH | 6441017344] C:\hiberfil.sys
[30/09/2013 - 22:03:20 | N | 6217] C:\install_profile.json
[30/04/2014 - 15:17:11 | D ] C:\joptsimple
[17/07/2014 - 18:01:41 | D ] C:\Log
[30/04/2014 - 15:17:11 | D ] C:\META-INF
[16/03/2014 - 14:11:10 | D ] C:\Minecraft_Backup
[21/01/2014 - 22:16:56 | RHD ] C:\MSOCache
[30/04/2014 - 15:17:11 | D ] C:\org
[25/07/2014 - 11:20:48 | ASH | 8588025856] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[25/07/2014 - 06:50:10 | D ] C:\Program Files
[24/07/2014 - 20:38:13 | D ] C:\Program Files (x86)
[24/07/2014 - 20:51:06 | HD ] C:\ProgramData
[20/01/2014 - 21:09:25 | SHD ] C:\Recovery
[25/07/2014 - 06:50:18 | D ] C:\rsit
[26/04/2014 - 10:14:57 | SHD ] C:\System Volume Information
[25/07/2014 - 11:28:07 | D ] C:\UsbFix
[25/07/2014 - 11:28:20 | A | 8737] C:\UsbFix [Clean 1] PAVOL-PC.txt
[20/01/2014 - 21:09:53 | D ] C:\Users
[23/07/2014 - 13:15:35 | D ] C:\Video
[24/07/2014 - 20:22:36 | D ] C:\Windows
[24/07/2014 - 20:24:04 | SHD ] E:\$RECYCLE.BIN
[16/07/2014 - 20:57:58 | D ] E:\2014_SvP-4M
[10/06/2014 - 14:41:46 | N | 4337685] E:\D-Day.pptx
[18/06/2014 - 08:21:26 | N | 8419684] E:\fotky.pptx
[23/07/2014 - 13:33:11 | D ] E:\Fraps Videa
[18/07/2014 - 14:20:49 | N | 20007121] E:\gentlemen_dispute(juicy_beast).zip
[16/07/2014 - 20:57:59 | D ] E:\obr
[04/06/2014 - 17:10:20 | N | 10639843] E:\remix.mp3
[14/07/2014 - 15:22:17 | SHD ] E:\System Volume Information
[22/07/2014 - 14:25:57 | D ] E:\vieditované videá
[21/07/2014 - 11:27:48 | D ] E:\VoidLauncher
[21/07/2014 - 11:20:50 | N | 2459959] E:\VoidLauncher.zip
[23/07/2014 - 15:13:39 | D ] E:\Šimon
[24/07/2014 - 19:45:33 | SHD ] H:\$RECYCLE.BIN
[23/07/2014 - 20:42:32 | D ] H:\0 dokumenty
[17/05/2013 - 10:33:48 | D ] H:\Macintosh Driver
[06/03/2013 - 16:36:16 | N | 1399320] H:\Portable SecretZone.exe
[17/05/2013 - 10:33:49 | D ] H:\Samsung Drive Manager
[17/05/2013 - 10:33:50 | D ] H:\Samsung Drive Manager Manuals
[07/03/2013 - 11:46:44 | N | 166424] H:\Samsung_Drive_Manager.exe
[07/03/2013 - 11:45:30 | N | 364544] H:\Secure Unlock_win.exe
[01/11/2013 - 15:16:55 | SHD ] H:\System Volume Information
[17/05/2013 - 10:33:55 | D ] H:\User Manual

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net |

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

nech sa páči:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01
Ran by Pavol (administrator) on PAVOL-PC on 25-07-2014 16:04:47
Running from C:\Users\Pavol\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(FinalWire Ltd.) C:\Program Files (x86)\BENCHMARK\AIDA64 Extreme Edition\aida64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [happy] => wscript.exe //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
<===== ATTENTION
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Policies\Explorer: [HideSCAHealth] 0
Startup: C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
ShortcutTarget: MultiSkypeLauncher.lnk -> C:\Program Files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe (IM-history)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Pavol\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Pavol\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Pavol\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x808A5AB41316CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
SearchScopes: HKCU - {D2A0B7D3-3276-4404-AC43-82DEE4690A55} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 88.212.8.8 88.212.8.88

FireFox:
========
FF ProfilePath: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\3v7kiiep.default
FF Homepage: hxxp://www.zoznam.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pavol\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\3v7kiiep.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Google Translator for Firefox - C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\3v7kiiep.default\Extensions\translator@zoli.bod.xpi [2014-03-13]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "https://www.google.sk/"
CHR Extension: (Dokumenty Google) - C:\Users\Pavol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-22]
CHR Extension: (Disk Google) - C:\Users\Pavol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-22]
CHR Extension: (YouTube) - C:\Users\Pavol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
CHR Extension: (Hľadať v Google) - C:\Users\Pavol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-22]
CHR Extension: (Peňaženka Google) - C:\Users\Pavol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR Extension: (Gmail) - C:\Users\Pavol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AIDA64Driver; C:\Program Files (x86)\BENCHMARK\AIDA64 Extreme Edition\kerneld.x64 [28320 2011-10-25] ()
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2014-01-22] (Duplex Secure Ltd.)
U3 a5785tfd; C:\Windows\System32\Drivers\a5785tfd.sys [0 ] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-25 16:04 - 2014-07-25 16:04 - 00019428 _____ () C:\Users\Pavol\Desktop\FRST.txt
2014-07-25 16:04 - 2014-07-25 16:04 - 00000000 ____D () C:\FRST
2014-07-25 16:00 - 2014-07-25 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
2014-07-25 16:00 - 2014-07-25 16:00 - 02093568 _____ (Farbar) C:\Users\Pavol\Desktop\FRST64.exe
2014-07-25 11:24 - 2014-07-25 11:28 - 00010654 _____ () C:\UsbFix [Clean 1] PAVOL-PC.txt
2014-07-25 11:24 - 2014-07-25 11:28 - 00000000 ____D () C:\UsbFix
2014-07-25 11:23 - 2014-07-25 11:23 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Pavol\Desktop\UsbFix.exe
2014-07-25 06:50 - 2014-07-25 11:38 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 06:50 - 2014-07-25 06:50 - 00000000 ____D () C:\rsit
2014-07-25 06:49 - 2014-07-25 06:49 - 00832273 _____ () C:\Users\Pavol\Desktop\RSITx64.exe
2014-07-24 20:38 - 2014-07-25 15:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-24 20:38 - 2014-07-24 20:38 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-24 20:38 - 2014-07-24 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-24 20:38 - 2014-07-24 20:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 20:38 - 2014-07-24 20:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 20:38 - 2014-05-12 07:35 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-24 20:38 - 2014-05-12 07:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-24 20:38 - 2014-05-12 07:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-24 19:53 - 2014-07-25 13:19 - 00000672 _____ () C:\Windows\setupact.log
2014-07-24 19:53 - 2014-07-25 11:45 - 00001240 _____ () C:\Windows\error.log
2014-07-24 19:53 - 2014-07-25 11:45 - 00000280 _____ () C:\Windows\errord.log
2014-07-24 19:53 - 2014-07-25 06:26 - 00015952 _____ () C:\Windows\PFRO.log
2014-07-24 19:53 - 2014-07-24 19:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-24 19:08 - 2014-07-24 20:57 - 00000000 ____D () C:\AdwCleaner
2014-07-24 19:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-23 17:23 - 2014-07-23 17:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 10:36 - 2014-07-23 10:36 - 00000000 ____D () C:\Users\Pavol\65544yhfdw3
2014-07-23 10:30 - 2013-10-26 21:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-07-23 10:30 - 2013-10-26 21:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-07-23 10:30 - 2013-10-26 21:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-07-23 10:30 - 2013-10-26 21:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-07-23 10:30 - 2013-10-26 21:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-07-23 10:30 - 2013-10-26 21:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-07-23 10:30 - 2013-06-12 16:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-07-23 10:30 - 2013-06-12 16:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-07-23 10:30 - 2012-05-27 02:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-07-21 11:21 - 2014-07-21 11:33 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\.crazycraft2
2014-07-21 11:21 - 2014-07-21 11:21 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\.dreamcraft
2014-07-21 11:21 - 2014-07-21 11:21 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\.crazycraft
2014-07-21 11:20 - 2014-07-21 11:20 - 02459959 _____ () C:\Users\Pavol\Downloads\VoidLauncher.zip
2014-07-21 11:13 - 2014-07-21 11:14 - 353485896 _____ () C:\Users\Pavol\Downloads\CrazyCraftLetsPlayWorldInstaller.jar
2014-07-18 14:39 - 2014-07-18 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sumotori Dreams Full
2014-07-18 14:38 - 2014-07-18 14:39 - 07007097 _____ ( ) C:\Users\Pavol\Downloads\Sumotori-Dreams-Full (1).exe
2014-07-18 14:20 - 2014-07-18 14:20 - 20007121 _____ () C:\Users\Pavol\Downloads\gentlemen_dispute(juicy_beast).zip
2014-07-14 09:02 - 2014-07-14 09:02 - 00000455 _____ () C:\Users\Pavol\Desktop\SIMON (E) – zástupce.lnk
2014-07-14 08:53 - 2014-07-18 18:30 - 00001145 ____H () C:\Windows\EPMBatch.ept
2014-07-12 10:54 - 2014-07-12 10:54 - 00001395 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 9.3.0.lnk
2014-07-12 10:54 - 2014-07-12 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.3.0
2014-07-12 10:54 - 2014-07-12 10:54 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2014-07-12 10:54 - 2013-10-09 15:34 - 03381832 _____ () C:\Windows\system32\BootMan.exe
2014-07-12 10:54 - 2013-10-09 15:24 - 02499656 _____ () C:\Windows\SysWOW64\BootMan.exe
2014-07-12 10:54 - 2013-03-07 09:49 - 00100936 _____ () C:\Windows\system32\setupempdrvx64.exe
2014-07-12 10:54 - 2013-03-07 09:49 - 00087112 _____ () C:\Windows\SysWOW64\setupempdrv03.exe
2014-07-12 10:54 - 2013-03-07 09:49 - 00019840 _____ () C:\Windows\SysWOW64\EuEpmGdi.dll
2014-07-12 10:54 - 2013-03-07 09:49 - 00017480 _____ () C:\Windows\system32\epmntdrv.sys
2014-07-12 10:54 - 2013-03-07 09:49 - 00016256 _____ () C:\Windows\system32\EuEpmGdi.dll
2014-07-12 10:54 - 2013-03-07 09:49 - 00013896 _____ () C:\Windows\SysWOW64\epmntdrv.sys
2014-07-12 10:54 - 2013-03-07 09:49 - 00009800 _____ () C:\Windows\system32\EuGdiDrv.sys
2014-07-12 10:54 - 2013-03-07 09:49 - 00009160 _____ () C:\Windows\SysWOW64\EuGdiDrv.sys
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\ProgramData\ATI
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-07-09 20:05 - 2014-07-09 20:05 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-09 18:26 - 2014-07-09 20:06 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-09 18:23 - 2014-07-09 18:23 - 00016365 _____ () C:\Windows\SysWOW64\CCCInstall_201407091823017734.log
2014-07-09 16:21 - 2014-07-25 11:46 - 00003226 _____ () C:\Windows\System32\Tasks\AIDA64 AutoStart
2014-07-09 16:00 - 2014-07-09 16:00 - 00001223 _____ () C:\Users\Public\Desktop\3DMark Vantage.lnk
2014-07-09 16:00 - 2014-07-09 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2014-07-09 16:00 - 2014-07-09 16:00 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-07-09 15:59 - 2014-07-09 15:59 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\InstallShield
2014-07-09 10:27 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 10:27 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:27 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 10:27 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 10:27 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 10:27 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 10:27 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:27 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 10:27 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 10:27 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 10:27 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 10:27 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 10:27 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 10:27 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 10:27 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:27 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 10:27 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 10:27 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 10:27 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 10:27 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:27 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 10:27 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 10:27 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:27 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 10:27 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:27 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 10:27 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:27 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 10:27 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 10:27 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:27 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 10:27 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 10:27 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 10:27 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 10:27 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:27 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:27 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 10:27 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 10:27 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 10:27 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:27 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 10:27 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 10:27 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 10:27 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 10:27 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 10:27 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 10:27 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 10:27 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 10:27 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 10:27 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 10:27 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 10:27 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 10:27 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 10:27 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 10:27 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 10:27 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 10:20 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 10:20 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 10:19 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 10:19 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 10:19 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 10:19 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 10:19 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 10:19 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 10:18 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 10:18 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 10:18 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 10:18 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 10:18 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 10:18 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 10:18 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 10:18 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 10:18 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 10:18 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 10:18 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 10:18 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 10:18 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 10:18 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 10:12 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 10:12 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 10:12 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 14:24 - 2014-07-08 14:24 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-07-08 14:24 - 2009-05-05 12:30 - 00016440 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie.sys
2014-07-08 11:28 - 2014-07-08 11:28 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\sk-SK
2014-07-08 11:28 - 2014-07-08 11:28 - 00000000 ____D () C:\Windows\sk-SK
2014-07-08 11:27 - 2014-07-08 11:27 - 00000000 ____D () C:\Windows\system32\Drivers\sk-SK
2014-07-07 10:05 - 2014-07-07 10:07 - 64079267 _____ () C:\Users\Pavol\Downloads\Misa.zip
2014-07-05 10:07 - 2014-07-17 18:01 - 00000068 _____ () C:\Windows\spwdr.INI
2014-07-05 10:07 - 2014-07-17 18:01 - 00000000 ____D () C:\Log
2014-07-05 10:07 - 2014-07-05 10:07 - 00001195 _____ () C:\Users\Pavol\Desktop\Stellar Phoenix Windows Data Recovery.lnk
2014-07-05 10:07 - 2014-07-05 10:07 - 00000077 _____ () C:\Windows\Crypkey.ini
2014-07-05 10:07 - 2014-07-05 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery
2014-07-05 10:07 - 2014-07-05 10:07 - 00000000 ____D () C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2014-07-05 10:07 - 2008-05-08 01:29 - 00122880 _____ (CrypKey (Canada) Ltd.) C:\Windows\system32\Crypserv.exe
2014-07-05 10:07 - 2008-03-17 19:12 - 00028664 _____ () C:\Windows\system32\Ckldrv.sys
2014-07-05 10:07 - 2006-04-17 11:56 - 01207808 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\PhoenixDll.dll
2014-07-05 10:07 - 2004-10-16 21:46 - 00178176 _____ () C:\Windows\SysWOW64\StellarProfile.dll
2014-07-05 10:07 - 1999-06-18 22:49 - 00165888 _____ (Kenonic Controls) C:\Windows\Ckconfig.exe
2014-07-05 10:07 - 1996-05-03 18:21 - 00027648 ____R () C:\Windows\Setup_ck.exe
2014-07-05 10:07 - 1996-05-03 16:36 - 00018432 _____ () C:\Windows\Setup_ck.dll
2014-07-05 10:07 - 1995-07-04 19:33 - 00011776 _____ () C:\Windows\Ckrfresh.exe
2014-06-30 08:27 - 2014-06-30 08:27 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-26 12:43 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAE.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-25 16:04 - 2014-07-25 16:04 - 00019428 _____ () C:\Users\Pavol\Desktop\FRST.txt
2014-07-25 16:04 - 2014-07-25 16:04 - 00000000 ____D () C:\FRST
2014-07-25 16:03 - 2014-07-25 16:00 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
2014-07-25 16:01 - 2014-01-21 21:15 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\Skype
2014-07-25 16:00 - 2014-07-25 16:00 - 02093568 _____ (Farbar) C:\Users\Pavol\Desktop\FRST64.exe
2014-07-25 15:45 - 2014-01-22 23:11 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-25 15:34 - 2014-01-21 20:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-25 15:16 - 2014-07-24 20:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-25 14:13 - 2014-02-15 09:39 - 00000000 ____D () C:\Video
2014-07-25 13:57 - 2014-01-22 23:01 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\.minecraft
2014-07-25 13:19 - 2014-07-24 19:53 - 00000672 _____ () C:\Windows\setupact.log
2014-07-25 11:52 - 2009-07-14 06:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-25 11:52 - 2009-07-14 06:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-25 11:50 - 2010-11-21 11:27 - 00660030 _____ () C:\Windows\system32\perfh005.dat
2014-07-25 11:50 - 2010-11-21 11:27 - 00140680 _____ () C:\Windows\system32\perfc005.dat
2014-07-25 11:50 - 2009-07-14 07:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-25 11:46 - 2014-07-09 16:21 - 00003226 _____ () C:\Windows\System32\Tasks\AIDA64 AutoStart
2014-07-25 11:45 - 2014-07-24 19:53 - 00001240 _____ () C:\Windows\error.log
2014-07-25 11:45 - 2014-07-24 19:53 - 00000280 _____ () C:\Windows\errord.log
2014-07-25 11:45 - 2014-01-22 23:11 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-25 11:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-25 11:44 - 2014-04-15 19:46 - 00000000 ____D () C:\Users\Pavol\Documents\OCUS
2014-07-25 11:38 - 2014-07-25 06:50 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 11:30 - 2014-01-21 20:42 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-25 11:28 - 2014-07-25 11:24 - 00010654 _____ () C:\UsbFix [Clean 1] PAVOL-PC.txt
2014-07-25 11:28 - 2014-07-25 11:24 - 00000000 ____D () C:\UsbFix
2014-07-25 11:23 - 2014-07-25 11:23 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Pavol\Desktop\UsbFix.exe
2014-07-25 07:43 - 2014-03-13 20:57 - 00000000 ____D () C:\Users\Pavol\Downloads\OCUS
2014-07-25 07:35 - 2014-01-21 20:58 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\vlc
2014-07-25 06:50 - 2014-07-25 06:50 - 00000000 ____D () C:\rsit
2014-07-25 06:49 - 2014-07-25 06:49 - 00832273 _____ () C:\Users\Pavol\Desktop\RSITx64.exe
2014-07-25 06:26 - 2014-07-24 19:53 - 00015952 _____ () C:\Windows\PFRO.log
2014-07-24 23:47 - 2014-01-21 20:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-24 23:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-24 20:57 - 2014-07-24 19:08 - 00000000 ____D () C:\AdwCleaner
2014-07-24 20:51 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\addins
2014-07-24 20:38 - 2014-07-24 20:38 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-24 20:38 - 2014-07-24 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-24 20:38 - 2014-07-24 20:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 20:38 - 2014-07-24 20:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 19:53 - 2014-07-24 19:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-24 19:37 - 2014-03-15 23:35 - 00000000 ____D () C:\Windows\Minidump
2014-07-24 19:37 - 2014-01-21 20:56 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\AIMP3
2014-07-24 19:36 - 2014-01-21 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-24 19:36 - 2014-01-21 21:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-24 19:36 - 2002-01-01 01:59 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-24 14:50 - 2014-01-20 23:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 17:23 - 2014-07-23 17:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 10:36 - 2014-07-23 10:36 - 00000000 ____D () C:\Users\Pavol\65544yhfdw3
2014-07-23 10:36 - 2014-01-20 21:09 - 00000000 ____D () C:\Users\Pavol
2014-07-23 10:30 - 2014-03-16 15:00 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-07-23 09:26 - 2014-01-22 23:05 - 00000000 ___RD () C:\Users\Pavol\Desktop\GAMES
2014-07-21 20:06 - 2014-01-22 22:43 - 00000000 ____D () C:\Users\Pavol\Documents\FIFA 13
2014-07-21 18:44 - 2009-07-14 07:08 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-21 11:33 - 2014-07-21 11:21 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\.crazycraft2
2014-07-21 11:21 - 2014-07-21 11:21 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\.dreamcraft
2014-07-21 11:21 - 2014-07-21 11:21 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\.crazycraft
2014-07-21 11:20 - 2014-07-21 11:20 - 02459959 _____ () C:\Users\Pavol\Downloads\VoidLauncher.zip
2014-07-21 11:14 - 2014-07-21 11:13 - 353485896 _____ () C:\Users\Pavol\Downloads\CrazyCraftLetsPlayWorldInstaller.jar
2014-07-18 20:03 - 2014-06-24 13:07 - 00000000 ____D () C:\Users\Pavol\Desktop\ZALOHOVAT !!!!
2014-07-18 18:30 - 2014-07-14 08:53 - 00001145 ____H () C:\Windows\EPMBatch.ept
2014-07-18 14:39 - 2014-07-18 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sumotori Dreams Full
2014-07-18 14:39 - 2014-07-18 14:38 - 07007097 _____ ( ) C:\Users\Pavol\Downloads\Sumotori-Dreams-Full (1).exe
2014-07-18 14:39 - 2014-01-21 20:43 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-18 14:20 - 2014-07-18 14:20 - 20007121 _____ () C:\Users\Pavol\Downloads\gentlemen_dispute(juicy_beast).zip
2014-07-17 18:01 - 2014-07-05 10:07 - 00000068 _____ () C:\Windows\spwdr.INI
2014-07-17 18:01 - 2014-07-05 10:07 - 00000000 ____D () C:\Log
2014-07-15 18:27 - 2014-04-13 18:08 - 00000000 ____D () C:\Users\Pavol\Downloads\programy+hry
2014-07-14 09:02 - 2014-07-14 09:02 - 00000455 _____ () C:\Users\Pavol\Desktop\SIMON (E) – zástupce.lnk
2014-07-14 09:01 - 2014-02-27 23:00 - 00000000 ____D () C:\Users\Pavol\Documents\ŠIMON
2014-07-12 10:54 - 2014-07-12 10:54 - 00001395 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 9.3.0.lnk
2014-07-12 10:54 - 2014-07-12 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.3.0
2014-07-12 10:54 - 2014-07-12 10:54 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2014-07-12 02:00 - 2014-05-21 13:21 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-10 20:25 - 2014-06-16 23:29 - 00000000 ____D () C:\Users\Pavol\AppData\Local\Adobe
2014-07-09 22:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\ProgramData\ATI
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-09 20:06 - 2014-07-09 20:06 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-07-09 20:06 - 2014-07-09 18:26 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-09 20:06 - 2014-01-21 20:33 - 00000000 ____D () C:\ProgramData\AMD
2014-07-09 20:05 - 2014-07-09 20:05 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-09 18:23 - 2014-07-09 18:23 - 00016365 _____ () C:\Windows\SysWOW64\CCCInstall_201407091823017734.log
2014-07-09 16:00 - 2014-07-09 16:00 - 00001223 _____ () C:\Users\Public\Desktop\3DMark Vantage.lnk
2014-07-09 16:00 - 2014-07-09 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2014-07-09 16:00 - 2014-07-09 16:00 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-07-09 15:59 - 2014-07-09 15:59 - 00000000 ____D () C:\Users\Pavol\AppData\Roaming\InstallShield
2014-07-09 15:59 - 2014-01-20 21:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-09 10:41 - 2009-07-14 06:45 - 04858984 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 10:40 - 2014-05-06 15:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 10:40 - 2010-11-21 11:38 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 10:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 10:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 10:35 - 2014-01-21 20:41 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 10:35 - 2014-01-21 20:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 10:35 - 2014-01-21 20:41 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 10:34 - 2014-01-20 21:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 10:32 - 2014-01-21 22:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 10:32 - 2014-01-20 21:32 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 10:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-07-08 16:54 - 2014-01-21 21:50 - 00000000 ____D () C:\Users\Pavol\Desktop\BENCHMARK
2014-07-08 14:24 - 2014-07-08 14:24 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-07-08 14:18 - 2014-01-21 21:29 - 00000000 ____D () C:\Program Files (x86)\BENCHMARK
2014-07-08 11:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-07-08 11:28 - 2014-07-08 11:28 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\sk-SK
2014-07-08 11:28 - 2014-07-08 11:28 - 00000000 ____D () C:\Windows\sk-SK
2014-07-08 11:28 - 2010-11-21 11:27 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-07-08 11:28 - 2010-11-21 11:27 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-07-08 11:28 - 2010-11-21 11:27 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-07-08 11:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-07-08 11:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-07-08 11:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-08 11:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-07-08 11:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-07-08 11:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-07-08 11:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-08 11:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-07-08 11:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-07-08 11:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-08 11:27 - 2014-07-08 11:27 - 00000000 ____D () C:\Windows\system32\Drivers\sk-SK
2014-07-08 11:27 - 2010-11-21 11:27 - 00000000 ____D () C:\Windows\system32\winrm
2014-07-08 11:27 - 2010-11-21 11:27 - 00000000 ____D () C:\Windows\system32\WCN
2014-07-08 11:27 - 2010-11-21 11:27 - 00000000 ____D () C:\Windows\system32\slmgr
2014-07-08 11:27 - 2010-11-21 11:27 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-07-08 11:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-07-08 11:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-07-08 11:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-07-08 11:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-07 10:07 - 2014-07-07 10:05 - 64079267 _____ () C:\Users\Pavol\Downloads\Misa.zip
2014-07-06 23:21 - 2014-02-13 19:51 - 00002828 _____ () C:\Users\Pavol\AppData\Local\config.dat
2014-07-05 10:07 - 2014-07-05 10:07 - 00001195 _____ () C:\Users\Pavol\Desktop\Stellar Phoenix Windows Data Recovery.lnk
2014-07-05 10:07 - 2014-07-05 10:07 - 00000077 _____ () C:\Windows\Crypkey.ini
2014-07-05 10:07 - 2014-07-05 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery
2014-07-05 10:07 - 2014-07-05 10:07 - 00000000 ____D () C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2014-07-03 14:33 - 2014-03-31 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-03 14:33 - 2014-03-09 19:16 - 00001001 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-30 08:27 - 2014-06-30 08:27 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-30 08:15 - 2014-06-22 13:08 - 00000000 ____D () C:\ProgramData\Origin
2014-06-30 04:09 - 2014-07-09 10:20 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 10:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 12:17 - 2014-01-22 22:59 - 00000000 ____D () C:\Users\Pavol\Documents\FIFA 12

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 00:42




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:238.37 GB) (Free:91.57 GB) NTFS
Drive e: (SIMON HDD) (Fixed) (Total:74.52 GB) (Free:49.01 GB) NTFS
Drive f: (KHAKI) (Removable) (Total:0.92 GB) (Free:0.92 GB) FAT32
Drive h: (SAMSUNG) (Fixed) (Total:1863.01 GB) (Free:724.63 GB) NTFS
Drive i: (PQI) (Removable) (Total:3.75 GB) (Free:3.75 GB) FAT32
Drive j: (KING) (Removable) (Total:0.92 GB) (Free:0.82 GB) FAT32

Available physical RAM: 6333.57 MB
Total physical RAM: 8190.18 MB
Percentage of memory in use: 22%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: 9938EBD5)
Partition 1: (Not Active) - (Size=75 GB) - (Type=OF Extended)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 40911D53)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS)
Disk: 2 (Size: 1863 GB) (Disk ID: 0A99AF6D)
Partition 1: (Active) - (Size=-198626934272) - (Type=07 NTFS)
Disk: 3 (Size: 964 MB) (Disk ID: 91F72D24)
Partition 1: (Not Active) - (Size=949 MB) - (Type=OF Extended)
Disk: 4 (Size: 955 MB) (Disk ID: 0217934C)
Partition 1: (Not Active) - (Size=941 MB) - (Type=OF Extended)
Disk: 5 (Size: 4 GB) (Disk ID: 000E52E6)
Partition 1: (Not Active) - (Size=4 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavol\Desktop" je 232 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"bin\\CodeMeter.exe"="C:\\Program Files (x86)\\CodeMeter\\Runtime\\bin\\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"bin\\CodeMeter.exe"="C:\\Program Files (x86)\\CodeMeter\\Runtime\\bin\\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Odinstalujte Spybot - Search & Destroy

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
  HKLM\...\Run: [happy] => wscript.exe //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
  <===== ATTENTION
  HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
  HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
  HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
  HKLM\...\Policies\Explorer: [HideSCAHealth] 0
  HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
  HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
  HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
  HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
  HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
  HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
  HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
  HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Policies\Explorer: [HideSCAHealth] 0
  Startup: C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
  ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x808A5AB41316CF01
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
  SearchScopes: HKLM-x32 - DefaultScope value is missing.
  SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  SearchScopes: HKCU - {D2A0B7D3-3276-4404-AC43-82DEE4690A55} URL = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
  BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
  
  FF SearchPlugin: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\3v7kiiep.default\searchplugins\yahoo_ff.xml
  
  R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
  S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  
  C:\Users\Pavol\AppData\Local\Temp\happy.vbs
  C:\Program Files (x86)\Spybot - Search & Destroy
  2014-07-25 16:00 - 2014-07-25 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
  2014-07-25 11:24 - 2014-07-25 11:28 - 00010654 _____ () C:\UsbFix [Clean 1] PAVOL-PC.txt
  2014-07-25 11:24 - 2014-07-25 11:28 - 00000000 ____D () C:\UsbFix
  2014-07-25 11:23 - 2014-07-25 11:23 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Pavol\Desktop\UsbFix.exe
  2014-07-25 06:50 - 2014-07-25 11:38 - 00000000 ____D () C:\Program Files\trend micro
  2014-07-25 06:50 - 2014-07-25 06:50 - 00000000 ____D () C:\rsit
  2014-07-25 06:49 - 2014-07-25 06:49 - 00832273 _____ () C:\Users\Pavol\Desktop\RSITx64.exe
  2014-07-24 19:53 - 2014-07-25 13:19 - 00000672 _____ () C:\Windows\setupact.log
  2014-07-24 19:53 - 2014-07-25 11:45 - 00001240 _____ () C:\Windows\error.log
  2014-07-24 19:53 - 2014-07-25 11:45 - 00000280 _____ () C:\Windows\errord.log
  2014-07-24 19:53 - 2014-07-25 06:26 - 00015952 _____ () C:\Windows\PFRO.log
  2014-07-24 19:53 - 2014-07-24 19:53 - 00000000 _____ () C:\Windows\setuperr.log
  2014-07-24 19:08 - 2014-07-24 20:57 - 00000000 ____D () C:\AdwCleaner
  2014-07-24 19:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  2014-07-23 10:36 - 2014-07-23 10:36 - 00000000 ____D () C:\Users\Pavol\65544yhfdw3
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

nech sa páči:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2014 01
Ran by Pavol at 2014-07-28 08:49:21 Run:1
Running from C:\Users\Pavol\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [happy] => wscript.exe //B "C:\Users\Pavol\AppData\Local\Temp\happy.vbs"
<===== ATTENTION
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\...\Policies\Explorer: [HideSCAHealth] 0
Startup: C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x808A5AB41316CF01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
SearchScopes: HKCU - {D2A0B7D3-3276-4404-AC43-82DEE4690A55} URL = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

FF SearchPlugin: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\3v7kiiep.default\searchplugins\yahoo_ff.xml

R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

C:\Users\Pavol\AppData\Local\Temp\happy.vbs
C:\Program Files (x86)\Spybot - Search & Destroy
2014-07-25 16:00 - 2014-07-25 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
2014-07-25 11:24 - 2014-07-25 11:28 - 00010654 _____ () C:\UsbFix [Clean 1] PAVOL-PC.txt
2014-07-25 11:24 - 2014-07-25 11:28 - 00000000 ____D () C:\UsbFix
2014-07-25 11:23 - 2014-07-25 11:23 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Pavol\Desktop\UsbFix.exe
2014-07-25 06:50 - 2014-07-25 11:38 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 06:50 - 2014-07-25 06:50 - 00000000 ____D () C:\rsit
2014-07-25 06:49 - 2014-07-25 06:49 - 00832273 _____ () C:\Users\Pavol\Desktop\RSITx64.exe
2014-07-24 19:53 - 2014-07-25 13:19 - 00000672 _____ () C:\Windows\setupact.log
2014-07-24 19:53 - 2014-07-25 11:45 - 00001240 _____ () C:\Windows\error.log
2014-07-24 19:53 - 2014-07-25 11:45 - 00000280 _____ () C:\Windows\errord.log
2014-07-24 19:53 - 2014-07-25 06:26 - 00015952 _____ () C:\Windows\PFRO.log
2014-07-24 19:53 - 2014-07-24 19:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-24 19:08 - 2014-07-24 20:57 - 00000000 ____D () C:\AdwCleaner
2014-07-24 19:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-23 10:36 - 2014-07-23 10:36 - 00000000 ____D () C:\Users\Pavol\65544yhfdw3

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
Reboot:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\happy => value deleted successfully.
<===== ATTENTION => Error: No automatic fix found for this entry.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) => Value not found.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) => Value not found.
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer => Value not found.
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
HKU\S-1-5-21-1106048339-3540935869-1059512908-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk => Moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => Key deleted successfully.
"HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1" => Key not found.
"HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2" => Key not found.
"HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3" => Key not found.
"HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}" => Key deleted successfully.
"HKCR\CLSID\${searchCLSID}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D2A0B7D3-3276-4404-AC43-82DEE4690A55}" => Key deleted successfully.
"HKCR\CLSID\{D2A0B7D3-3276-4404-AC43-82DEE4690A55}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}" => Key not found.
"HKCR\Wow6432Node\CLSID\{53707962-6F74-2D53-2644-206D7942484F}" => Key not found.
C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\3v7kiiep.default\searchplugins\yahoo_ff.xml => Moved successfully.
SBSDWSCService => Service not found.
VGPU => Service deleted successfully.
"C:\Users\Pavol\AppData\Local\Temp\happy.vbs" => File/Directory not found.
C:\Program Files (x86)\Spybot - Search & Destroy => Moved successfully.
C:\Users\Pavol\Desktop\FRSTLauncher.exe => Moved successfully.
C:\UsbFix [Clean 1] PAVOL-PC.txt => Moved successfully.
C:\UsbFix => Moved successfully.
C:\Users\Pavol\Desktop\UsbFix.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Pavol\Desktop\RSITx64.exe => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\error.log => Moved successfully.
C:\Windows\errord.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\Users\Pavol\65544yhfdw3 => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova PC???

Kopírovanie na USB je ok, žiadne vytváranie odkazov alebo niečo podobné.
Zatiaľ vypozorované nejaké iné zmeny:
- ani jednu z flashiek, ktoré prebehli procesom ozdravovania neprečíta DVD rekordér, predtým ich v pohode načítal. (Nepomáha ani zrušenie partície, znovu vytvorenie a pomalý formát cez EaseUS Partition Master). TV-LCD smart číta všetky flashky. Mám ale jednu flashku, ktorá nebola napadnutá (žiaden podozrivé chovanie, žiadne skryté súbory, žadne vytváranie odkazov), tú DVD načíta!
- externý 2TB HDD sa nedá odpojiť z PC, stále vypisuje, že je používaný. Nepomáha ani klasická kontrola cez pravé tl. myši a následne pokus o vysunutie...
- ako keby sa spomalilo kopírovanie na flshky, na externý HDD je to ok.
POZOR! Nesťažujem sa, práve naopak, ďakujem za pomoc. Sorry za pomalšie reakcie, ale pri 4 deťoch niekedy nestíham.

Mám jednu faktickú, čo by ste mi poradili k AVG free doinštalovať, aby som sa vyhol takýmto problémom? Ďakujem.

Maji ty flash disky spravny format (FAT, NTFS)

Ja bych AVG odinstaloval uplne a dal tam nejlepe Avast Free a k nemu na obcasny sken MBAM

flashky majú formát FAT32. DVDrekordér dokáže načítať FAT16 alebo FAT32 do určitej veľkosti, čiže sú splnené všetky predpoklady, žeby to malo fungovať, ale nefunguje to.

Zkuste ji dat na FAT16

FAT16 nepomohlo, jednoducho, flashky ktoré prešli "ozdravným" procesom DVD nenačíta.