webssearches jak odstranit?

Zpráva

Maroš · #1 Příspěvek od **Maroš** » 07 pro 2014 19:50

Prosím o kontrolu logu, nemůžu se zbavit webssearches.com a search protect

Logfile of random's system information tool 1.10 (written by random/random)
Run by Maros at 2014-12-07 19:47:09
Microsoft Windows 7 Home Premium
System drive C: has 12 GB (9%) free of 134 GB
Total RAM: 4095 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:47:23, on 7.12.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STab\cmdshell.exe
C:\Program Files (x86)\STab\HPNotify.exe
C:\Program Files (x86)\GoForFilesUpdater\GoForFilesUpdater.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Sticky Password\stpass.exe
C:\Program Files\trend micro\Maros.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 9_3CCAFD98
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 9_3CCAFD98
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 9_3CCAFD98
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 9_3CCAFD98
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IHProtect Service - TODO: <Company name> - C:\Program Files (x86)\STab\ProtectService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9195 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
taskeng.exe {CF584D42-01BF-4791-B6C6-30C086382515}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\STab\ProtectService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\STab\cmdshell.exe"
HPNotify.exe -run
taskeng.exe {B6280B5D-3EB3-4198-87DF-6680359102AF}
"C:\Program Files (x86)\GoForFilesUpdater\GoForFilesUpdater.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-38d22f15-bf5b-4d6a-94cf-ee9013e998d8 -SystemEventPortName:HostProcess-f0e1238a-b327-4eb4-b06c-2d3a60e2fc24 -IoCancelEventPortName:HostProcess-2c16b344-e2f9-423b-9e89-fcd8f5df5a9c -NonStateChangingEventPortName:HostProcess-8670e62e-d54c-495f-9b18-9c02fc79bc0e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c9e39dd4-b07c-4a4a-b253-615b881e770e
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss a888b1f7-4891-4f36-9f9e-92f898663e07 1
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2440
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://istart.webssearches.com/?type=sc ... 9_3CCAFD98
wmiadap.exe /F /T /R
"C:\Program Files (x86)\Sticky Password\stpass.exe" -ShowCaptionButtonMenuWnd=131480

"C:\Users\Maros\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\extensions\
cs@dictionaries.addons.mozilla.org
faststartff@gmail.com
sk@dictionaries.addons.mozilla.org

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-07 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-07 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-03 30872160]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-07 5226600]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-07 19:47:09 ----D---- C:\rsit
2014-12-07 19:47:09 ----D---- C:\Program Files\trend micro
2014-12-07 19:10:19 ----A---- C:\autoexec.bat
2014-12-07 18:44:28 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-12-07 18:44:28 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-12-07 18:44:28 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-12-07 18:44:28 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-12-07 18:44:27 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-12-07 18:44:27 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-12-07 18:43:51 ----A---- C:\Windows\system32\nvspcap64.dll
2014-12-07 18:43:50 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-12-07 18:43:39 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-12-07 18:43:04 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-12-07 18:43:01 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-12-07 18:31:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-12-07 18:31:45 ----A---- C:\Windows\system32\nvhdap64.dll
2014-12-07 18:31:45 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2014-12-07 18:31:45 ----A---- C:\Windows\system32\nvapo64v.dll
2014-12-07 18:31:45 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-12-07 18:31:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-12-07 18:31:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-12-07 18:31:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-12-07 18:31:44 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\nvopencl.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\nvoglv64.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\NvIFR64.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\NvFBC64.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-12-07 18:31:43 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-12-07 18:31:43 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-12-07 18:31:43 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvcuvid.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvcuda.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvcompiler.dll
2014-12-07 18:26:06 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-12-07 18:25:56 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-12-07 18:25:56 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-12-07 18:25:13 ----D---- C:\NVIDIA
2014-12-07 17:53:34 ----A---- C:\Windows\system32\AF15BDAEX.dll
2014-12-07 17:53:32 ----A---- C:\Windows\system32\drivers\AF15BDA.sys
2014-12-07 17:49:41 ----D---- C:\ProgramData\Record
2014-12-07 17:41:55 ----A---- C:\Windows\system32\drivers\{16059ec5-52e8-4756-b01c-cdf3d1058db7}Gw64.sys
2014-12-07 17:41:12 ----D---- C:\ProgramData\Plugins
2014-12-07 17:35:42 ----D---- C:\ProgramData\IHProtectUpDate
2014-12-07 17:35:41 ----D---- C:\Program Files (x86)\STab
2014-12-07 17:35:34 ----D---- C:\ProgramData\WindowsMangerProtect
2014-12-07 17:35:33 ----D---- C:\Users\Maros\AppData\Roaming\337Games
2014-12-07 17:35:19 ----D---- C:\Users\Maros\AppData\Roaming\webssearches
2014-12-07 17:34:53 ----D---- C:\Program Files (x86)\LuckyTab
2014-12-07 17:34:48 ----D---- C:\Users\Maros\AppData\Roaming\GoforFiles
2014-12-07 17:34:47 ----D---- C:\Program Files (x86)\GoForFilesUpdater
2014-12-07 17:29:41 ----D---- C:\ProgramData\BlazeVideo
2014-12-07 17:29:41 ----A---- C:\Windows\SYSWOW64\SysInfo_6_6_p.dll
2014-12-07 17:12:06 ----D---- C:\Program Files (x86)\Google
2014-12-07 17:09:54 ----D---- C:\Users\Maros\AppData\Roaming\Thinstall
2014-12-07 17:06:20 ----D---- C:\Windows\AutoKMS
2014-12-07 16:53:17 ----D---- C:\Program Files\Common Files\DESIGNER
2014-12-07 16:52:11 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-12-07 16:51:38 ----D---- C:\Windows\PCHEALTH
2014-12-07 16:51:38 ----D---- C:\Program Files\Microsoft Sync Framework
2014-12-07 16:51:38 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-12-07 16:49:33 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-12-07 16:48:17 ----D---- C:\Program Files\Microsoft Analysis Services
2014-12-07 16:48:17 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-12-07 16:47:57 ----D---- C:\Program Files (x86)\Microsoft Office
2014-12-07 16:47:51 ----D---- C:\ProgramData\Microsoft Help
2014-12-07 16:47:51 ----D---- C:\Program Files\Microsoft Office
2014-12-07 16:35:41 ----A---- C:\Windows\Uninstvga.bat
2014-12-07 16:35:41 ----A---- C:\Windows\Uninstuxga.bat
2014-12-07 16:35:41 ----A---- C:\Windows\Uninstsxga.bat
2014-12-07 16:35:41 ----A---- C:\Windows\system32\drivers\snp2uvc.sys
2014-12-07 16:35:41 ----A---- C:\Windows\system32\drivers\sncduvc.sys
2014-12-07 16:35:41 ----A---- C:\Windows\DrvInst.exe
2014-12-07 16:29:30 ----D---- C:\Users\Maros\AppData\Roaming\Skype
2014-12-07 16:29:21 ----RD---- C:\Program Files (x86)\Skype
2014-12-07 16:29:16 ----D---- C:\ProgramData\Skype
2014-12-07 16:21:22 ----D---- C:\Program Files (x86)\Adobe
2014-12-07 16:21:03 ----D---- C:\Program Files (x86)\TeamViewer
2014-12-07 16:20:11 ----D---- C:\ProgramData\Adobe
2014-12-07 16:10:27 ----D---- C:\Users\Maros\AppData\Roaming\WinRAR
2014-12-07 16:10:06 ----D---- C:\Program Files\WinRAR
2014-12-07 16:04:01 ----A---- C:\Windows\system32\TURegOpt.exe
2014-12-07 16:04:00 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-12-07 16:04:00 ----A---- C:\Windows\system32\authuitu.dll
2014-12-07 16:03:21 ----D---- C:\Users\Maros\AppData\Roaming\TuneUp Software
2014-12-07 16:03:10 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2014-12-07 16:02:41 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-12-07 15:57:51 ----SHD---- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-12-07 15:57:51 ----HD---- C:\ProgramData\Common Files
2014-12-07 15:57:47 ----D---- C:\ProgramData\TuneUp Software
2014-12-07 15:48:44 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-12-07 15:47:28 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-12-07 15:47:28 ----A---- C:\Windows\system32\PresentationHost.exe
2014-12-07 15:47:28 ----A---- C:\Windows\system32\netfxperf.dll
2014-12-07 15:47:28 ----A---- C:\Windows\system32\mscoree.dll
2014-12-07 15:47:27 ----A---- C:\Windows\system32\dfshim.dll
2014-12-07 15:42:10 ----D---- C:\Program Files\SRS Labs
2014-12-07 15:42:04 ----SHD---- C:\Windows\Installer
2014-12-07 15:41:55 ----D---- C:\Windows\system32\SRSLabs
2014-12-07 15:41:54 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-12-07 15:41:54 ----D---- C:\Program Files\Realtek
2014-12-07 15:41:41 ----A---- C:\Windows\system32\drivers\SamSfPa.dat
2014-12-07 15:41:35 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-12-07 15:41:35 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RtkApi64.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RTEEP64A.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RTEEL64A.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RTEEG64A.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RTEED64A.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-12-07 15:41:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-12-07 15:41:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-12-07 15:41:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-12-07 15:41:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-12-07 15:41:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-07 15:41:31 ----D---- C:\Program Files (x86)\Realtek
2014-12-07 15:41:31 ----A---- C:\Windows\system32\FMAPO64.dll
2014-12-07 15:41:31 ----A---- C:\Windows\system32\AERTAR64.dll
2014-12-07 15:41:31 ----A---- C:\Windows\system32\AERTAC64.dll
2014-12-07 15:41:29 ----HD---- C:\Program Files (x86)\Temp
2014-12-07 15:41:29 ----A---- C:\Windows\RtlExUpd.dll
2014-12-07 15:39:03 ----A---- C:\Windows\system32\NVUNINST.EXE
2014-12-07 15:10:17 ----D---- C:\Users\Maros\AppData\Roaming\Macromedia
2014-12-07 15:10:17 ----D---- C:\Users\Maros\AppData\Roaming\Adobe
2014-12-07 15:09:29 ----D---- C:\Users\Maros\AppData\Roaming\Mozilla
2014-12-07 14:58:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-07 14:58:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-07 14:51:21 ----SD---- C:\Windows\system32\CompatTel
2014-12-07 14:49:08 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2014-12-07 14:49:08 ----A---- C:\Windows\system32\wcncsvc.dll
2014-12-07 14:44:56 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-12-07 14:44:38 ----A---- C:\Windows\system32\browserchoice.exe
2014-12-07 14:38:54 ----D---- C:\Windows\system32\MRT
2014-12-07 14:38:49 ----A---- C:\Windows\system32\MRT.exe
2014-12-07 14:37:17 ----D---- C:\ProgramData\NVIDIA
2014-12-07 14:36:32 ----A---- C:\Windows\system32\nvshext.dll
2014-12-07 14:35:49 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-12-07 14:35:49 ----A---- C:\Windows\system32\OpenCL.dll
2014-12-07 14:33:23 ----D---- C:\ProgramData\NVIDIA Corporation
2014-12-07 14:33:14 ----D---- C:\Program Files\NVIDIA Corporation
2014-12-07 14:31:05 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-12-07 14:31:05 ----A---- C:\Windows\system32\drivers\ks.sys
2014-12-07 14:30:44 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-12-07 14:30:44 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-12-07 14:30:44 ----A---- C:\Windows\system32\secproc_isv.dll
2014-12-07 14:30:44 ----A---- C:\Windows\system32\secproc.dll
2014-12-07 14:30:44 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-12-07 14:30:44 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-12-07 14:30:44 ----A---- C:\Windows\system32\RMActivate.exe
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-12-07 14:30:43 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-12-07 14:30:43 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-12-07 14:30:43 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-12-07 14:30:38 ----A---- C:\Windows\system32\shell32.dll
2014-12-07 14:30:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-12-07 14:30:16 ----A---- C:\Windows\system32\ieframe.dll
2014-12-07 14:30:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-07 14:30:14 ----A---- C:\Windows\system32\urlmon.dll
2014-12-07 14:30:14 ----A---- C:\Windows\system32\msxml6.dll
2014-12-07 14:30:14 ----A---- C:\Windows\system32\msxml3.dll
2014-12-07 14:30:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-07 14:30:13 ----A---- C:\Windows\SYSWOW64\upnp.dll
2014-12-07 14:30:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-07 14:30:13 ----A---- C:\Windows\system32\upnp.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-12-07 14:30:12 ----A---- C:\Windows\system32\wscapi.dll
2014-12-07 14:30:12 ----A---- C:\Windows\system32\winhttp.dll
2014-12-07 14:30:12 ----A---- C:\Windows\system32\WebClnt.dll
2014-12-07 14:30:12 ----A---- C:\Windows\system32\davclnt.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\slwga.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-07 14:30:11 ----A---- C:\Windows\system32\wscsvc.dll
2014-12-07 14:30:11 ----A---- C:\Windows\system32\slwga.dll
2014-12-07 14:30:11 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-07 14:30:11 ----A---- C:\Windows\system32\ieui.dll
2014-12-07 14:30:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-12-07 14:30:06 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-12-07 14:30:06 ----A---- C:\Windows\system32\lsasrv.dll
2014-12-07 14:30:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-12-07 14:30:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-12-07 14:30:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-12-07 14:30:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-12-07 14:29:58 ----A---- C:\Windows\system32\generaltel.dll
2014-12-07 14:29:58 ----A---- C:\Windows\system32\aepdu.dll
2014-12-07 14:29:58 ----A---- C:\Windows\system32\aeinv.dll
2014-12-07 14:29:53 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-12-07 14:29:53 ----A---- C:\Windows\system32\poqexec.exe
2014-12-07 14:29:50 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-12-07 14:29:50 ----A---- C:\Windows\system32\winlogon.exe
2014-12-07 14:29:50 ----A---- C:\Windows\explorer.exe
2014-12-07 14:29:49 ----A---- C:\Windows\system32\win32k.sys
2014-12-07 14:29:48 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-12-07 14:29:48 ----A---- C:\Windows\system32\ntdll.dll
2014-12-07 14:27:44 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-12-07 14:27:44 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-12-07 14:24:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-07 14:24:23 ----D---- C:\Windows\SYSWOW64\Macromed
2014-12-07 14:24:21 ----D---- C:\Windows\system32\Macromed
2014-12-07 14:17:28 ----D---- C:\Users\Maros\AppData\Roaming\Lamantine
2014-12-07 14:14:45 ----D---- C:\Program Files (x86)\Sticky Password
2014-12-07 14:09:43 ----D---- C:\ProgramData\Mozilla
2014-12-07 14:09:01 ----D---- C:\Users\Maros\AppData\Roaming\AVAST Software
2014-12-07 14:08:38 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-12-07 14:08:38 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-12-07 14:08:37 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-12-07 14:08:37 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-12-07 14:08:37 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-12-07 14:08:36 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-12-07 14:08:36 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-12-07 14:08:33 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-12-07 14:08:29 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-07 14:08:27 ----A---- C:\Windows\avastSS.scr
2014-12-07 14:05:34 ----D---- C:\Program Files\AVAST Software
2014-12-07 14:04:55 ----D---- C:\ProgramData\AVAST Software
2014-12-07 13:47:48 ----A---- C:\Windows\system32\emptyregdb.dat
2014-12-07 12:59:39 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-07 12:54:06 ----D---- C:\Users\Maros\AppData\Roaming\GHISLER
2014-12-07 12:47:27 ----A---- C:\Windows\system32\wups.dll
2014-12-07 12:47:27 ----A---- C:\Windows\system32\wudriver.dll
2014-12-07 12:47:27 ----A---- C:\Windows\system32\wuapi.dll
2014-12-07 12:47:07 ----A---- C:\Windows\system32\wuwebv.dll
2014-12-07 12:47:07 ----A---- C:\Windows\system32\wuapp.exe
2014-12-07 12:46:56 ----D---- C:\Users\Maros\AppData\Roaming\Identities
2014-12-07 12:46:34 ----SD---- C:\Users\Maros\AppData\Roaming\Microsoft
2014-12-07 12:46:34 ----D---- C:\Users\Maros\AppData\Roaming\Media Center Programs
2014-12-07 12:46:22 ----SHD---- C:\ProgramData\Šablony
2014-12-07 12:46:22 ----SHD---- C:\ProgramData\Nabídka Start
2014-12-07 12:46:22 ----SHD---- C:\ProgramData\Data aplikací
2014-12-07 12:46:22 ----A---- C:\Windows\system32\wups2.dll
2014-12-07 12:46:22 ----A---- C:\Windows\system32\wucltux.dll
2014-12-07 12:46:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-12-07 12:46:22 ----A---- C:\Windows\system32\wuauclt.exe
2014-12-07 12:46:21 ----SHD---- C:\ProgramData\Plocha
2014-12-07 12:46:21 ----SHD---- C:\ProgramData\Oblíbené položky
2014-12-07 12:46:21 ----SHD---- C:\ProgramData\Dokumenty
2014-12-07 12:41:52 ----N---- C:\bootsqm.dat
2014-12-07 12:12:22 ----D---- C:\Windows\SoftwareDistribution
2014-12-07 12:09:12 ----D---- C:\Windows\Prefetch
2014-12-07 12:09:10 ----ASH---- C:\hiberfil.sys
2014-12-07 12:08:36 ----D---- C:\Windows\Panther
2014-12-07 11:59:28 ----D---- C:\Windows.old
2014-11-30 08:20:32 ----SHD---- C:\found.004
2014-11-27 20:29:22 ----SHD---- C:\found.003
2014-11-25 10:18:41 ----SHD---- C:\found.002
2014-11-21 20:22:45 ----SHD---- C:\found.001
2014-11-21 15:35:16 ----SHD---- C:\found.000
2014-11-21 13:50:03 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2014-12-07 19:47:09 ----RD---- C:\Program Files
2014-12-07 19:47:04 ----D---- C:\Windows\System32
2014-12-07 19:47:04 ----D---- C:\Windows\inf
2014-12-07 19:47:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-07 19:46:14 ----D---- C:\Windows\Temp
2014-12-07 19:41:55 ----D---- C:\Windows\Tasks
2014-12-07 19:41:51 ----RD---- C:\Program Files (x86)
2014-12-07 19:38:24 ----D---- C:\Windows\system32\drivers
2014-12-07 19:09:50 ----D---- C:\Windows\system32\Tasks
2014-12-07 19:03:45 ----A---- C:\Windows\win.ini
2014-12-07 18:58:23 ----D---- C:\Windows
2014-12-07 18:57:54 ----HD---- C:\ProgramData
2014-12-07 18:56:29 ----D---- C:\Windows\SysWOW64
2014-12-07 18:44:17 ----SHD---- C:\System Volume Information
2014-12-07 18:43:53 ----D---- C:\Windows\Logs
2014-12-07 18:43:32 ----D---- C:\Windows\system32\DriverStore
2014-12-07 18:43:32 ----D---- C:\Windows\system32\catroot
2014-12-07 18:43:31 ----D---- C:\Temp
2014-12-07 18:41:54 ----D---- C:\Windows\system32\GroupPolicy
2014-12-07 18:40:55 ----D---- C:\Windows\system32\catroot2
2014-12-07 18:39:00 ----D---- C:\Windows\Microsoft.NET
2014-12-07 18:38:56 ----RSD---- C:\Windows\assembly
2014-12-07 18:32:00 ----RD---- C:\Users
2014-12-07 17:06:03 ----D---- C:\Windows\system32\config
2014-12-07 16:55:54 ----D---- C:\Windows\winsxs
2014-12-07 16:53:45 ----RSD---- C:\Windows\Fonts
2014-12-07 16:53:20 ----D---- C:\Windows\ShellNew
2014-12-07 16:53:17 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-12-07 16:53:17 ----D---- C:\Program Files\Common Files
2014-12-07 16:51:57 ----D---- C:\Program Files (x86)\MSBuild
2014-12-07 16:51:38 ----SD---- C:\ProgramData\Microsoft
2014-12-07 16:48:49 ----D---- C:\Program Files\Common Files\System
2014-12-07 16:29:22 ----D---- C:\Program Files (x86)\Common Files
2014-12-07 15:50:34 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-07 15:50:34 ----D---- C:\Windows\system32\cs-CZ
2014-12-07 15:48:46 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-07 15:48:46 ----D---- C:\Windows\system32\en-US
2014-12-07 15:42:27 ----A---- C:\Windows\system32\nvuhda6.exe
2014-12-07 15:42:26 ----A---- C:\Windows\system32\nvcohda6.dll
2014-12-07 15:42:25 ----A---- C:\Windows\system32\nvudisp.exe
2014-12-07 15:42:20 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2014-12-07 15:42:20 ----A---- C:\Windows\system32\nvdecodemft.dll
2014-12-07 15:42:17 ----A---- C:\Windows\system32\nvcod162.dll
2014-12-07 15:42:17 ----A---- C:\Windows\system32\nvcod.dll
2014-12-07 15:42:14 ----A---- C:\Windows\system32\dpinst.exe
2014-12-07 15:38:49 ----A---- C:\Windows\system32\nvusmu.exe
2014-12-07 15:38:49 ----A---- C:\Windows\system32\NvRCoZht.dll
2014-12-07 15:38:49 ----A---- C:\Windows\system32\NvRCoZhc.dll
2014-12-07 15:38:49 ----A---- C:\Windows\system32\NvRCoSv.dll
2014-12-07 15:38:49 ----A---- C:\Windows\system32\NVCOSMU.DLL
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoRu.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoPtb.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoNo.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoNl.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoKo.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoJa.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoIt.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoFr.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoFi.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoEsm.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoEs.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoENU.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoEng.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoDe.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoDa.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\nvraiins.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\nvraidco.dll
2014-12-07 15:34:22 ----D---- C:\Windows\system32\wdi
2014-12-07 14:51:20 ----D---- C:\Windows\SYSWOW64\migration
2014-12-07 14:51:20 ----D---- C:\Windows\system32\migration
2014-12-07 14:38:54 ----D---- C:\Windows\debug
2014-12-07 14:36:25 ----D---- C:\Windows\Help
2014-12-07 13:48:20 ----D---- C:\Windows\Registration
2014-12-07 13:44:11 ----D---- C:\Recovery
2014-12-07 13:16:45 ----RSD---- C:\Windows\Media
2014-12-07 12:47:11 ----D---- C:\Windows\system32\LogFiles
2014-12-07 12:46:50 ----SHD---- C:\$Recycle.Bin
2014-12-07 12:46:43 ----D---- C:\Windows\system32\restore
2014-12-07 12:46:22 ----D---- C:\Windows\system32\Recovery
2014-12-07 12:46:22 ----D---- C:\Program Files\Windows NT
2014-12-07 12:44:11 ----D---- C:\Windows\rescache
2014-12-07 12:18:57 ----D---- C:\Windows\system32\CodeIntegrity
2014-12-07 12:13:10 ----D---- C:\Windows\system32\sysprep
2014-12-07 12:11:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-12-07 12:08:24 ----RASH---- C:\BOOTSECT.BAK
2014-12-07 12:08:22 ----SHD---- C:\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-07 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-07 267632]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2014-12-07 241696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 {16059ec5-52e8-4756-b01c-cdf3d1058db7}Gw64;{16059ec5-52e8-4756-b01c-cdf3d1058db7}Gw64; C:\Windows\system32\drivers\{16059ec5-52e8-4756-b01c-cdf3d1058db7}Gw64.sys [2014-12-07 48776]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-07 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-07 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-07 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-07 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-07 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-07 116728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-07 2001056]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-05-20 197408]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2014-12-07 28704]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 18776]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-06 1806400]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2014-01-06 11880]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2014-12-07 507392]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-07 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\STab\ProtectService.exe [2014-11-10 158864]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21007192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-11-28 5419792]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2014-01-28 2412344]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-12-07 484352]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-07 267440]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 07 pro 2014 19:59

Dobry vecer

Doinstalujte Internet Explorer 11 a vsechny ostatni dulezite MS aktualizace, protoze nezaplatovany OS nema cenu cistit - http://forum.viry.cz/viewtopic.php?f=29 ... 6#p1353406

Jsou krome tohoto problemu s PC jeste jine starosti?

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Maroš · #3 Příspěvek od **Maroš** » 07 pro 2014 20:12

Přidávám log po restartu, potřebuji to jenom pročistit, jinak je všechno OK, jenom se mi zdá že prohlížeč firefox nabíhá nějako dlouho.

# AdwCleaner v4.104 - Report created 07/12/2014 at 20:06:14
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Maros - MAROS-PC
# Running from : C:\Users\Maros\Desktop\adwcleaner_4.104.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : WindowsMangerProtect
Service Deleted : IHProtect Service
Service Deleted : {16059ec5-52e8-4756-b01c-cdf3d1058db7}Gw64

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\WindowsMangerProtect
[!] Folder Deleted : C:\Program Files (x86)\LuckyTab
[!] Folder Deleted : C:\Users\Maros\AppData\Roaming\337Games
[!] Folder Deleted : C:\Users\Maros\AppData\Roaming\goforfiles
[!] Folder Deleted : C:\Users\Maros\AppData\Roaming\webssearches
[!] Folder Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\Extensions\faststartff@gmail.com
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
File Deleted : C:\Windows\System32\drivers\{16059ec5-52e8-4756-b01c-cdf3d1058db7}Gw64.sys
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\user.js
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\7vo48m07.default\user.js
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\bzo11agf.default\user.js
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\wbd3el96.default-1362036004874\user.js
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\user.js

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\LuckyTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[5wyephc2.default-1407437177197\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[5wyephc2.default-1407437177197\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[5wyephc2.default-1407437177197\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

AdwCleaner[R0].txt - [6707 octets] - [07/12/2014 20:04:26]
AdwCleaner[S0].txt - [5287 octets] - [07/12/2014 20:06:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5347 octets] ##########

#4 Příspěvek od **altrok** » 07 pro 2014 20:17

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

spustte jako spravce
do velkeho okna zkopirujte script uvedeny nize
kliknete na Run script
po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
```
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
```

Maroš · #5 Příspěvek od **Maroš** » 07 pro 2014 21:30

Zoek log je tady.

Zoek.exe v5.0.0.0 Updated 06-December-2014
Tool run by Maros on ne 07.12.2014 at 20:19:53,75.
Microsoft Windows 7 Home Premium 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Maros\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7.12.2014 20:22:04 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~3\BlazeVideo deleted successfully
C:\PROGRA~3\Record deleted successfully
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully
C:\Users\Maros\AppData\Local\Adobe deleted successfully
C:\Users\Maros\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3069665083-342914711-435813968-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} deleted successfully
HKEY_USERS\S-1-5-21-3069665083-342914711-435813968-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A89A7E3-6ADD-4ef9-8EE7-A3C3B7D83BB0} deleted successfully
HKEY_USERS\S-1-5-21-3069665083-342914711-435813968-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-3069665083-342914711-435813968-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\prefs.js:
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\7vo48m07.default\prefs.js:

Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\7vo48m07.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\bzo11agf.default\prefs.js:

Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\bzo11agf.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\wbd3el96.default-1362036004874\prefs.js:
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\wbd3el96.default-1362036004874\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\prefs.js:

Added to C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197

user.js not found
---- Lines Box Rock removed from prefs.js ----
user_pref("extensions.Box Rock.asul", "1417970435952");
user_pref("extensions.Box Rock.aul", "1417970158802");
user_pref("extensions.Box Rock.irl", true);
user_pref("extensions.Box Rock.is", "EF22DDCZ");
user_pref("extensions.Box Rock.ug", "CE356A8E-8A08-4910-8C6F-E0D55194B60F");
---- Lines suggestor removed from prefs.js ----
user_pref("extensions.WinToFlashSuggestor.aid", "10045");
user_pref("extensions.WinToFlashSuggestor.uid", "e1a656c551e0b9c11c300ca513c925b2");
---- FireFox user.js and prefs.js backups ----

prefs_07.12.2014_2058_.backup

ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\7vo48m07.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_07.12.2014_2058_.backup

ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\bzo11agf.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_07.12.2014_2058_.backup

ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\wbd3el96.default-1362036004874

user.js not found
---- Lines suggestor removed from prefs.js ----
user_pref("extensions.WinToFlashSuggestor.aid", "10045");
user_pref("extensions.WinToFlashSuggestor.uid", "e1a656c551e0b9c11c300ca513c925b2");
---- FireFox user.js and prefs.js backups ----

prefs_07.12.2014_2058_.backup

ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default

user.js not found
---- Lines suggestor removed from prefs.js ----
user_pref("extensions.WinToFlashSuggestor.aid", "10045");
user_pref("extensions.WinToFlashSuggestor.uid", "e1a656c551e0b9c11c300ca513c925b2");
---- FireFox user.js and prefs.js backups ----

prefs_07.12.2014_2058_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\webssearches.xml deleted
C:\PROGRA~2\GoForFilesUpdater deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\found.004 deleted
C:\Users\Maros\AppData\Roaming\Thinstall deleted
C:\Users\Maros\AppData\Local\Thinstall deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07.12.2014 14:08]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{54affe52-8223-453b-be1e-2fe2e250045c}"="C:\Users\Maros\AppData\Roaming\Lamantine\Sticky Password\spAutofill" [07.12.2014 14:17]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197
- Sticky Password Autofill Engine - C:\Users\Maros\AppData\Roaming\Lamantine\Sticky Password\spAutofill
- Undetermined - sk@dictionaries.addons.mozilla.org
- Undetermined - {54affe52-8223-453b-be1e-2fe2e250045c}
- Undetermined - {66E978CD-981F-47DF-AC42-E3CF417C1467}
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Slovnky slovenskho pravopisu - %ProfilePath%\extensions\sk@dictionaries.addons.mozilla.org
- Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@firefox.mozilla.org.xpi
- New Tab Homepage - %ProfilePath%\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\wbd3el96.default-1362036004874
- WinToFlash Suggestor - %ProfilePath%\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi

ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default
- Undetermined - C:\Users\MaroĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\extensions\cs@dictionaries.addons.mozilla.org
- Undetermined - C:\Program Files\Google\Google Gears\Firefox
- Undetermined - C:\Users\MaroĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
- Undetermined - C:\Users\MaroĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Undetermined - C:\Users\MaroĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\extensions\sk@dictionaries.addons.mozilla.org
- Undetermined - C:\Users\MaroĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\extensions\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}
- Undetermined - C:\Users\MaroĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
- Undetermined - C:\Users\MaroĹˇ\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\extensions\personas@christopher.beard
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- esk slovnky pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Personas - %ProfilePath%\extensions\personas@christopher.beard
- Slovnky slovenskho pravopisu - %ProfilePath%\extensions\sk@dictionaries.addons.mozilla.org
- WebTran - %ProfilePath%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Undetermined - %ProfilePath%\extensions\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}-trash
- jDownFF - %ProfilePath%\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66}
- Travissimo - %ProfilePath%\extensions\{c8810cc9-0aaa-4aed-8c67-b2b1918c1e08}
- Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}(403)
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- WinToFlash Suggestor - %ProfilePath%\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197
8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash

Profilepath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\7vo48m07.default
8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash

Profilepath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\bzo11agf.default
8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash

==== Deleted Firefox Extensions ======================

C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\wbd3el96.default-1362036004874\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi deleted
C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07.12.2014 14:08]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{1117AAFB-67B2-42BF-BEA6-2B877A39229E} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_14875"
{11948F48-1AA2-461F-90AA-DE576B4601E1} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_14875"
{21E23447-1A42-4EB0-943C-D52246ABF736} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_14875"
{362B5D9A-4C80-42AC-BA98-F9451A07CC20} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875"
{4E0248FB-D8DD-4A1D-9CD3-1E098E130D9B} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_14875"
{5DCAD5C9-C9CD-4899-A065-0C0C4A707AA3} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_14875"
{65153F63-FF91-47FA-9C81-AAD14EC29DFC} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_14875"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... d=ie7&rlz="
{85C6E9E3-347A-4888-AFE7-2DE45644DCC7} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_14875"
{8C10BEC6-331C-41C1-B656-00A6F29C89D9} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_14875"
{F9166AA1-2291-49E0-B0B4-94C0DC80CAD1} Bing Url="http://www.bing.com/search?FORM=UP97DF& ... -SearchBox"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maros\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maros\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFJ4PT9B will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDZPFAZW will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPGOA3M5 will be deleted at reboot
C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Maros\AppData\Local\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\cache2 emptied successfully
C:\Users\Maros\AppData\Local\Mozilla\Firefox\Profiles\7vo48m07.default\cache2 emptied successfully
C:\Users\Maros\AppData\Local\Mozilla\Firefox\Profiles\bzo11agf.default\cache2 emptied successfully
C:\Users\Maros\AppData\Local\Mozilla\Firefox\Profiles\k6wf88nd.default\cache2 emptied successfully
C:\Users\Maros\AppData\Local\Mozilla\Firefox\Profiles\v3bowuxp.default\cache2 emptied successfully
C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\z8tahf40.default\personas\cache emptied successfully
C:\Users\Public\AppData\Local\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=87 folders=41 23697930 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Maros\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Maros\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFJ4PT9B" not found
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDZPFAZW" not found
"C:\Users\Maros\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VPGOA3M5" not found

==== EOF on ne 07.12.2014 at 21:27:58,10 ======================

#6 Příspěvek od **altrok** » 07 pro 2014 21:32

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Maroš · #7 Příspěvek od **Maroš** » 07 pro 2014 21:53

Je zde.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Maros at 2014-12-07 21:51:44
Microsoft Windows 7 Home Premium
System drive C: has 13 GB (10%) free of 134 GB
Total RAM: 4095 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:49, on 7.12.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Sticky Password\stpass.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Maros.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8459 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss a888b1f7-4891-4f36-9f9e-92f898663e07 1
\??\C:\Windows\system32\conhost.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ded5c329-98ae-41d3-ac2b-a06bf116c060 -SystemEventPortName:HostProcess-310650ee-33d7-4508-a7d3-236944fea686 -IoCancelEventPortName:HostProcess-e5229b17-42ff-423f-82b9-de7e4ea8e1a3 -NonStateChangingEventPortName:HostProcess-1e7cd621-f6a0-403a-b9d3-51c5bb6cd114 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c35ef7e7-1070-4718-9f24-e87ab116c467
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe
taskhost.exe USER
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:1884
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Sticky Password\stpass.exe" -ShowCaptionButtonMenuWnd=459524
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"taskhost.exe"
"C:\Users\Maros\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\extensions\
cs@dictionaries.addons.mozilla.org
sk@dictionaries.addons.mozilla.org

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-07 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-07 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-03 30872160]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-07 5226600]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-07 21:44:38 ----D---- C:\Program Files (x86)\Canon
2014-12-07 21:28:07 ----SHD---- C:\$RECYCLE.BIN
2014-12-07 21:09:40 ----A---- C:\Windows\zoek-delete.exe
2014-12-07 21:09:39 ----D---- C:\Windows\Temp
2014-12-07 20:19:43 ----D---- C:\zoek_backup
2014-12-07 20:04:23 ----D---- C:\AdwCleaner
2014-12-07 20:04:23 ----A---- C:\AdwCleanerDebug.txt
2014-12-07 19:55:39 ----D---- C:\Windows\system32\log
2014-12-07 19:47:09 ----D---- C:\rsit
2014-12-07 19:47:09 ----D---- C:\Program Files\trend micro
2014-12-07 19:10:19 ----A---- C:\autoexec.bat
2014-12-07 18:44:28 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-12-07 18:44:28 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-12-07 18:44:28 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-12-07 18:44:28 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-12-07 18:44:27 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-12-07 18:44:27 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-12-07 18:43:51 ----A---- C:\Windows\system32\nvspcap64.dll
2014-12-07 18:43:50 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-12-07 18:43:04 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-12-07 18:43:01 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-12-07 18:31:45 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-12-07 18:31:45 ----A---- C:\Windows\system32\nvhdap64.dll
2014-12-07 18:31:45 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2014-12-07 18:31:45 ----A---- C:\Windows\system32\nvapo64v.dll
2014-12-07 18:31:45 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-12-07 18:31:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-12-07 18:31:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-12-07 18:31:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-12-07 18:31:44 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\nvopencl.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\nvoglv64.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\NvIFR64.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\NvFBC64.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-12-07 18:31:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-12-07 18:31:43 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-12-07 18:31:43 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-12-07 18:31:43 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvcuvid.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvcuda.dll
2014-12-07 18:31:43 ----A---- C:\Windows\system32\nvcompiler.dll
2014-12-07 18:26:06 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-12-07 18:25:56 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-12-07 18:25:56 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-12-07 18:25:13 ----D---- C:\NVIDIA
2014-12-07 17:53:34 ----A---- C:\Windows\system32\AF15BDAEX.dll
2014-12-07 17:53:32 ----A---- C:\Windows\system32\drivers\AF15BDA.sys
2014-12-07 17:41:12 ----D---- C:\ProgramData\Plugins
2014-12-07 17:35:42 ----D---- C:\ProgramData\IHProtectUpDate
2014-12-07 17:35:41 ----D---- C:\Program Files (x86)\STab
2014-12-07 17:29:41 ----A---- C:\Windows\SYSWOW64\SysInfo_6_6_p.dll
2014-12-07 17:12:06 ----D---- C:\Program Files (x86)\Google
2014-12-07 17:06:20 ----D---- C:\Windows\AutoKMS
2014-12-07 16:53:17 ----D---- C:\Program Files\Common Files\DESIGNER
2014-12-07 16:52:11 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-12-07 16:51:38 ----D---- C:\Windows\PCHEALTH
2014-12-07 16:51:38 ----D---- C:\Program Files\Microsoft Sync Framework
2014-12-07 16:51:38 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-12-07 16:49:33 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-12-07 16:48:17 ----D---- C:\Program Files\Microsoft Analysis Services
2014-12-07 16:48:17 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-12-07 16:47:57 ----D---- C:\Program Files (x86)\Microsoft Office
2014-12-07 16:47:51 ----D---- C:\ProgramData\Microsoft Help
2014-12-07 16:47:51 ----D---- C:\Program Files\Microsoft Office
2014-12-07 16:35:41 ----A---- C:\Windows\Uninstvga.bat
2014-12-07 16:35:41 ----A---- C:\Windows\Uninstuxga.bat
2014-12-07 16:35:41 ----A---- C:\Windows\Uninstsxga.bat
2014-12-07 16:35:41 ----A---- C:\Windows\system32\drivers\snp2uvc.sys
2014-12-07 16:35:41 ----A---- C:\Windows\system32\drivers\sncduvc.sys
2014-12-07 16:35:41 ----A---- C:\Windows\DrvInst.exe
2014-12-07 16:29:30 ----D---- C:\Users\Maros\AppData\Roaming\Skype
2014-12-07 16:29:21 ----RD---- C:\Program Files (x86)\Skype
2014-12-07 16:29:16 ----D---- C:\ProgramData\Skype
2014-12-07 16:21:22 ----D---- C:\Program Files (x86)\Adobe
2014-12-07 16:21:03 ----D---- C:\Program Files (x86)\TeamViewer
2014-12-07 16:20:11 ----D---- C:\ProgramData\Adobe
2014-12-07 16:10:27 ----D---- C:\Users\Maros\AppData\Roaming\WinRAR
2014-12-07 16:10:06 ----D---- C:\Program Files\WinRAR
2014-12-07 16:04:01 ----A---- C:\Windows\system32\TURegOpt.exe
2014-12-07 16:04:00 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-12-07 16:04:00 ----A---- C:\Windows\system32\authuitu.dll
2014-12-07 16:03:21 ----D---- C:\Users\Maros\AppData\Roaming\TuneUp Software
2014-12-07 16:03:10 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2014-12-07 15:57:51 ----HD---- C:\ProgramData\Common Files
2014-12-07 15:57:47 ----D---- C:\ProgramData\TuneUp Software
2014-12-07 15:48:44 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-12-07 15:47:28 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-12-07 15:47:28 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-12-07 15:47:28 ----A---- C:\Windows\system32\PresentationHost.exe
2014-12-07 15:47:28 ----A---- C:\Windows\system32\netfxperf.dll
2014-12-07 15:47:28 ----A---- C:\Windows\system32\mscoree.dll
2014-12-07 15:47:27 ----A---- C:\Windows\system32\dfshim.dll
2014-12-07 15:42:10 ----D---- C:\Program Files\SRS Labs
2014-12-07 15:42:04 ----SHD---- C:\Windows\Installer
2014-12-07 15:41:55 ----D---- C:\Windows\system32\SRSLabs
2014-12-07 15:41:54 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-12-07 15:41:54 ----D---- C:\Program Files\Realtek
2014-12-07 15:41:41 ----A---- C:\Windows\system32\drivers\SamSfPa.dat
2014-12-07 15:41:35 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-12-07 15:41:35 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RtkApi64.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RTEEP64A.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RTEEL64A.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RTEEG64A.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\RTEED64A.dll
2014-12-07 15:41:34 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-12-07 15:41:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-12-07 15:41:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-12-07 15:41:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-12-07 15:41:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-12-07 15:41:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-07 15:41:31 ----D---- C:\Program Files (x86)\Realtek
2014-12-07 15:41:31 ----A---- C:\Windows\system32\FMAPO64.dll
2014-12-07 15:41:31 ----A---- C:\Windows\system32\AERTAR64.dll
2014-12-07 15:41:31 ----A---- C:\Windows\system32\AERTAC64.dll
2014-12-07 15:41:29 ----HD---- C:\Program Files (x86)\Temp
2014-12-07 15:41:29 ----A---- C:\Windows\RtlExUpd.dll
2014-12-07 15:39:03 ----A---- C:\Windows\system32\NVUNINST.EXE
2014-12-07 15:10:17 ----D---- C:\Users\Maros\AppData\Roaming\Macromedia
2014-12-07 15:10:17 ----D---- C:\Users\Maros\AppData\Roaming\Adobe
2014-12-07 15:09:29 ----D---- C:\Users\Maros\AppData\Roaming\Mozilla
2014-12-07 14:58:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-07 14:58:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-07 14:51:21 ----SD---- C:\Windows\system32\CompatTel
2014-12-07 14:49:08 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2014-12-07 14:49:08 ----A---- C:\Windows\system32\wcncsvc.dll
2014-12-07 14:44:56 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-12-07 14:44:38 ----A---- C:\Windows\system32\browserchoice.exe
2014-12-07 14:38:54 ----D---- C:\Windows\system32\MRT
2014-12-07 14:38:49 ----A---- C:\Windows\system32\MRT.exe
2014-12-07 14:37:17 ----D---- C:\ProgramData\NVIDIA
2014-12-07 14:36:32 ----A---- C:\Windows\system32\nvshext.dll
2014-12-07 14:35:49 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-12-07 14:35:49 ----A---- C:\Windows\system32\OpenCL.dll
2014-12-07 14:33:23 ----D---- C:\ProgramData\NVIDIA Corporation
2014-12-07 14:33:14 ----D---- C:\Program Files\NVIDIA Corporation
2014-12-07 14:31:05 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-12-07 14:31:05 ----A---- C:\Windows\system32\drivers\ks.sys
2014-12-07 14:30:44 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-12-07 14:30:44 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-12-07 14:30:44 ----A---- C:\Windows\system32\secproc_isv.dll
2014-12-07 14:30:44 ----A---- C:\Windows\system32\secproc.dll
2014-12-07 14:30:44 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-12-07 14:30:44 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-12-07 14:30:44 ----A---- C:\Windows\system32\RMActivate.exe
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-12-07 14:30:43 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-12-07 14:30:43 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-12-07 14:30:43 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-12-07 14:30:43 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-12-07 14:30:38 ----A---- C:\Windows\system32\shell32.dll
2014-12-07 14:30:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-12-07 14:30:16 ----A---- C:\Windows\system32\ieframe.dll
2014-12-07 14:30:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-07 14:30:14 ----A---- C:\Windows\system32\urlmon.dll
2014-12-07 14:30:14 ----A---- C:\Windows\system32\msxml6.dll
2014-12-07 14:30:14 ----A---- C:\Windows\system32\msxml3.dll
2014-12-07 14:30:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-07 14:30:13 ----A---- C:\Windows\SYSWOW64\upnp.dll
2014-12-07 14:30:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-07 14:30:13 ----A---- C:\Windows\system32\upnp.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-12-07 14:30:12 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-12-07 14:30:12 ----A---- C:\Windows\system32\wscapi.dll
2014-12-07 14:30:12 ----A---- C:\Windows\system32\winhttp.dll
2014-12-07 14:30:12 ----A---- C:\Windows\system32\WebClnt.dll
2014-12-07 14:30:12 ----A---- C:\Windows\system32\davclnt.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\slwga.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-07 14:30:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-07 14:30:11 ----A---- C:\Windows\system32\wscsvc.dll
2014-12-07 14:30:11 ----A---- C:\Windows\system32\slwga.dll
2014-12-07 14:30:11 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-07 14:30:11 ----A---- C:\Windows\system32\ieui.dll
2014-12-07 14:30:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-12-07 14:30:06 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-12-07 14:30:06 ----A---- C:\Windows\system32\lsasrv.dll
2014-12-07 14:30:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-12-07 14:30:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-12-07 14:30:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-12-07 14:30:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-12-07 14:29:58 ----A---- C:\Windows\system32\generaltel.dll
2014-12-07 14:29:58 ----A---- C:\Windows\system32\aepdu.dll
2014-12-07 14:29:58 ----A---- C:\Windows\system32\aeinv.dll
2014-12-07 14:29:53 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-12-07 14:29:53 ----A---- C:\Windows\system32\poqexec.exe
2014-12-07 14:29:50 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-12-07 14:29:50 ----A---- C:\Windows\system32\winlogon.exe
2014-12-07 14:29:50 ----A---- C:\Windows\explorer.exe
2014-12-07 14:29:49 ----A---- C:\Windows\system32\win32k.sys
2014-12-07 14:29:48 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-12-07 14:29:48 ----A---- C:\Windows\system32\ntdll.dll
2014-12-07 14:27:44 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-12-07 14:27:44 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-12-07 14:24:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-07 14:24:23 ----D---- C:\Windows\SYSWOW64\Macromed
2014-12-07 14:24:21 ----D---- C:\Windows\system32\Macromed
2014-12-07 14:17:28 ----D---- C:\Users\Maros\AppData\Roaming\Lamantine
2014-12-07 14:14:45 ----D---- C:\Program Files (x86)\Sticky Password
2014-12-07 14:09:43 ----D---- C:\ProgramData\Mozilla
2014-12-07 14:09:01 ----D---- C:\Users\Maros\AppData\Roaming\AVAST Software
2014-12-07 14:08:38 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-12-07 14:08:38 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-12-07 14:08:37 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-12-07 14:08:37 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-12-07 14:08:37 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-12-07 14:08:36 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-12-07 14:08:36 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-12-07 14:08:33 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-12-07 14:08:29 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-07 14:08:27 ----A---- C:\Windows\avastSS.scr
2014-12-07 14:05:34 ----D---- C:\Program Files\AVAST Software
2014-12-07 14:04:55 ----D---- C:\ProgramData\AVAST Software
2014-12-07 13:47:48 ----A---- C:\Windows\system32\emptyregdb.dat
2014-12-07 12:59:39 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-07 12:54:06 ----D---- C:\Users\Maros\AppData\Roaming\GHISLER
2014-12-07 12:47:27 ----A---- C:\Windows\system32\wups.dll
2014-12-07 12:47:27 ----A---- C:\Windows\system32\wudriver.dll
2014-12-07 12:47:27 ----A---- C:\Windows\system32\wuapi.dll
2014-12-07 12:47:07 ----A---- C:\Windows\system32\wuwebv.dll
2014-12-07 12:47:07 ----A---- C:\Windows\system32\wuapp.exe
2014-12-07 12:46:56 ----D---- C:\Users\Maros\AppData\Roaming\Identities
2014-12-07 12:46:34 ----SD---- C:\Users\Maros\AppData\Roaming\Microsoft
2014-12-07 12:46:34 ----D---- C:\Users\Maros\AppData\Roaming\Media Center Programs
2014-12-07 12:46:22 ----SHD---- C:\ProgramData\Šablony
2014-12-07 12:46:22 ----SHD---- C:\ProgramData\Nabídka Start
2014-12-07 12:46:22 ----SHD---- C:\ProgramData\Data aplikací
2014-12-07 12:46:22 ----A---- C:\Windows\system32\wups2.dll
2014-12-07 12:46:22 ----A---- C:\Windows\system32\wucltux.dll
2014-12-07 12:46:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-12-07 12:46:22 ----A---- C:\Windows\system32\wuauclt.exe
2014-12-07 12:46:21 ----SHD---- C:\ProgramData\Plocha
2014-12-07 12:46:21 ----SHD---- C:\ProgramData\Oblíbené položky
2014-12-07 12:46:21 ----SHD---- C:\ProgramData\Dokumenty
2014-12-07 12:41:52 ----N---- C:\bootsqm.dat
2014-12-07 12:12:22 ----D---- C:\Windows\SoftwareDistribution
2014-12-07 12:09:12 ----D---- C:\Windows\Prefetch
2014-12-07 12:09:10 ----ASH---- C:\hiberfil.sys
2014-12-07 12:08:36 ----D---- C:\Windows\Panther
2014-12-07 11:59:28 ----D---- C:\Windows.old
2014-11-21 13:50:03 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2014-12-07 21:44:38 ----RD---- C:\Program Files (x86)
2014-12-07 21:27:53 ----D---- C:\Windows\system32\Tasks
2014-12-07 21:27:51 ----D---- C:\Windows\Tasks
2014-12-07 21:27:24 ----HD---- C:\ProgramData
2014-12-07 21:26:15 ----D---- C:\Windows
2014-12-07 21:25:23 ----D---- C:\Windows\Microsoft.NET
2014-12-07 21:25:01 ----RSD---- C:\Windows\assembly
2014-12-07 20:59:49 ----D---- C:\Windows\system32\GroupPolicy
2014-12-07 20:21:59 ----SHD---- C:\System Volume Information
2014-12-07 20:19:45 ----D---- C:\Windows\SysWOW64
2014-12-07 20:06:20 ----D---- C:\Windows\system32\drivers
2014-12-07 19:55:39 ----D---- C:\Windows\System32
2014-12-07 19:47:09 ----RD---- C:\Program Files
2014-12-07 19:47:04 ----D---- C:\Windows\inf
2014-12-07 19:47:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-07 19:03:45 ----A---- C:\Windows\win.ini
2014-12-07 18:43:53 ----D---- C:\Windows\Logs
2014-12-07 18:43:32 ----D---- C:\Windows\system32\DriverStore
2014-12-07 18:43:32 ----D---- C:\Windows\system32\catroot
2014-12-07 18:43:31 ----D---- C:\Temp
2014-12-07 18:40:55 ----D---- C:\Windows\system32\catroot2
2014-12-07 18:32:00 ----RD---- C:\Users
2014-12-07 17:06:03 ----D---- C:\Windows\system32\config
2014-12-07 16:55:54 ----D---- C:\Windows\winsxs
2014-12-07 16:53:45 ----RSD---- C:\Windows\Fonts
2014-12-07 16:53:20 ----D---- C:\Windows\ShellNew
2014-12-07 16:53:17 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-12-07 16:53:17 ----D---- C:\Program Files\Common Files
2014-12-07 16:51:57 ----D---- C:\Program Files (x86)\MSBuild
2014-12-07 16:51:38 ----SD---- C:\ProgramData\Microsoft
2014-12-07 16:48:49 ----D---- C:\Program Files\Common Files\System
2014-12-07 16:29:22 ----D---- C:\Program Files (x86)\Common Files
2014-12-07 15:50:34 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-07 15:50:34 ----D---- C:\Windows\system32\cs-CZ
2014-12-07 15:48:46 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-07 15:48:46 ----D---- C:\Windows\system32\en-US
2014-12-07 15:42:27 ----A---- C:\Windows\system32\nvuhda6.exe
2014-12-07 15:42:26 ----A---- C:\Windows\system32\nvcohda6.dll
2014-12-07 15:42:25 ----A---- C:\Windows\system32\nvudisp.exe
2014-12-07 15:42:20 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2014-12-07 15:42:20 ----A---- C:\Windows\system32\nvdecodemft.dll
2014-12-07 15:42:17 ----A---- C:\Windows\system32\nvcod162.dll
2014-12-07 15:42:17 ----A---- C:\Windows\system32\nvcod.dll
2014-12-07 15:42:14 ----A---- C:\Windows\system32\dpinst.exe
2014-12-07 15:38:49 ----A---- C:\Windows\system32\nvusmu.exe
2014-12-07 15:38:49 ----A---- C:\Windows\system32\NvRCoZht.dll
2014-12-07 15:38:49 ----A---- C:\Windows\system32\NvRCoZhc.dll
2014-12-07 15:38:49 ----A---- C:\Windows\system32\NvRCoSv.dll
2014-12-07 15:38:49 ----A---- C:\Windows\system32\NVCOSMU.DLL
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoRu.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoPtb.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoNo.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoNl.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoKo.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoJa.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoIt.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoFr.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoFi.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoEsm.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoEs.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoENU.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoEng.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoDe.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\NvRCoDa.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\nvraiins.dll
2014-12-07 15:38:48 ----A---- C:\Windows\system32\nvraidco.dll
2014-12-07 15:34:22 ----D---- C:\Windows\system32\wdi
2014-12-07 14:51:20 ----D---- C:\Windows\SYSWOW64\migration
2014-12-07 14:51:20 ----D---- C:\Windows\system32\migration
2014-12-07 14:38:54 ----D---- C:\Windows\debug
2014-12-07 14:36:25 ----D---- C:\Windows\Help
2014-12-07 13:48:20 ----D---- C:\Windows\Registration
2014-12-07 13:44:11 ----D---- C:\Recovery
2014-12-07 13:16:45 ----RSD---- C:\Windows\Media
2014-12-07 12:47:11 ----D---- C:\Windows\system32\LogFiles
2014-12-07 12:46:43 ----D---- C:\Windows\system32\restore
2014-12-07 12:46:22 ----D---- C:\Windows\system32\Recovery
2014-12-07 12:46:22 ----D---- C:\Program Files\Windows NT
2014-12-07 12:44:11 ----D---- C:\Windows\rescache
2014-12-07 12:18:57 ----D---- C:\Windows\system32\CodeIntegrity
2014-12-07 12:13:10 ----D---- C:\Windows\system32\sysprep
2014-12-07 12:11:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-12-07 12:08:24 ----RASH---- C:\BOOTSECT.BAK
2014-12-07 12:08:22 ----SHD---- C:\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-07 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-07 267632]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2014-12-07 241696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-07 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-07 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-07 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-07 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-07 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-07 116728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-07 2001056]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-05-20 197408]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2014-12-07 28704]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 18776]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-06 1806400]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2014-01-06 11880]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2014-12-07 507392]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-07 50344]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21007192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-11-28 5419792]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2014-01-28 2412344]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-07 267440]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

-----------------EOF-----------------

#8 Příspěvek od **altrok** » 07 pro 2014 22:00

Jak jsem psal vyse... nezaplatovany system nema cenu lecit, takze doinstalujte IE 11 a vsechny ostatni dulezite aktualizace.

Chtel jsem v tomto kroku log z FRST (predchozi prispevek obsahuje link na navod), nikoliv z RSIT.

Maroš · #9 Příspěvek od **Maroš** » 07 pro 2014 22:22

Omlouvám se, přidávám ten správní.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Maros (administrator) on MAROS-PC on 07-12-2014 22:02:53
Running from C:\Users\Maros\Desktop
Loaded Profile: Maros (Available profiles: Maros)
Platform: Windows 7 Home Premium (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-07] (AVAST Software)
HKU\S-1-5-21-3069665083-342914711-435813968-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872160 2014-12-03] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {1117AAFB-67B2-42BF-BEA6-2B877A39229E} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {11948F48-1AA2-461F-90AA-DE576B4601E1} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {21E23447-1A42-4EB0-943C-D52246ABF736} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {362B5D9A-4C80-42AC-BA98-F9451A07CC20} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {4E0248FB-D8DD-4A1D-9CD3-1E098E130D9B} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {5DCAD5C9-C9CD-4899-A065-0C0C4A707AA3} URL = http://www.novinky.cz/hledej?w={searchT ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {65153F63-FF91-47FA-9C81-AAD14EC29DFC} URL = http://encyklopedie.seznam.cz/search?q= ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {85C6E9E3-347A-4888-AFE7-2DE45644DCC7} URL = http://www.mapy.cz/?query={searchTerms} ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {8C10BEC6-331C-41C1-B656-00A6F29C89D9} URL = http://search.seznam.cz/?q={searchTerms ... arch_14875
SearchScopes: HKU\S-1-5-21-3069665083-342914711-435813968-1000 -> {F9166AA1-2291-49E0-B0B4-94C0DC80CAD1} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3069665083-342914711-435813968-1000: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\Extensions\cs@dictionaries.addons.mozilla.org [2014-12-07]
FF Extension: Slovníky slovenského pravopisu - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\Extensions\sk@dictionaries.addons.mozilla.org [2014-12-07]
FF Extension: Czech (CZ) Language Pack - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\Extensions\langpack-cs@firefox.mozilla.org.xpi [2014-12-07]
FF Extension: New Tab Homepage - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2014-12-07]
FF Extension: Adblock Plus - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\5wyephc2.default-1407437177197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-07]
FF HKU\S-1-5-21-3069665083-342914711-435813968-1000\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Maros\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF Extension: Sticky Password Autofill Engine - C:\Users\Maros\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2014-12-07]
FF Extension: No Name - {54affe52-8223-453b-be1e-2fe2e250045c} [Not Found]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-07] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-07] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-06] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2014-01-06] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 22:02 - 2014-12-07 22:03 - 00013228 _____ () C:\Users\Maros\Desktop\FRST.txt
2014-12-07 22:02 - 2014-12-07 22:02 - 02119680 _____ (Farbar) C:\Users\Maros\Desktop\FRST64.exe
2014-12-07 22:02 - 2014-12-07 22:02 - 00000000 ____D () C:\FRST
2014-12-07 21:44 - 2014-12-07 21:44 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-12-07 21:41 - 2014-12-07 21:44 - 00000000 ____D () C:\Users\Maros\Downloads\canon
2014-12-07 21:09 - 2014-12-07 20:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-07 20:21 - 2014-12-07 21:27 - 00023711 _____ () C:\zoek-results.log
2014-12-07 20:20 - 2014-12-07 20:20 - 01295360 _____ () C:\Users\Maros\Desktop\zoek(1).exe
2014-12-07 20:19 - 2014-12-07 21:05 - 00000000 ____D () C:\zoek_backup
2014-12-07 20:19 - 2014-12-07 20:19 - 01295360 _____ () C:\Users\Maros\Desktop\zoek.exe
2014-12-07 20:14 - 2014-12-07 20:19 - 274075712 _____ (NVIDIA Corporation) C:\Users\Maros\Downloads\340.52-notebook-win8-win7-64bit-international-whql.exe
2014-12-07 20:04 - 2014-12-07 20:06 - 00000000 ____D () C:\AdwCleaner
2014-12-07 20:04 - 2014-12-07 20:04 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-07 20:03 - 2014-12-07 20:03 - 02153472 _____ () C:\Users\Maros\Desktop\adwcleaner_4.104.exe
2014-12-07 19:55 - 2014-12-07 20:06 - 00000000 ____D () C:\Windows\system32\log
2014-12-07 19:53 - 2014-12-07 19:54 - 16245128 _____ (Elex do Brasil Participações Ltda) C:\Users\Maros\Downloads\yet_another_cleaner_sk_5761692.exe
2014-12-07 19:47 - 2014-12-07 21:51 - 00000000 ____D () C:\Program Files\trend micro
2014-12-07 19:47 - 2014-12-07 19:47 - 00000000 ____D () C:\rsit
2014-12-07 19:46 - 2014-12-07 19:46 - 01222144 _____ () C:\Users\Maros\Desktop\RSITx64.exe
2014-12-07 19:24 - 2014-12-07 19:26 - 32507072 _____ (Microsoft Corporation) C:\Users\Maros\Downloads\Windows-KB890830-x64-V5.18.exe
2014-12-07 19:23 - 2014-12-07 19:36 - 350127064 _____ (Norman Shark AS) C:\Users\Maros\Downloads\Norman_Malware_Cleaner.exe
2014-12-07 19:10 - 2014-12-07 19:10 - 00000000 _____ () C:\autoexec.bat
2014-12-07 19:08 - 2014-12-07 19:08 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Maros\Downloads\SpyHunter-Installer.exe
2014-12-07 19:02 - 2014-12-07 19:02 - 00003150 _____ () C:\Windows\System32\Tasks\{86ADE538-B6FA-478A-95E8-0B162DF2AF5B}
2014-12-07 18:58 - 2014-12-07 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-07 18:57 - 2014-12-07 21:27 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-07 18:44 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-07 18:44 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-07 18:44 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-07 18:44 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-07 18:44 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-07 18:44 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-07 18:43 - 2014-12-07 18:43 - 00000000 ____D () C:\Users\Maros\AppData\Local\NVIDIA Corporation
2014-12-07 18:43 - 2014-12-07 18:43 - 00000000 ____D () C:\Users\Maros\AppData\Local\NVIDIA
2014-12-07 18:43 - 2014-12-07 18:43 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-07 18:43 - 2014-05-20 00:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-07 18:43 - 2014-04-30 19:27 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-07 18:43 - 2014-04-30 19:26 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-07 18:42 - 2014-05-15 00:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-07 18:31 - 2014-05-20 03:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-07 18:31 - 2014-05-20 03:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-07 18:31 - 2014-05-20 03:44 - 00074016 _____ (NVIDIA Corporation) C:\Windows\system32\nvapo64v.dll
2014-12-07 18:31 - 2014-05-20 03:44 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-07 18:26 - 2014-03-31 17:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-07 18:25 - 2014-12-07 18:25 - 00000000 ____D () C:\NVIDIA
2014-12-07 18:25 - 2014-03-31 17:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-07 18:25 - 2014-03-31 17:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-07 18:16 - 2014-12-07 18:24 - 333878864 _____ (NVIDIA Corporation) C:\Users\Maros\Downloads\337.88-notebook-win8-win7-64bit-international-whql.exe
2014-12-07 17:53 - 2014-12-07 18:07 - 00009486 _____ () C:\Windows\DPINST.LOG
2014-12-07 17:53 - 2014-12-07 17:53 - 00507392 _____ (ITETech ) C:\Windows\system32\Drivers\AF15BDA.sys
2014-12-07 17:53 - 2014-12-07 17:53 - 00028672 _____ (afa) C:\Windows\system32\AF15BDAEX.dll
2014-12-07 17:53 - 2014-12-07 17:53 - 00000140 _____ () C:\Windows\system32\AF15IRTBL.bin
2014-12-07 17:46 - 2014-12-07 17:46 - 00000000 ____D () C:\Users\Maros\Downloads\BlazeVideo-HDTV-Player-Professional-6.6-+-crack
2014-12-07 17:44 - 2014-12-07 18:06 - 00000000 ____D () C:\Users\Maros\Downloads\Blaze
2014-12-07 17:42 - 2014-12-07 17:45 - 31607790 _____ () C:\Users\Maros\Downloads\BlazeVideo-HDTV-Player-Professional-6.6-+-crack.zip
2014-12-07 17:41 - 2014-12-07 19:32 - 00003572 _____ () C:\ProgramData\LSDmbTH.log
2014-12-07 17:41 - 2014-12-07 19:32 - 00003572 _____ () C:\ProgramData\LmeUSB.log
2014-12-07 17:41 - 2014-12-07 19:32 - 00003518 _____ () C:\ProgramData\LmeZJSW.log
2014-12-07 17:41 - 2014-12-07 19:32 - 00003494 _____ () C:\ProgramData\PipShareTuner.log
2014-12-07 17:41 - 2014-12-07 17:41 - 00000000 ____D () C:\ProgramData\Plugins
2014-12-07 17:35 - 2014-12-07 17:35 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2014-12-07 17:35 - 2014-12-07 17:35 - 00000000 ____D () C:\Program Files (x86)\STab
2014-12-07 17:34 - 2014-12-07 17:34 - 00003104 _____ () C:\Windows\System32\Tasks\Update Service GoForFiles
2014-12-07 17:33 - 2014-12-07 17:34 - 03874824 _____ (http://goforfiles.com) C:\Users\Maros\Downloads\blazeDTV_6.6_keygen_downloader.exe
2014-12-07 17:29 - 2014-12-07 17:29 - 00000014 _____ () C:\Windows\SysWOW64\SysInfo_6_6_p.dll
2014-12-07 17:28 - 2014-12-07 17:28 - 00000000 ____D () C:\Users\Maros\Downloads\BlPP66
2014-12-07 17:27 - 2014-12-07 17:28 - 31527373 _____ () C:\Users\Maros\Downloads\BlPP66.rar
2014-12-07 17:12 - 2014-12-07 17:12 - 00001108 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-12-07 17:12 - 2014-12-07 17:12 - 00000000 ____D () C:\Users\Maros\AppData\Local\Google
2014-12-07 17:12 - 2014-12-07 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-12-07 17:12 - 2014-12-07 17:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-07 17:11 - 2014-12-07 17:11 - 17312072 _____ (Google Inc.) C:\Users\Maros\Downloads\picasa39-setup.exe
2014-12-07 17:09 - 2014-12-07 17:09 - 00000000 ____D () C:\Users\Maros\Downloads\BlazeVid.HDTV.6.6.0.3_portab
2014-12-07 17:06 - 2014-12-07 21:27 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-12-07 17:06 - 2014-12-07 21:27 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-12-07 17:06 - 2014-12-07 18:58 - 00000000 ____D () C:\Windows\AutoKMS
2014-12-07 16:59 - 2014-12-07 17:04 - 61377852 _____ () C:\Users\Maros\Downloads\BlazeVid.HDTV.6.6.0.3_portab.rar
2014-12-07 16:55 - 2014-12-07 16:55 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-12-07 16:54 - 2014-12-07 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-12-07 16:54 - 2014-12-07 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-07 16:53 - 2014-12-07 16:53 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-12-07 16:52 - 2014-12-07 16:52 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-12-07 16:51 - 2014-12-07 16:51 - 00000000 ____D () C:\Windows\PCHEALTH
2014-12-07 16:51 - 2014-12-07 16:51 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-12-07 16:51 - 2014-12-07 16:51 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-12-07 16:49 - 2014-12-07 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-12-07 16:48 - 2014-12-07 16:48 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-12-07 16:48 - 2014-12-07 16:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-12-07 16:47 - 2014-12-07 16:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-07 16:47 - 2014-12-07 16:51 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-12-07 16:47 - 2014-12-07 16:47 - 00000000 ____D () C:\Users\Maros\AppData\Local\Microsoft Help
2014-12-07 16:47 - 2014-12-07 16:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-12-07 16:35 - 2009-06-06 01:15 - 01806400 _____ () C:\Windows\system32\Drivers\snp2uvc.sys
2014-12-07 16:35 - 2009-06-06 01:15 - 00042176 _____ () C:\Windows\system32\Drivers\sncduvc.sys
2014-12-07 16:35 - 2009-06-06 01:15 - 00019008 _____ (Chicony (C) 2006 ATC) C:\Windows\DrvInst.exe
2014-12-07 16:35 - 2009-05-27 22:41 - 00002266 _____ () C:\Windows\Uninstvga.bat
2014-12-07 16:35 - 2009-02-02 17:57 - 00002008 _____ () C:\Windows\Uninstsxga.bat
2014-12-07 16:35 - 2008-06-26 02:00 - 00001682 _____ () C:\Windows\Uninstuxga.bat
2014-12-07 16:35 - 2008-03-22 05:44 - 00000386 _____ () C:\Windows\Uninstsxga.reg
2014-12-07 16:35 - 2008-03-22 05:44 - 00000384 _____ () C:\Windows\Uninstvga.reg
2014-12-07 16:35 - 2008-03-22 05:38 - 00000386 _____ () C:\Windows\Uninstuxga.reg
2014-12-07 16:29 - 2014-12-07 22:02 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Skype
2014-12-07 16:29 - 2014-12-07 16:29 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-12-07 16:29 - 2014-12-07 16:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-07 16:29 - 2014-12-07 16:29 - 00000000 ____D () C:\Users\Maros\AppData\Local\Skype
2014-12-07 16:29 - 2014-12-07 16:29 - 00000000 ____D () C:\ProgramData\Skype
2014-12-07 16:29 - 2014-12-07 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-07 16:26 - 2014-12-07 16:26 - 00000000 ____D () C:\Users\Maros\AppData\Local\TeamViewer
2014-12-07 16:21 - 2014-12-07 16:23 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-12-07 16:21 - 2014-12-07 16:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-07 16:21 - 2014-12-07 16:21 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-12-07 16:21 - 2014-12-07 16:21 - 00001045 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-07 16:21 - 2014-12-07 16:21 - 00001033 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2014-12-07 16:21 - 2014-12-07 16:21 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-07 16:20 - 2014-12-07 16:21 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-07 16:19 - 2014-12-07 16:19 - 38624400 _____ (Adobe Systems Incorporated) C:\Users\Maros\Downloads\AdbeRdr11000_cs_CZ.exe
2014-12-07 16:19 - 2014-12-07 16:19 - 07699024 _____ (TeamViewer GmbH) C:\Users\Maros\Downloads\TeamViewer_Setup_cs-ckq.exe
2014-12-07 16:19 - 2014-12-07 16:19 - 00384529 _____ () C:\Users\Maros\Downloads\Lista_centrum.exe
2014-12-07 16:18 - 2014-12-07 16:20 - 44833376 _____ (Skype Technologies S.A.) C:\Users\Maros\Downloads\SkypeSetupFull.exe
2014-12-07 16:17 - 2014-12-07 16:17 - 00733376 _____ () C:\Users\Maros\Downloads\adobeacrobatreader-lista-centrumcz.exe
2014-12-07 16:10 - 2014-12-07 16:10 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\WinRAR
2014-12-07 16:10 - 2014-12-07 16:10 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-07 16:10 - 2014-12-07 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-07 16:10 - 2014-12-07 16:10 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-07 16:09 - 2014-12-07 16:09 - 00000000 ____D () C:\Users\Maros\Downloads\Kompresory-CZ
2014-12-07 16:08 - 2014-12-07 16:08 - 03711311 _____ () C:\Users\Maros\Downloads\Kompresory-CZ.zip
2014-12-07 16:04 - 2014-01-28 09:23 - 00035640 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-12-07 16:04 - 2014-01-28 09:23 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-12-07 16:04 - 2014-01-28 09:23 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-12-07 16:03 - 2014-12-07 16:15 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\TuneUp Software
2014-12-07 16:03 - 2014-12-07 16:03 - 00002219 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
2014-12-07 16:03 - 2014-12-07 16:03 - 00002207 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2014-12-07 16:03 - 2014-12-07 16:03 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp údržba 1 kliknutím.lnk
2014-12-07 16:03 - 2014-12-07 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
2014-12-07 16:03 - 2014-12-07 16:03 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-12-07 16:02 - 2014-12-07 16:02 - 00657182 _____ () C:\Users\Maros\Downloads\TU2013v13_0_3020CZ-language-pack.zip
2014-12-07 16:01 - 2014-12-07 16:02 - 30414736 _____ (TuneUp Software) C:\Users\Maros\Downloads\TuneUpUtilities2013_cs-CZ.exe
2014-12-07 15:57 - 2014-12-07 16:03 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-12-07 15:56 - 2014-12-07 15:57 - 28369720 _____ (TuneUp Software) C:\Users\Maros\Downloads\TuneUpUtilities2014_en-US.exe
2014-12-07 15:53 - 2014-12-07 15:53 - 00000000 ____D () C:\Users\Maros\AppData\Local\SRS Labs
2014-12-07 15:47 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-12-07 15:47 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-12-07 15:47 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-12-07 15:47 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-12-07 15:47 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2014-12-07 15:47 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2014-12-07 15:47 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-12-07 15:47 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2014-12-07 15:47 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2014-12-07 15:47 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-12-07 15:42 - 2014-12-07 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
2014-12-07 15:42 - 2014-12-07 15:42 - 00000000 ____D () C:\Program Files\SRS Labs
2014-12-07 15:41 - 2014-12-07 15:42 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-12-07 15:41 - 2014-12-07 15:41 - 02001056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-12-07 15:41 - 2014-12-07 15:41 - 01667104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 01445408 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 01178656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00831488 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00611872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-12-07 15:41 - 2014-12-07 15:41 - 00436768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00332320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00304640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00304640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00294912 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00149536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00064032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2014-12-07 15:41 - 2014-12-07 15:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-07 15:41 - 2014-12-07 15:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-12-07 15:41 - 2014-12-07 15:41 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-12-07 15:41 - 2014-12-07 15:41 - 00000000 ____D () C:\Program Files\Realtek
2014-12-07 15:41 - 2014-12-07 15:41 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-07 15:41 - 2014-12-07 15:40 - 00166400 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-12-07 15:41 - 2014-12-07 15:40 - 00108032 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-12-07 15:41 - 2014-12-07 15:40 - 00000520 _____ () C:\Windows\system32\Drivers\SamSfPa.dat
2014-12-07 15:41 - 2009-07-02 19:28 - 00363008 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-12-07 15:41 - 2009-07-02 19:28 - 00198656 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-12-07 15:41 - 2009-07-02 19:28 - 00095744 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-12-07 15:41 - 2009-07-02 19:28 - 00073216 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-12-07 15:39 - 2009-08-24 23:32 - 00541216 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE
2014-12-07 15:36 - 2014-12-07 16:35 - 00000000 ____D () C:\Users\Maros\Downloads\PC
2014-12-07 15:10 - 2014-12-07 15:10 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Macromedia
2014-12-07 15:10 - 2014-12-07 15:10 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Adobe
2014-12-07 15:10 - 2014-12-07 15:10 - 00000000 ____D () C:\Users\Maros\AppData\Local\Macromedia
2014-12-07 15:09 - 2014-12-07 15:09 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Mozilla
2014-12-07 14:58 - 2014-12-07 19:56 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-07 14:58 - 2014-12-07 19:56 - 00001333 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-07 14:58 - 2014-12-07 14:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-07 14:58 - 2014-12-07 14:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-07 14:52 - 2014-12-07 21:26 - 00011474 _____ () C:\Windows\PFRO.log
2014-12-07 14:51 - 2014-12-07 14:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-07 14:49 - 2010-09-14 07:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-12-07 14:49 - 2010-09-14 07:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-12-07 14:44 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-12-07 14:44 - 2009-10-10 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-12-07 14:38 - 2014-12-07 14:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-07 14:38 - 2014-10-31 23:26 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-07 14:37 - 2014-12-07 21:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-07 14:36 - 2014-05-20 02:25 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-07 14:35 - 2014-05-20 03:44 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-12-07 14:35 - 2014-05-20 03:44 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-12-07 14:33 - 2014-12-07 18:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-07 14:33 - 2014-12-07 18:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-07 14:31 - 2010-03-04 05:40 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-12-07 14:31 - 2010-03-04 05:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-12-07 14:30 - 2011-08-30 06:21 - 14164480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-07 14:30 - 2011-08-30 05:28 - 12868096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-07 14:30 - 2011-04-09 07:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-07 14:30 - 2011-04-09 07:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-12-07 14:30 - 2011-04-09 07:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-12-07 14:30 - 2010-12-21 07:16 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-07 14:30 - 2010-12-21 07:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-12-07 14:30 - 2010-12-21 07:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-12-07 14:30 - 2010-12-21 07:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-12-07 14:30 - 2010-12-21 07:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-12-07 14:30 - 2010-12-21 07:15 - 01498112 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-07 14:30 - 2010-12-21 07:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-12-07 14:30 - 2010-12-21 07:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-12-07 14:30 - 2010-12-21 07:13 - 02003968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-12-07 14:30 - 2010-12-21 07:13 - 01880576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-07 14:30 - 2010-12-21 07:11 - 12369408 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-07 14:30 - 2010-12-21 07:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-12-07 14:30 - 2010-12-21 06:38 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-07 14:30 - 2010-12-21 06:38 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-07 14:30 - 2010-12-21 06:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-12-07 14:30 - 2010-12-21 06:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-12-07 14:30 - 2010-12-21 06:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-12-07 14:30 - 2010-12-21 06:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-12-07 14:30 - 2010-12-21 06:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-12-07 14:30 - 2010-12-21 06:36 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-12-07 14:30 - 2010-12-21 06:36 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-07 14:30 - 2010-12-21 06:35 - 10989056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-07 14:30 - 2010-12-21 06:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-12-07 14:30 - 2010-11-04 07:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-07 14:30 - 2010-11-04 07:31 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-07 14:30 - 2010-11-04 06:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-07 14:30 - 2010-11-04 06:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-07 14:30 - 2010-01-19 10:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-12-07 14:30 - 2010-01-19 10:05 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-12-07 14:30 - 2010-01-19 10:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-12-07 14:30 - 2010-01-19 10:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-12-07 14:30 - 2010-01-19 10:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-12-07 14:30 - 2010-01-19 10:00 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-12-07 14:30 - 2010-01-19 10:00 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-12-07 14:30 - 2010-01-19 10:00 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-12-07 14:30 - 2010-01-19 00:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-12-07 14:30 - 2010-01-19 00:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-12-07 14:30 - 2010-01-19 00:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-12-07 14:30 - 2010-01-19 00:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-12-07 14:30 - 2010-01-19 00:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-12-07 14:30 - 2010-01-19 00:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-12-07 14:30 - 2010-01-19 00:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-12-07 14:30 - 2010-01-19 00:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-12-07 14:30 - 2009-12-11 11:29 - 00153160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-07 14:30 - 2009-12-11 10:24 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-07 14:30 - 2009-12-11 08:39 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-12-07 14:30 - 2009-12-11 08:36 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-12-07 14:29 - 2014-11-05 03:48 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-07 14:29 - 2014-11-05 03:47 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-07 14:29 - 2014-11-05 03:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-07 14:29 - 2014-09-15 01:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-07 14:29 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-07 14:29 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-07 14:29 - 2010-03-24 07:59 - 01736608 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-12-07 14:29 - 2010-03-24 07:37 - 01289528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-12-07 14:29 - 2009-10-31 07:34 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-12-07 14:29 - 2009-10-31 06:45 - 02614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-12-07 14:29 - 2009-10-28 07:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-12-07 14:27 - 2009-10-24 05:28 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-12-07 14:27 - 2009-10-24 05:27 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-12-07 14:25 - 2014-12-07 14:25 - 00000000 ____D () C:\Users\Maros\AppData\Local\Deployment
2014-12-07 14:24 - 2014-12-07 21:44 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-07 14:24 - 2014-12-07 14:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-07 14:24 - 2014-12-07 14:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-07 14:24 - 2014-12-07 14:24 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-07 14:24 - 2014-12-07 14:24 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-07 14:24 - 2014-12-07 14:24 - 00000000 ____D () C:\Windows\system32\Macromed
2014-12-07 14:17 - 2014-12-07 14:17 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Lamantine
2014-12-07 14:14 - 2014-12-07 14:14 - 00001094 _____ () C:\Users\Public\Desktop\Sticky Password.lnk
2014-12-07 14:14 - 2014-12-07 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2014-12-07 14:14 - 2014-12-07 14:14 - 00000000 ____D () C:\Program Files (x86)\Sticky Password
2014-12-07 14:13 - 2014-12-07 14:14 - 15042216 _____ (Lamantine Software ) C:\Users\Maros\Downloads\stpass_trial_6018485.exe
2014-12-07 14:09 - 2014-12-07 14:10 - 00000000 ____D () C:\Users\Maros\AppData\Local\Mozilla
2014-12-07 14:09 - 2014-12-07 14:09 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\AVAST Software
2014-12-07 14:09 - 2014-12-07 14:09 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-07 14:08 - 2014-12-07 14:09 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-07 14:08 - 2014-12-07 14:08 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-07 14:08 - 2014-12-07 14:08 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-07 14:08 - 2014-12-07 14:08 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-07 14:08 - 2014-12-07 14:08 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-07 14:08 - 2014-12-07 14:08 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-07 14:08 - 2014-12-07 14:08 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-07 14:08 - 2014-12-07 14:08 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-07 14:08 - 2014-12-07 14:08 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-07 14:08 - 2014-12-07 14:08 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-07 14:08 - 2014-12-07 14:08 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-07 14:08 - 2014-12-07 14:08 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-07 14:08 - 2014-12-07 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-07 14:07 - 2014-12-07 14:07 - 00244264 _____ () C:\Users\Maros\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-07 14:05 - 2014-12-07 14:05 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-07 14:04 - 2014-12-07 14:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-07 14:04 - 2014-12-07 14:04 - 05006864 _____ (AVAST Software) C:\Users\Maros\Downloads\avast_free_antivirus_setup_online.exe
2014-12-07 13:47 - 2014-12-07 13:47 - 00023308 _____ () C:\Windows\system32\emptyregdb.dat
2014-12-07 13:02 - 2014-12-07 14:25 - 00000000 ____D () C:\Users\Maros\AppData\Local\Apps\2.0
2014-12-07 12:59 - 2014-11-24 14:04 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-07 12:58 - 2014-12-07 13:48 - 00009014 _____ () C:\Windows\comsetup.log
2014-12-07 12:54 - 2014-12-07 12:54 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\GHISLER
2014-12-07 12:49 - 2014-12-07 17:00 - 00108824 _____ () C:\Users\Maros\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-07 12:49 - 2014-12-07 14:11 - 00000000 ___DC () C:\Users\Maros\AppData\Local\MigWiz
2014-12-07 12:47 - 2012-06-02 23:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-07 12:47 - 2012-06-02 23:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-07 12:47 - 2012-06-02 23:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-07 12:47 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-07 12:47 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-07 12:46 - 2014-12-07 19:56 - 00001629 _____ () C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-07 12:46 - 2014-12-07 19:56 - 00001607 _____ () C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-12-07 12:46 - 2014-12-07 17:42 - 00000000 ____D () C:\Users\Maros\AppData\Local\VirtualStore
2014-12-07 12:46 - 2014-12-07 13:15 - 00000000 ____D () C:\Users\Maros
2014-12-07 12:46 - 2014-12-07 12:46 - 00000020 ___SH () C:\Users\Maros\ntuser.ini
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Public\Documents\Obrázky
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Public\Documents\Hudba
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Public\Documents\Filmy
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Šablony
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Soubory cookie
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Poslední
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Okolní tiskárny
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Okolní síť
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Nabídka Start
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Dokumenty
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Documents\Obrázky
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Documents\Hudba
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Documents\Filmy
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\Data aplikací
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Maros\AppData\Local\Data aplikací
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Šablony
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Soubory cookie
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Poslední
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Okolní tiskárny
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Okolní síť
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Nabídka Start
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Dokumenty
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Documents\Obrázky
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Documents\Hudba
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Documents\Filmy
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\Data aplikací
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Data aplikací
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Obrázky
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Hudba
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Filmy
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Data aplikací
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\ProgramData\Šablony
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\ProgramData\Plocha
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\ProgramData\Oblíbené položky
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\ProgramData\Nabídka Start
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\ProgramData\Dokumenty
2014-12-07 12:46 - 2014-12-07 12:46 - 00000000 _SHDL () C:\ProgramData\Data aplikací
2014-12-07 12:46 - 2012-06-02 23:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-07 12:46 - 2012-06-02 23:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-07 12:46 - 2012-06-02 23:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-07 12:46 - 2012-06-02 23:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-07 12:46 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-07 12:46 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-07 12:41 - 2014-12-07 12:41 - 00003368 ____N () C:\bootsqm.dat
2014-12-07 12:13 - 2014-12-07 12:13 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-12-07 12:13 - 2014-12-07 12:13 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-12-07 12:13 - 2014-12-07 12:13 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-12-07 12:12 - 2014-12-07 22:00 - 00584655 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 12:11 - 2014-12-07 12:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-12-07 12:08 - 2014-12-07 12:46 - 00000000 ____D () C:\Windows\Panther
2014-12-07 11:59 - 2014-12-07 12:58 - 00000000 ____D () C:\Windows.old
2014-11-25 17:19 - 2014-11-25 17:20 - 26053768 _____ () C:\Users\Maros\Downloads\fuu_-win-mg5300-1_1-ea7.exe
2014-11-25 17:17 - 2014-11-25 17:18 - 18369656 _____ () C:\Users\Maros\Downloads\PIXMA_MG5340_MG5350_On-screen_User_Guide_WIN_V1.1_CS.exe
2014-11-24 15:30 - 2014-11-24 15:30 - 06788096 _____ () C:\Users\Maros\Downloads\Poděkování mejlovým přátelům.pps
2014-11-21 21:48 - 2014-12-07 13:08 - 00000000 ____D () C:\Users\Maros\Downloads\Novicorp WinToFlash 0.7.0048 beta
2014-11-21 21:48 - 2014-11-21 21:48 - 09674156 _____ () C:\Users\Maros\Downloads\Novicorp WinToFlash 0.7.0048 beta.zip
2014-11-21 21:46 - 2014-11-21 21:46 - 04831232 _____ (Geza Kovacs) C:\Users\Maros\Downloads\unetbootin-windows-608.exe
2014-11-21 20:57 - 2014-11-21 20:57 - 00083456 _____ () C:\Users\Maros\Downloads\MD5_and_SHA_Checksum_Utility.exe
2014-11-21 20:43 - 2014-11-21 20:43 - 04362512 _____ (Piriform Ltd) C:\Users\Maros\Downloads\dfsetup218.exe
2014-11-21 20:05 - 2014-12-07 13:08 - 00000000 ____D () C:\Users\Maros\Downloads\Chip
2014-11-21 20:04 - 2014-11-21 20:04 - 02913788 _____ () C:\Users\Maros\Downloads\chipcz-reader-install.exe
2014-11-21 15:09 - 2014-11-21 15:09 - 00166588 _____ () C:\unp304101323099402928.mdmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 21:32 - 2009-07-14 05:45 - 00020560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 21:32 - 2009-07-14 05:45 - 00020560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 21:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 21:26 - 2009-07-14 05:51 - 00020268 _____ () C:\Windows\setupact.log
2014-12-07 20:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-07 19:47 - 2009-07-14 16:18 - 00631292 _____ () C:\Windows\system32\perfh005.dat
2014-12-07 19:47 - 2009-07-14 16:18 - 00121914 _____ () C:\Windows\system32\perfc005.dat
2014-12-07 19:47 - 2009-07-14 06:13 - 01470062 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-07 19:03 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2014-12-07 18:57 - 2009-07-14 05:45 - 00407944 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-07 18:43 - 2013-08-22 09:58 - 00000000 ____D () C:\Temp
2014-12-07 17:30 - 2010-06-07 09:18 - 00000000 ____D () C:\Users\Maros\Documents\BlazeVideo
2014-12-07 16:53 - 2009-07-14 16:36 - 00000000 ____D () C:\Windows\ShellNew
2014-12-07 16:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-07 16:51 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-12-07 16:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-07 16:26 - 2010-12-21 15:29 - 00000000 ___SD () C:\Users\Maros\Documents\Sticky Passwords
2014-12-07 15:42 - 2009-08-15 21:25 - 00930272 _____ (Microsoft Corporation) C:\Windows\system32\dpinst.exe
2014-12-07 15:42 - 2009-08-15 21:25 - 00541216 _____ (NVIDIA Corporation) C:\Windows\system32\nvudisp.exe
2014-12-07 15:42 - 2009-08-15 21:25 - 00322080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdecodemft.dll
2014-12-07 15:42 - 2009-08-15 21:25 - 00256544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll
2014-12-07 15:42 - 2009-08-15 21:25 - 00173568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod162.dll
2014-12-07 15:42 - 2009-08-15 21:25 - 00173568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod.dll
2014-12-07 15:42 - 2009-08-15 21:25 - 00011168 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2014-12-07 15:42 - 2009-08-15 21:25 - 00010744 _____ () C:\Windows\system32\nvdisp.nvu
2014-12-07 15:42 - 2009-04-26 22:02 - 00506400 _____ (NVIDIA Corporation) C:\Windows\system32\nvuhda6.exe
2014-12-07 15:42 - 2009-04-26 22:02 - 00159232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcohda6.dll
2014-12-07 15:42 - 2009-04-26 21:59 - 00001407 _____ () C:\Windows\system32\nvhda.nvu
2014-12-07 15:38 - 2009-07-30 07:54 - 00402976 _____ (NVIDIA Corporation) C:\Windows\system32\nvraiins.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00402976 _____ (NVIDIA Corporation) C:\Windows\system32\nvraidco.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00241696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor64.sys
2014-12-07 15:38 - 2009-07-30 07:54 - 00018976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoPtb.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoIt.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoFr.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoEsm.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoEs.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoDe.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoSv.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoRu.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoNo.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoNl.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoFi.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00018464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoDa.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00017952 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoENU.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00017952 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoEng.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00016416 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoKo.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00016416 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoJa.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00015904 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoZht.dll
2014-12-07 15:38 - 2009-07-30 07:54 - 00015904 _____ (NVIDIA Corporation) C:\Windows\system32\NvRCoZhc.dll
2014-12-07 15:38 - 2009-06-29 15:36 - 00028704 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvsmu.sys
2014-12-07 15:38 - 2009-06-27 07:15 - 00539168 _____ (NVIDIA Corporation) C:\Windows\system32\nvusmu.exe
2014-12-07 15:38 - 2009-06-27 07:15 - 00167936 _____ (NVIDIA Corporation) C:\Windows\system32\NVCOSMU.DLL
2014-12-07 15:38 - 2009-05-21 08:36 - 00001383 _____ () C:\Windows\system32\nvsmu.nvu
2014-12-07 14:53 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-07 14:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-12-07 13:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2014-12-07 13:47 - 2009-07-14 16:36 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-07 13:47 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-07 13:44 - 2014-08-22 11:18 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-12-07 13:44 - 2014-02-11 08:44 - 00000000 ____D () C:\Users\Public\Documents\Pinnacle
2014-12-07 13:44 - 2014-01-04 12:57 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-12-07 13:44 - 2010-01-23 17:18 - 00000000 ____D () C:\Users\Public\Documents\ASUSAccess
2014-12-07 13:44 - 2010-01-23 17:04 - 00000000 ____D () C:\Users\Public\Documents\Boingo
2014-12-07 13:44 - 2009-07-29 06:10 - 00000000 ____D () C:\Recovery
2014-12-07 13:16 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2014-12-07 13:15 - 2013-08-11 20:44 - 00000000 ____D () C:\Users\Maros\VirtualBox VMs
2014-12-07 13:15 - 2012-07-29 21:21 - 00000000 ___RD () C:\Users\Maros\Virtual Machines
2014-12-07 13:15 - 2012-07-11 12:06 - 00000000 ___RD () C:\Users\Maros\SkyDrive
2014-12-07 13:15 - 2010-07-25 18:21 - 00000000 ____D () C:\Users\Maros\Tracing
2014-12-07 13:15 - 2010-05-30 14:11 - 00000000 ____D () C:\Users\Maros\SystemRequirementsLab
2014-12-07 13:15 - 2010-04-27 19:34 - 00000000 ____D () C:\Users\Maros\temp
2014-12-07 13:10 - 2014-10-27 15:45 - 00000000 ____D () C:\Users\Maros\Livestation
2014-12-07 13:10 - 2014-08-31 07:08 - 00000000 ____D () C:\Users\Maros\Downloads\US_w308r_ V5.07.51_en_02
2014-12-07 13:10 - 2014-08-31 07:05 - 00000000 ____D () C:\Users\Maros\Downloads\w311r+_V5.07.47_en
2014-12-07 13:10 - 2014-08-22 08:31 - 00000000 ____D () C:\Users\Maros\Downloads\WLan-Driver-802.11n-Rel.-4.80.28.7
2014-12-07 13:10 - 2014-04-24 19:07 - 00000000 ____D () C:\Users\Maros\Downloads\VAG-COM_304.0_CZ
2014-12-07 13:10 - 2014-04-24 19:05 - 00000000 ____D () C:\Users\Maros\Downloads\VAG-COM_304CZ
2014-12-07 13:10 - 2013-10-24 17:17 - 00000000 ____D () C:\Users\Maros\eTeks
2014-12-07 13:10 - 2013-05-22 18:13 - 00000000 ____D () C:\Users\Maros\Kontakt
2014-12-07 13:10 - 2010-04-27 20:00 - 00000000 ____D () C:\Users\Maros\kbpki
2014-12-07 13:09 - 2014-03-23 11:12 - 00000000 ____D () C:\Users\Maros\Downloads\P_R_O_100
2014-12-07 13:08 - 2014-08-30 11:48 - 00000000 ____D () C:\Users\Maros\Downloads\firmware_tenda_router_wireless-n_w311r+_v5.07.28_en_sgm01
2014-12-07 13:08 - 2014-08-10 12:12 - 00000000 ____D () C:\Users\Maros\Downloads\Manager_1_42
2014-12-07 13:07 - 2014-08-22 11:41 - 00000000 ____D () C:\Users\Maros\Downloads\8319
2014-12-07 13:07 - 2013-12-24 10:54 - 00000000 ___HD () C:\Users\Maros\Downloads\.picasaoriginals
2014-12-07 13:04 - 2014-10-30 09:31 - 00000000 ____D () C:\Users\Maros\Documents\NFS Most Wanted
2014-12-07 13:04 - 2014-10-22 12:03 - 00000000 ____D () C:\Users\Maros\Documents\Simply Super Software
2014-12-07 13:04 - 2014-08-07 17:21 - 00000000 ____D () C:\Users\Maros\Documents\KB
2014-12-07 13:04 - 2014-04-30 10:48 - 00000000 ____D () C:\Users\Maros\Documents\IAmAlive
2014-12-07 13:04 - 2014-02-23 15:11 - 00000000 ____D () C:\Users\Maros\Documents\TurboCAD Deluxe 19 CZ
2014-12-07 13:04 - 2014-02-23 14:50 - 00000000 ____D () C:\Users\Maros\Documents\TurboCAD Deluxe 12
2014-12-07 13:04 - 2014-01-13 12:36 - 00000000 ____D () C:\Users\Maros\Documents\TechCON-Temp
2014-12-07 13:04 - 2013-12-27 13:10 - 00000000 ____D () C:\Users\Maros\Documents\Soubory aplikace Outlook
2014-12-07 13:04 - 2013-12-17 13:35 - 00000000 ____D () C:\Users\Maros\Documents\Remedy
2014-12-07 13:04 - 2013-10-21 13:50 - 00000000 ____D () C:\Users\Maros\Documents\Ubisoft
2014-12-07 13:04 - 2013-03-30 10:37 - 00000000 ____D () C:\Users\Maros\Documents\THQ
2014-12-07 13:04 - 2013-03-24 14:22 - 00000000 ____D () C:\Users\Maros\Documents\Room Arranger
2014-12-07 13:04 - 2013-03-21 12:25 - 00000000 ____D () C:\Users\Maros\Documents\Criterion Games
2014-12-07 13:04 - 2013-03-07 14:58 - 00000000 ____D () C:\Users\Maros\Documents\NFSTR
2014-12-07 13:04 - 2013-01-25 12:06 - 00000000 ____D () C:\Users\Maros\Documents\My Virtual Machines
2014-12-07 13:04 - 2012-10-31 17:46 - 00000000 ___SD () C:\Users\Maros\Documents\Zdroje dat
2014-12-07 13:04 - 2012-09-12 16:19 - 00000000 ____D () C:\Users\Maros\Documents\WDC
2014-12-07 13:04 - 2011-12-05 21:29 - 00000000 ____D () C:\Users\Maros\Documents\Assassin's Creed Revelations
2014-12-07 13:04 - 2011-10-28 19:59 - 00000000 ____D () C:\Users\Maros\Documents\Samsung
2014-12-07 13:04 - 2011-06-17 10:44 - 00000000 ____D () C:\Users\Maros\Documents\My Weblog Posts
2014-12-07 13:04 - 2011-04-10 07:03 - 00000000 ____D () C:\Users\Maros\Documents\Shadow Harvest
2014-12-07 13:04 - 2011-01-12 13:12 - 00000000 ____D () C:\Users\Maros\Documents\My Games
2014-12-07 13:04 - 2010-10-27 08:15 - 00000000 ____D () C:\Users\Maros\Documents\ZPS13
2014-12-07 13:04 - 2010-06-26 11:06 - 00000000 ____D () C:\Users\Maros\Documents\DVDFab
2014-12-07 13:04 - 2010-05-09 11:05 - 00000000 __SHD () C:\Users\Maros\Documents\.awo
2014-12-07 13:04 - 2010-04-29 07:24 - 00000000 ____D () C:\Users\Maros\Documents\ASUS
2014-12-07 13:03 - 2013-04-11 12:34 - 00000000 ____D () C:\Users\Maros\Desktop\Původní data aplikace Firefox
2014-12-07 13:03 - 2011-02-05 09:19 - 00000000 ____D () C:\Users\Maros\Desktop\PDF
2014-12-07 13:02 - 2014-09-30 17:20 - 00000000 ____D () C:\Users\Maros\Desktop\LiveSuitPack_1.11
2014-12-07 13:02 - 2010-05-30 04:57 - 00000000 ____D () C:\Users\Maros\Desktop\OTAZKY
2014-12-07 13:02 - 2010-05-09 11:05 - 00000000 __SHD () C:\Users\Maros\Desktop\.awo
2014-12-07 13:01 - 2013-08-11 20:29 - 00000000 ____D () C:\Users\Maros\.VirtualBox
2014-12-07 13:01 - 2013-04-29 08:17 - 00000000 ____D () C:\Users\Maros\.ica
2014-12-07 12:46 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2014-12-07 12:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-07 12:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-12-07 12:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-12-07 12:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-07 12:20 - 2009-07-14 05:51 - 00000269 _____ () C:\Windows\setuperr.log
2014-12-07 12:13 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-07 12:13 - 2009-07-14 05:46 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-12-07 12:13 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-07 12:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-12-07 12:08 - 2009-07-29 07:03 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-12-07 12:08 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-12-07 12:08 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-11-27 21:25 - 2013-12-24 10:10 - 00000701 ____H () C:\Users\Maros\Downloads\.picasa.ini
2014-11-24 08:57 - 2011-06-26 20:20 - 00001165 _____ () C:\Users\Maros\Desktop\CoreTemp.ini

Some content of TEMP:
====================
C:\Users\Maros\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Maros\AppData\Local\Temp\uninstall.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-07 12:09

==================== End Of Log ============================

Maroš · #10 Příspěvek od **Maroš** » 07 pro 2014 22:23

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 01
Ran by Maros at 2014-12-07 22:03:57
Running from C:\Users\Maros\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Aktualizace NVIDIA 12.4.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 12.4.67 - NVIDIA Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 cs)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Ovládací panel NVIDIA 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.100 - Skype Technologies S.A.)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1200 - Název společnosti:)
Sticky Password 6.0.18.485 (HKLM-x32\...\Sticky Password_is1) (Version: 6.0 - Lamantine Software)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.244 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.244 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (cs-CZ) (x32 Version: 13.0.4000.244 - TuneUp Software) Hidden
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

07-12-2014 17:43:56 Nainstalováno rozhraní DirectX
07-12-2014 19:21:48 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {040F481C-EE26-4049-9F40-4E3200034D6C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-07] (Adobe Systems Incorporated)
Task: {15F3BCCF-1DBD-420C-A227-6FF25A07D458} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2FF31E90-E444-4210-8EBE-1E620F4C6B04} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-07] (AVAST Software)
Task: {A847AC5C-E5C6-449C-AA66-D50432ED60A7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-12-07] ()
Task: {ECE7068E-0C02-40E3-87D2-F154BD4C8464} - System32\Tasks\Update Service GoForFiles => C:\Program Files (x86)\GoForFilesUpdater\GoForFilesUpdater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe

==================== Loaded Modules (whitelisted) =============

2014-12-07 14:36 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-28 09:25 - 2014-01-28 09:25 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-07 19:00 - 2014-12-07 19:00 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120702\algo.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-07 14:08 - 2014-12-07 14:08 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-07 14:58 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3069665083-342914711-435813968-500 - Administrator - Disabled)
Guest (S-1-5-21-3069665083-342914711-435813968-501 - Limited - Disabled)
Maros (S-1-5-21-3069665083-342914711-435813968-1000 - Administrator - Enabled) => C:\Users\Maros

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 10:00:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 10:00:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 10:00:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 10:00:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1020) SUS20ClientDataStore: Ze záhlaví souboru protokolu C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log nelze číst. Chyba -546

System errors:
=============
Error: (12/07/2014 08:58:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/07/2014 08:58:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/07/2014 08:58:32 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/07/2014 08:58:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/07/2014 08:58:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/07/2014 08:06:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/07/2014 08:06:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft .NET Framework NGEN v4.0.30319_X64 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/07/2014 08:06:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft .NET Framework NGEN v4.0.30319_X86 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/07/2014 08:06:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/07/2014 08:06:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office Sessions:
=========================
Error: (12/07/2014 10:00:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 10:00:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 10:00:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 10:00:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

Error: (12/07/2014 09:30:06 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1020SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5900 @ 2.20GHz
Percentage of memory in use: 41%
Total physical RAM: 4095.27 MB
Available physical RAM: 2403.76 MB
Total Pagefile: 8188.68 MB
Available Pagefile: 6240.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:131.09 GB) (Free:12.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA2) (Fixed) (Total:465.76 GB) (Free:447.6 GB) NTFS
Drive e: (DATA) (Fixed) (Total:334.67 GB) (Free:147.29 GB) NTFS
Drive f: (MAROS) (Removable) (Total:14.41 GB) (Free:7.21 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Active) - (Size=131.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=334.7 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 7FCD829B)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0C)

==================== End Of Log ============================

#11 Příspěvek od **altrok** » 07 pro 2014 22:32

2x jsem Vas upozornil na dulezitost Windows aktualizaci, ted prikladam i navod. Dokud nebudou aktualizace nainstalovane, je opravdu zbytecne cokoliv lecit. Start -> Vsechny programy -> Windows Update, vlevo kliknete na Zkontrolovat aktualizace a pak je klikem na tlacitko Instalovat aktualizace nainstalujte.

Maroš · #12 Příspěvek od **Maroš** » 07 pro 2014 22:56

Aktualizace není možné vyhledat, po kliknutí pro vyhledání aktualizací se objeví hláška"Služba Windows Update nyní nemůže vyhledat aktualizace, protože tato služba není spuštěna, Zřejmě bude nutné restartovat počítač," Po restartu je to vždy to samé.

#13 Příspěvek od **altrok** » 07 pro 2014 23:08

Start -> Vsechny programy -> Windows Update -> Zmenit nastaveni -> zatrhnete Nikdy nevyhledavat aktualizace -> zkuste instalace vyhledat rucne ted, pripadne po restartu zpet odznacte Nikdy nevyhledavat aktualizace a opet zkuste rucne vyhledat aktualizace.

Pokud to nepomuze, pouzijte utility dle navodu kolegy

vyosek píše: Stahnete Service Repair http://kb.eset.com/library/ESET/KB%20Te ... Repair.exe
Ulozte nejlepe na Plochu

Spustte a potvrdte Yes abyste potvrdil reinstalaci sluzeb

Nasledne kliknutim na Yes potvrdte restart PC

Na Plose vznikne slozka CC Support, najdete tam log SvcRepair.txt - mel by byt CC Support\Logs\SvcRepair.txt - vlozte mi jej sem
Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe
Ulozte nejlepe na Plochu

U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)

Kliknete na Scan

Po dokonceni skenu se objevi log FSS.txt ten sem vlozte

Maroš · #14 Příspěvek od **Maroš** » 07 pro 2014 23:24

Log Opened: 2014-12-07 @ 23:20:18
23:20:18 - -----------------
23:20:18 - | Begin Logging |
23:20:18 - -----------------
23:20:18 - Fix started on a WIN_7 X64 computer
23:20:18 - Prep in progress. Please Wait.
23:20:20 - Prep complete
23:20:20 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\BFE\Parameters> failed with: Přístup byl odepřen.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\BFE> failed with: Přístup byl odepřen.

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
23:20:23 - Services Repair Complete.
23:20:27 - Reboot Initiated

Maroš · #15 Příspěvek od **Maroš** » 07 pro 2014 23:26

Log Opened: 2014-12-07 @ 23:20:18
23:20:18 - -----------------
23:20:18 - | Begin Logging |
23:20:18 - -----------------
23:20:18 - Fix started on a WIN_7 X64 computer
23:20:18 - Prep in progress. Please Wait.
23:20:20 - Prep complete
23:20:20 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\BFE\Parameters> failed with: Přístup byl odepřen.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\BFE> failed with: Přístup byl odepřen.

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
23:20:23 - Services Repair Complete.
23:20:27 - Reboot Initiated

VIRY.CZ

webssearches jak odstranit?

webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?

Re: webssearches jak odstranit?