Preventiví kontrola

Zpráva

Jarda62 · #1 Příspěvek od **Jarda62** » 10 led 2015 14:47

Dobrý den, po delší době sem dávám dálší preventivní kontrolu. Počítáč se mi zdá občas trošku pomalejší a hlavně start systému trvá docela dlouho.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jarda at 2015-01-10 14:42:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 23 GB (5%) free of 477 GB
Total RAM: 8163 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:42:53, on 10.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Bandicam\bdcam.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\puush\puush.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jarda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [puush] C:\Program Files (x86)\puush\puush.exe
O4 - Global Startup: Microsoft Outlook 2010.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9150 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
"explorer.exe"
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {FEF3DD3E-C5EE-46B8-AD87-12D7AE5EC7E9}
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
"C:\Program Files (x86)\Bandicam\bdcam.exe"
"C:\Program Files\Core Temp\Core Temp.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
WLIDSvcM.exe 2212
"C:\Program Files (x86)\Bandicam\bdcam64.bin"
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\puush\puush.exe"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 82166721-efd8-46ad-9f1a-1c5233129659 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "2144457393-505916005-219342638-580144580-417607109331721598518894381490567999
\??\C:\Windows\system32\conhost.exe "2024887260-1894063373-151693596251969025710278821467494854033315737111595874264
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe" /i
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe" /i
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe" /i

"C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" "-launchedbycsxs"
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6576.0.1079985057\1950925273" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38,46 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4475 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/QUIC/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6576.2.1016590838\894561652" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/QUIC/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6576.3.1191553119\2081167293" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/QUIC/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6576.4.216302954\806214010" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/QUIC/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6576.6.1045581854\1304307505" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/QUIC/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6576.7.175223316\234739544" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6576.10.1366553685\1868199865" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 3820 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="6708.0.443176726\398490081" /prefetch:673131151
"C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="6576.17.1673279077\1881554985" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Jarda\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.4]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-15 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-08 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-15 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-15 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-08 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-15 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-17 2465088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-01-10 1942208]
"puush"=C:\Program Files (x86)\puush\puush.exe [2014-11-12 567880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore]
C:\Program Files\Logitech Gaming Software\LCore.exe [2014-04-15 10396440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-17 2465088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2014-11-17 2800296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-09 5227112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FICV"=ficvdec_x64.dll
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"aux1"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-01-10 14:42:45 ----D---- C:\rsit
2015-01-10 14:42:45 ----D---- C:\Program Files\trend micro
2015-01-08 05:31:37 ----D---- C:\Users\Jarda\AppData\Roaming\3909
2015-01-03 13:00:36 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-12-29 02:35:44 ----D---- C:\Users\Jarda\AppData\Roaming\Mount&Blade Warband
2014-12-19 20:30:42 ----D---- C:\Program Files (x86)\Project Cars
2014-12-19 02:26:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-19 02:26:36 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-19 01:49:17 ----D---- C:\Program Files (x86)\Metal Gear Solid V Ground Zeroes
2014-12-11 00:02:00 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 00:01:59 ----A---- C:\Windows\system32\mf.dll

======List of files/folders modified in the last 1 month======

2015-01-10 14:42:53 ----D---- C:\Windows\Prefetch
2015-01-10 14:42:45 ----D---- C:\Program Files
2015-01-10 14:41:10 ----D---- C:\Program Files (x86)\Steam
2015-01-10 14:14:20 ----D---- C:\Users\Jarda\AppData\Roaming\vlc
2015-01-10 14:03:39 ----D---- C:\Program Files (x86)\RivaTuner Statistics Server
2015-01-10 13:16:14 ----D---- C:\Program Files (x86)\TeamViewer
2015-01-10 13:15:49 ----D---- C:\Windows\temp
2015-01-10 13:13:34 ----D---- C:\ProgramData\NVIDIA
2015-01-10 04:37:38 ----D---- C:\Windows\system32\config
2015-01-10 04:37:06 ----D---- C:\Windows\system32\Tasks
2015-01-10 04:36:41 ----D---- C:\Users\Jarda\AppData\Roaming\TS3Client
2015-01-09 07:46:41 ----D---- C:\Program Files (x86)\MSI Afterburner
2015-01-08 13:16:54 ----D---- C:\Users\Jarda\AppData\Roaming\uTorrent
2015-01-05 03:05:07 ----D---- C:\Users\Jarda\AppData\Roaming\Audacity
2015-01-03 13:17:34 ----RSD---- C:\Windows\assembly
2015-01-03 13:16:57 ----SHD---- C:\System Volume Information
2015-01-03 13:00:36 ----D---- C:\Windows\System32
2015-01-02 19:29:05 ----D---- C:\Windows\Logs
2015-01-02 19:28:51 ----D---- C:\Windows
2015-01-02 19:28:50 ----D---- C:\Windows\inf
2015-01-02 19:27:54 ----SHD---- C:\Windows\Installer
2015-01-02 19:27:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-02 04:15:52 ----RD---- C:\Program Files (x86)
2015-01-01 21:52:30 ----D---- C:\Program Files (x86)\DesktopOK
2015-01-01 21:49:36 ----D---- C:\Users\Jarda\AppData\Roaming\TeamViewer
2015-01-01 21:49:36 ----D---- C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
2015-01-01 21:49:29 ----D---- C:\Windows\debug
2015-01-01 21:18:19 ----D---- C:\Program Files (x86)\System Explorer
2015-01-01 17:54:43 ----D---- C:\Program Files\WinRAR
2014-12-31 17:08:58 ----D---- C:\Program Files (x86)\Software Updates Monitor
2014-12-31 17:07:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-31 17:07:27 ----D---- C:\Windows\SysWOW64
2014-12-31 17:03:10 ----D---- C:\Program Files (x86)\FileSeek
2014-12-27 02:56:04 ----D---- C:\Windows\SYSWOW64\directx
2014-12-27 02:56:00 ----HD---- C:\Windows\msdownld.tmp
2014-12-26 14:00:34 ----D---- C:\ProgramData\Origin
2014-12-26 13:57:19 ----D---- C:\Program Files (x86)\Origin
2014-12-23 20:27:18 ----D---- C:\Program Files (x86)\SpeedFan
2014-12-22 19:08:07 ----D---- C:\Users\Jarda\AppData\Roaming\Skype
2014-12-22 18:19:46 ----D---- C:\Users\Jarda\AppData\Roaming\Spotify
2014-12-22 18:12:09 ----D---- C:\ProgramData\Skype
2014-12-22 18:12:06 ----RD---- C:\Program Files (x86)\Skype
2014-12-22 18:08:30 ----D---- C:\Program Files\CCleaner
2014-12-19 20:01:55 ----AD---- C:\ProgramData
2014-12-19 02:27:34 ----D---- C:\Windows\winsxs
2014-12-17 03:22:34 ----D---- C:\Users\Jarda\AppData\Roaming\OBS
2014-12-14 22:28:01 ----D---- C:\Windows\Tasks
2014-12-13 12:51:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-12 12:37:14 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2014-12-11 22:36:53 ----A---- C:\Windows\expstart.exe
2014-12-11 21:17:07 ----D---- C:\Windows\rescache
2014-12-11 03:28:11 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-11 03:28:11 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-11 03:28:11 ----D---- C:\Windows\system32\en-US
2014-12-11 03:28:11 ----D---- C:\Windows\system32\drivers
2014-12-11 03:28:11 ----D---- C:\Windows\system32\cs-CZ
2014-12-11 03:28:11 ----D---- C:\Windows\PolicyDefinitions
2014-12-11 03:28:11 ----D---- C:\Program Files\Internet Explorer
2014-12-11 00:09:40 ----D---- C:\Windows\system32\MRT
2014-12-11 00:04:11 ----A---- C:\Windows\system32\MRT.exe
2014-12-11 00:04:03 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-08 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-08 267632]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-06-22 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-08 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-08 436624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-07 283064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-08 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-08 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-08 116728]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-03-13 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-03-13 46400]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-08 271752]
R3 ALSysIO;ALSysIO; \??\C:\Users\Jarda\AppData\Local\Temp\ALSysIO64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
R3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [2013-05-30 41752]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-11-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-17 20800]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-03-11 13368]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2012-12-30 34032]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver; C:\Windows\system32\DRIVERS\evolve.sys [2014-07-10 21656]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS []
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-09-02 42776]
S3 monectdevices;Monect Hid Device; C:\Windows\system32\DRIVERS\monectdevices.sys [2013-03-23 10432]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys []
S3 ptun0901;TAP Adapter V9 for Private Tunnel; C:\Windows\system32\DRIVERS\ptun0901.sys [2014-04-24 27136]
S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service; C:\Windows\system32\drivers\RzMaelstromVAD.sys [2014-05-23 32768]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-09-09 142528]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-08 50344]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-17 1149760]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-17 19821376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 409800]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-15 5426448]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-08 4012248]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-01-06 762752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 NetTcpActivator;Adaptér naslouchání Net.Tcp; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-20 1903472]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-09 834240]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14 116648]
S4 MonectServerService;MonectServerService; C:\Users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 10 led 2015 15:43

Zdravim

Spustte jako spravce C:\Program Files\trend micro\Jarda.exe

kliknete na Do a system scan only
zatrhnete (udelejte fajfku) nasledujici polozky
- O15 - Trusted Zone: *.clonewarsadventures.com
  O15 - Trusted Zone: *.freerealms.com
  O15 - Trusted Zone: *.soe.com
  O15 - Trusted Zone: *.sony.com
kliknete na Fix checked

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Jarda62 · #3 Příspěvek od **Jarda62** » 10 led 2015 17:05

Vše provedeno.

# AdwCleaner v4.107 - Report created 10/01/2015 at 17:00:12
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Jarda\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Jarda\AppData\Roaming\NCH Software
File Deleted : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default\invalidprefs.js
File Deleted : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v34.0 (x86 cs)

-\\ Google Chrome v

[C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.door2windows.com/search-results/?cx ... Terms}&sa=

-\\ Chromium v

[C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.door2windows.com/search-results/?cx ... Terms}&sa=

*************************

AdwCleaner[R1].txt - [2464 octets] - [10/01/2015 16:58:30]
AdwCleaner[S1].txt - [2725 octets] - [10/01/2015 17:00:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2785 octets] ##########

#4 Příspěvek od **altrok** » 10 led 2015 17:30

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Jarda62 · #5 Příspěvek od **Jarda62** » 10 led 2015 17:43

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2015
Ran by Jarda (administrator) on JARDA-PC on 10-01-2015 17:39:48
Running from C:\Users\Jarda\Desktop
Loaded Profile: Jarda (Available profiles: Jarda)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files\Core Temp\Core Temp.exe
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam64.bin
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jarda\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942208 2015-01-10] (Valve Corporation)
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-11-12] ()
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2014-12-11] () <==== ATTENTION
AppInit_DLLs: => File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKU\S-1-5-21-3344855712-2548836808-2162885872-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3344855712-2548836808-2162885872-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3344855712-2548836808-2162885872-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jarda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3344855712-2548836808-2162885872-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-07]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/", "hxxp://facebook.com/"
CHR Profile: C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (LinkPeelr) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhcmjnfhbpgagklnjhlcabnbcdgipje [2014-12-14]
CHR Extension: (BetterTTV) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-02-26]
CHR Extension: (AdBlock) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-23]
CHR Extension: (Classic) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn [2014-05-21]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-07-05]
CHR Extension: (Twitch Now) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2013-10-20]
CHR Extension: (Peněženka Google) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Hover Zoom) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-07-13]
CHR HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jarda\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-08]
CHR StartMenuInternet: Google Chrome - C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-08] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-08] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [762752 2015-01-06] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-20] (Electronic Arts)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-01-04] (Microsoft Corporation) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S4 MonectServerService; C:\Users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-08] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-03-13] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-07] (Disc Soft Ltd)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-07-10] (Echobit, LLC)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-03-13] ()
S3 monectdevices; C:\Windows\System32\DRIVERS\monectdevices.sys [10432 2013-03-23] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-04-24] (The OpenVPN Project)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2012-12-30] (Sony Ericsson Mobile Communications)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-08] (Avast Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113952 2014-02-25] (Oracle Corporation)
R3 ALSysIO; \??\C:\Users\Jarda\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 HWiNFO32; \??\C:\Users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 17:39 - 2015-01-10 17:40 - 00021397 _____ () C:\Users\Jarda\Desktop\FRST.txt
2015-01-10 17:39 - 2015-01-10 17:39 - 00029696 _____ () C:\Users\Jarda\AppData\Local\MSGBOX.EXE
2015-01-10 17:39 - 2015-01-10 17:39 - 00015327 _____ () C:\Users\Jarda\Desktop\LM.bat
2015-01-10 17:39 - 2015-01-10 17:39 - 00000000 ____D () C:\FRST
2015-01-10 17:38 - 2015-01-10 17:38 - 00112640 _____ (forum.viry.cz) C:\Users\Jarda\Downloads\FRSTLauncher.exe
2015-01-10 17:38 - 2015-01-10 17:38 - 00112640 _____ (forum.viry.cz) C:\Users\Jarda\Desktop\FRSTLauncher.exe
2015-01-10 17:38 - 2015-01-10 17:36 - 02124288 _____ (Farbar) C:\Users\Jarda\Desktop\FRST64.exe
2015-01-10 17:37 - 2015-01-10 17:37 - 00112280 _____ (forum.viry.cz) C:\Users\Jarda\Downloads\Nepotvrzeno 146645.crdownload
2015-01-10 17:36 - 2015-01-10 17:36 - 02124288 _____ (Farbar) C:\Users\Jarda\Downloads\FRST64.exe
2015-01-10 17:01 - 2015-01-10 17:01 - 00000310 _____ () C:\Windows\PFRO.log
2015-01-10 16:58 - 2015-01-10 17:00 - 00000000 ____D () C:\AdwCleaner
2015-01-10 16:58 - 2015-01-10 16:57 - 02191360 _____ () C:\Users\Jarda\Desktop\adwcleaner_4.107.exe
2015-01-10 16:57 - 2015-01-10 16:57 - 02191360 _____ () C:\Users\Jarda\Downloads\adwcleaner_4.107.exe
2015-01-10 14:42 - 2015-01-10 16:57 - 00000000 ____D () C:\Program Files\trend micro
2015-01-10 14:42 - 2015-01-10 14:43 - 00000000 ____D () C:\rsit
2015-01-10 14:42 - 2015-01-10 14:42 - 01222144 _____ () C:\Users\Jarda\Downloads\RSITx64.exe
2015-01-10 14:42 - 2015-01-10 14:42 - 01222144 _____ () C:\Users\Jarda\Desktop\RSITx64.exe
2015-01-08 05:31 - 2015-01-08 05:31 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\3909
2015-01-07 19:42 - 2015-01-07 19:59 - 00000000 ____D () C:\Users\Jarda\Documents\Proteus
2015-01-07 18:30 - 2015-01-07 18:39 - 00000000 ____D () C:\Users\Jarda\AppData\Local\Culling_Of_The_Cows
2015-01-06 02:56 - 2015-01-08 05:21 - 00000000 ____D () C:\Users\Jarda\Downloads\Designer Sound FX
2015-01-03 13:00 - 2015-01-03 13:00 - 05116840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-02 19:28 - 2015-01-03 13:18 - 00022596 _____ () C:\Windows\DirectX.log
2015-01-01 22:02 - 2015-01-10 17:03 - 00002264 _____ () C:\Windows\setupact.log
2015-01-01 22:02 - 2015-01-01 22:02 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-01 21:52 - 2015-01-01 21:52 - 00113728 _____ () C:\Users\Jarda\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 02:36 - 2014-12-29 03:04 - 00000000 ____D () C:\Users\Jarda\Documents\Mount&Blade Warband Savegames
2014-12-29 02:35 - 2014-12-29 02:39 - 00000000 ____D () C:\Users\Jarda\Documents\Mount&Blade Warband
2014-12-29 02:35 - 2014-12-29 02:38 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Mount&Blade Warband
2014-12-26 12:07 - 2014-12-26 12:07 - 00000000 ____D () C:\Users\Jarda\Documents\Criterion Games
2014-12-19 20:44 - 2014-12-19 20:50 - 00000000 ____D () C:\Users\Jarda\Documents\CARS
2014-12-19 20:43 - 2014-12-19 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Cars
2014-12-19 20:30 - 2014-12-19 20:43 - 00000000 ____D () C:\Program Files (x86)\Project Cars
2014-12-19 18:46 - 2014-12-19 18:51 - 29923321 _____ () C:\Users\Jarda\Desktop\Sprinkle Islands v1.1.0.apk
2014-12-19 03:53 - 2015-01-09 16:54 - 00000334 _____ () C:\Users\Jarda\Desktop\..txt
2014-12-19 02:26 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-19 02:26 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-19 01:51 - 2014-12-19 01:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Gear Solid V Ground Zeroes
2014-12-19 01:49 - 2014-12-19 02:09 - 00000000 ____D () C:\Program Files (x86)\Metal Gear Solid V Ground Zeroes
2014-12-15 02:20 - 2014-12-15 02:22 - 37646256 _____ () C:\Users\Jarda\Desktop\Townsmen Premium v1.4.7.apk
2014-12-11 00:02 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 00:01 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 17:11 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 17:11 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 17:08 - 2011-12-09 04:36 - 01614173 _____ () C:\Windows\WindowsUpdate.log
2015-01-10 17:04 - 2014-07-24 20:06 - 00000000 ____D () C:\Users\Jarda\Documents\Soubory aplikace Outlook
2015-01-10 17:03 - 2012-04-05 20:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-10 17:01 - 2012-04-05 14:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-10 17:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-10 14:47 - 2014-08-04 21:19 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2015-01-10 14:14 - 2012-09-26 19:08 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\vlc
2015-01-10 13:49 - 2014-01-03 00:17 - 00000000 ___RD () C:\Users\Jarda\Desktop\Hry
2015-01-10 13:16 - 2013-03-25 20:55 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-10 13:15 - 2014-04-07 12:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-10 04:37 - 2014-10-26 14:27 - 00003022 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2015-01-10 04:36 - 2012-09-04 16:19 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\TS3Client
2015-01-09 07:46 - 2012-01-06 00:31 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-01-08 17:00 - 2012-04-12 22:40 - 00000000 ___RD () C:\Users\Jarda\Desktop\Škola
2015-01-08 13:16 - 2011-12-09 21:56 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\uTorrent
2015-01-06 23:55 - 2014-01-21 22:03 - 00000000 ____D () C:\Users\Jarda\AppData\Local\ArmA 2 OA
2015-01-05 14:59 - 2013-06-10 15:52 - 00000000 ___RD () C:\Users\Jarda\Desktop\
2015-01-05 03:05 - 2013-10-06 00:23 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Audacity
2015-01-04 17:14 - 2013-05-10 15:37 - 00000000 ____D () C:\Users\Jarda\Documents\youtube
2015-01-02 19:27 - 2009-07-14 16:18 - 00672158 _____ () C:\Windows\system32\perfh005.dat
2015-01-02 19:27 - 2009-07-14 16:18 - 00142754 _____ () C:\Windows\system32\perfc005.dat
2015-01-02 19:27 - 2009-07-14 06:13 - 01593302 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-01 21:52 - 2013-09-19 17:21 - 00000000 ____D () C:\Program Files (x86)\DesktopOK
2015-01-01 21:49 - 2014-02-17 14:12 - 00000000 ____D () C:\Users\Jarda\AppData\Local\CrashDumps
2015-01-01 21:49 - 2013-03-25 20:56 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\TeamViewer
2015-01-01 21:49 - 2011-12-09 15:30 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
2015-01-01 21:18 - 2014-07-18 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2015-01-01 21:18 - 2014-07-18 21:17 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2015-01-01 18:16 - 2014-06-16 00:13 - 00002888 _____ () C:\Windows\System32\Tasks\bandicam_start
2015-01-01 18:04 - 2012-07-03 16:06 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-01 18:04 - 2012-07-03 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-01 17:54 - 2011-12-08 22:35 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-31 17:08 - 2014-06-22 13:43 - 00000000 ____D () C:\Program Files (x86)\Software Updates Monitor
2014-12-31 17:07 - 2013-10-23 14:24 - 00000000 ___RD () C:\Users\Jarda\Desktop\Programy
2014-12-31 17:05 - 2014-08-03 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2014-12-31 17:03 - 2014-06-22 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileSeek
2014-12-31 17:03 - 2014-06-22 21:44 - 00000000 ____D () C:\Program Files (x86)\FileSeek
2014-12-31 08:08 - 2014-10-04 14:59 - 00000000 ____D () C:\Users\Jarda\Downloads\South.Park.S01-S15.DVDRip.WEB-DL.BDRip.XviD.CZ.ENG
2014-12-27 02:56 - 2014-06-13 11:51 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-12-27 02:56 - 2012-10-24 20:06 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-26 14:00 - 2012-10-31 18:51 - 00000000 ____D () C:\ProgramData\Origin
2014-12-26 13:57 - 2012-10-31 18:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-23 20:27 - 2012-12-02 17:45 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-12-23 20:08 - 2014-06-19 19:00 - 00000000 ____D () C:\Users\Jarda\Documents\Euro Truck Simulator 2
2014-12-22 19:08 - 2011-12-09 15:23 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Skype
2014-12-22 18:19 - 2014-02-16 16:36 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Spotify
2014-12-22 18:12 - 2011-12-09 15:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 18:12 - 2011-12-09 15:23 - 00000000 ____D () C:\ProgramData\Skype
2014-12-22 18:09 - 2014-02-16 16:37 - 00000000 ____D () C:\Users\Jarda\AppData\Local\Spotify
2014-12-22 18:08 - 2011-12-10 01:25 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-19 21:23 - 2014-04-06 20:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-19 20:02 - 2011-12-09 04:34 - 00000000 ____D () C:\Users\Jarda
2014-12-17 03:22 - 2013-07-05 21:54 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\OBS
2014-12-15 02:04 - 2013-10-08 00:57 - 00000132 _____ () C:\Users\Jarda\AppData\Roaming\Formát PNG Adobe CC – předvolby
2014-12-13 12:51 - 2014-08-19 23:59 - 00000000 ____D () C:\Users\Jarda\AppData\Local\Adobe
2014-12-13 12:51 - 2013-03-18 14:46 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 12:51 - 2013-03-18 14:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 12:37 - 2013-08-15 20:37 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-11 23:21 - 2012-11-30 20:59 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-11 23:21 - 2011-12-31 01:29 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-11 22:36 - 2014-07-18 19:52 - 00925184 _____ () C:\Windows\expstart.exe
2014-12-11 21:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 00:09 - 2013-07-12 11:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 00:04 - 2011-12-10 13:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 00:04 - 2011-12-08 23:48 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\ProgramData\hash.dat

Some content of TEMP:
====================
C:\Users\Jarda\AppData\Local\Temp\Quarantine.exe
C:\Users\Jarda\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-05 18:51

==================== End Of Log ============================

Add

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2015
Ran by Jarda at 2015-01-10 17:40:30
Running from C:\Users\Jarda\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.5.1525 - Open Media LLC)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - )
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme v4.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
Aktualizace NVIDIA 16.13.69 (Version: 16.13.69 - NVIDIA Corporation) Hidden
Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.0.638 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bridge Constructor (HKLM-x32\...\Steam App 250460) (Version: - )
BulletStorm (x32 Version: 1.0.0001.130 - EA) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cok Free Auto Clicker 2.0 (HKLM-x32\...\Cok Free Auto Clicker_is1) (Version: 2.0 - Cok Software)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games)
DiRT 3 (x32 Version: 1.0.0001.130 - Codemasters) Hidden
DiRT2 (x32 Version: 1.0.0002.133 - Codemasters) Hidden
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version: - 3D Realms)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fantasy Voice Pack (HKLM-x32\...\{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}) (Version: 1.3.2 - Screaming Bee)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Název společnosti:) Hidden
Female Voice Pack (HKLM-x32\...\{D947A225-8C23-4E52-866E-CF3967476BFC}) (Version: 3.3.2 - Screaming Bee)
FileSeek 4.0 (HKLM-x32\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 4.0.0.0 - Binary Fortress Software)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team)
Furry Voices for Second Life (HKLM-x32\...\{2032DA39-C844-43AE-B638-6A4F7496686E}) (Version: 1.3.1 - Screaming Bee)
Galactic Voices (HKLM-x32\...\{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}) (Version: 1.3.1 - Screaming Bee)
Galcon 2 (HKLM-x32\...\Steam App 294160) (Version: - Hassey Enterprises, Inc.)
GameRanger (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)
GRID (HKLM-x32\...\Steam App 12750) (Version: - Codemasters Studios)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
ibb & obb (HKLM-x32\...\Steam App 95400) (Version: - Sparpweed)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
InViewer version 0.87.0.2 (HKLM-x32\...\{7E575733-1DF5-4064-AE38-289BA932398A}_is1) (Version: 0.87.0.2 - Stefan Wobbe)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Kane & Lynch 2: Dog Days (HKLM-x32\...\Steam App 28000) (Version: - IO Interactive)
K-Lite Codec Pack 10.8.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.0 - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lightfish (HKLM-x32\...\Steam App 116120) (Version: - Eclipse Games)
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
LYNE (HKLM-x32\...\Steam App 266010) (Version: - Thomas Bowker)
Male Voice Pack (HKLM-x32\...\{2CC32E0E-9A10-4BCC-94F0-614F85375F59}) (Version: 1.3.1 - Screaming Bee)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios)
Metal Gear Solid V Ground Zeroes (HKLM-x32\...\Metal Gear Solid V Ground Zeroes_is1) (Version: - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2010 (HKLM-x32\...\{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MorphVOX Pro (HKLM-x32\...\{4bfc0d50-0417-46a0-ab1e-475fb1a90916}) (Version: 4.4.17.22603 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.17.22603 - Screaming Bee) Hidden
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mozilla Firefox 34.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 cs)) (Version: 34.0 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Multisim 8 (x32 Version: 8.0.24 - Electronics Workbench) Hidden
My Game Long Name (HKLM\...\UDK-a1bacc41-7245-43b1-b89b-73e4346187a9) (Version: - Epic Games, Inc.)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Personality Voices (HKLM-x32\...\{4B886E97-AF5B-46F0-9F48-6BE03149D972}) (Version: 1.0.1 - Screaming Bee)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
Project Cars verze 834 (HKLM-x32\...\Project Cars_is1) (Version: 834 - Repacky)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version: - Eugen Systems)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Red Faction: Guerrilla (x32 Version: 1.0.0002.132 - THQ) Hidden
Red Faction: Guerrilla (x32 Version: 1.0.0003.132 - THQ) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version: - ACE Team)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version: - Chris Sawyer Productions)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Sci-Fi Voice Pack (HKLM-x32\...\{BC038C91-D3C6-4E43-8439-B65976FE7937}) (Version: 1.3.1 - Screaming Bee)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shadow Warrior (HKLM-x32\...\Steam App 233130) (Version: - Flying Wild Hog)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Spotify (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Explorer 6.2.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Test Drive Unlimited 2 (HKLM-x32\...\Steam App 9930) (Version: - Eden Studios)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version: - Jonathan Lermitage)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Tower Wars (HKLM-x32\...\Steam App 214360) (Version: - SuperVillain Studios)
Translator Fun Voice Pack (HKLM-x32\...\{C39768C1-82E7-4466-8526-2D8AC44B768F}) (Version: 1.5.1 - Screaming Bee)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Types (HKLM\...\Types) (Version: 2.1.6 - E. Strunnikov)
Unity Web Player (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Urban Trial Freestyle (HKLM-x32\...\Steam App 243450) (Version: - Tate Multimedia)
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version: - RuneStorm)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WRC Powerslide (HKLM-x32\...\Steam App 256350) (Version: - Milestone S.r.l.)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.3 - Xvid Team)
Zombie Driver HD (HKLM-x32\...\Steam App 220820) (Version: - Exor Studios)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

10-01-2015 15:49:22 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-16 00:06 - 00000830 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 bandicam.com
127.0.0.1 ssl.bandisoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {057C05AB-1354-460D-8441-5214C2914176} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-08] (AVAST Software)
Task: {1D39CFDD-85E9-405D-8749-AF89AB94798C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14] (Google Inc.)
Task: {1E4026EA-8A3A-4FE1-8048-8B00D5F40361} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-08-31] ()
Task: {2A857517-F8EF-4C5E-BFA5-4F4B753E9061} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {5820C5F9-D4BA-46BE-AD30-90BFE3124E79} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7714D3CC-F448-4DC5-B3F8-5CC9D3FA954F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-22] (Google Inc.)
Task: {782CE30F-03DB-4C1E-837A-FBA1D92B8479} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {7AB6681D-9B27-4D69-AF94-8127CB980C28} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-10-06] ()
Task: {86C2FDCB-ACE6-4F9F-A7EC-0E17AB7DA826} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-22] (Google Inc.)
Task: {9216B18D-E3AE-4135-B5CA-82FDEA4946ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14] (Google Inc.)
Task: {CFEC5B1B-6A17-4687-89A7-24029484BC55} - System32\Tasks\Core Temp Autostart Jarda => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {E6F86F3F-A093-4AE0-AA46-EEAC2978F3C9} - System32\Tasks\bandicam_start => C:\Program Files (x86)\Bandicam\bdcam.exe [2014-05-30] (www.Bandisoft.com)

==================== Loaded Modules (whitelisted) =============

2014-11-19 23:01 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-05 10:41 - 2014-08-30 19:07 - 00400384 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2014-08-31 14:00 - 2014-08-31 14:00 - 00512512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2012-02-26 12:12 - 2013-10-08 13:23 - 00890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-10 14:41 - 2014-11-12 14:19 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-15 02:36 - 2013-02-15 02:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-08-30 19:07 - 2014-08-30 19:07 - 00195584 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-08-30 19:07 - 2014-08-30 19:07 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-08-30 19:07 - 2014-08-30 19:07 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2015-01-10 13:16 - 2015-01-10 13:16 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011000\algo.dll
2014-08-31 13:58 - 2014-08-31 13:58 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-08-31 13:58 - 2014-08-31 13:58 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-08-31 13:59 - 2014-08-31 13:59 - 00217600 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-08-31 13:59 - 2014-08-31 13:59 - 00324608 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-08-31 14:00 - 2014-08-31 14:00 - 00648192 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-06-05 10:40 - 2014-08-30 19:07 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-02 20:17 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-02 20:17 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-02 20:17 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 21:11 - 2015-01-10 04:21 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-04-05 20:38 - 2015-01-10 04:21 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-08 19:53 - 2014-11-08 19:53 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-30 19:07 - 2014-08-30 19:07 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-08-30 19:07 - 2014-08-30 19:07 - 00324608 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-08-30 19:07 - 2014-08-30 19:07 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2012-04-05 20:38 - 2014-12-20 00:38 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 01077064 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 00211272 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 09009480 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 01677128 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 14913352 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Data aplikací:NT
AlternateDataStreams: C:\ProgramData\Data aplikací:NT2
AlternateDataStreams: C:\ProgramData\Microsoft:ley31hqI9sGSlLzQK8X
AlternateDataStreams: C:\ProgramData\Microsoft:ykC2K75XRDRhWZdCqsF9oS2urE
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT2
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe -update plugin
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

========================= Accounts: ==========================

Administrator (S-1-5-21-3344855712-2548836808-2162885872-500 - Administrator - Disabled)
Guest (S-1-5-21-3344855712-2548836808-2162885872-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3344855712-2548836808-2162885872-1027 - Limited - Enabled)
Jarda (S-1-5-21-3344855712-2548836808-2162885872-1000 - Administrator - Enabled) => C:\Users\Jarda

==================== Faulty Device Manager Devices =============

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2015 05:03:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/10/2015 05:03:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/10/2015 05:03:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/10/2015 03:42:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2 na řádku C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/10/2015 01:15:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/08/2015 11:53:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2 na řádku C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/08/2015 05:21:52 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 7560. ID zprávy: [0x2509].

Error: (01/08/2015 03:06:35 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 7132. ID zprávy: [0x2509].

Error: (01/08/2015 00:03:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2 na řádku C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/07/2015 04:20:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2 na řádku C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

System errors:
=============
Error: (01/10/2015 05:00:44 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (01/10/2015 05:00:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/10/2015 05:00:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/10/2015 05:00:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/10/2015 05:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/10/2015 05:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA GeForce Experience Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/10/2015 05:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/10/2015 05:00:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/10/2015 05:00:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/10/2015 05:00:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Microsoft Office Sessions:
=========================
Error: (01/10/2015 05:03:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/10/2015 05:03:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/10/2015 05:03:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/10/2015 03:42:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (01/10/2015 01:15:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/08/2015 11:53:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (01/08/2015 05:21:52 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 7560. ID zprávy: [0x2509].

Error: (01/08/2015 03:06:35 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 7132. ID zprávy: [0x2509].

Error: (01/08/2015 00:03:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (01/07/2015 04:20:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

CodeIntegrity Errors:
===================================
Date: 2015-01-10 17:39:57.779
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:39:57.739
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:39:15.592
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:39:15.559
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:39:07.719
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:39:07.689
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:39:07.629
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:39:07.589
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:37:09.070
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 17:37:06.173
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 37%
Total physical RAM: 8163.36 MB
Available physical RAM: 5082.36 MB
Total Pagefile: 16324.9 MB
Available Pagefile: 12814.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:26.75 GB) NTFS
Drive d: (kappa) (Fixed) (Total:149.05 GB) (Free:21.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: E61DDFEF)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24762475)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#6 Příspěvek od **altrok** » 10 led 2015 17:49

Postupujte naprosto presne dle navodu kolegy.

vyosek píše: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe

Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)

Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost

RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet

Na plose vznikne log Rkill.txt ten mi sem vlozte

Ted nerestartujte PC - prisli byste o ucinek RKillu
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.

Pokud mate Win XP spustte pod uctem Spravce\Administratora

Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce

Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano

Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste

Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna

Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit

Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte

Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Jarda62 · #7 Příspěvek od **Jarda62** » 10 led 2015 18:26

Rkill

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/10/2015 06:00:17 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Modified HKCU\...\Winlogon: [Shell] => expstart.exe

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll : 332 288 : 01/04/2013 11:02 PM : 8bf20c54ffb37cfb960f708ffa813fa7 [NoSig]
+-> C:\Windows\SysWOW64\uxtheme.dll : 245 760 : 07/14/2009 02:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332 288 : 07/14/2009 02:41 AM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245 760 : 07/14/2009 02:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 bandicam.com
127.0.0.1 ssl.bandisoft.com

Program finished at: 01/10/2015 06:01:51 PM
Execution time: 0 hours(s), 1 minute(s), and 34 seconds(s)

ComboFix

ComboFix 15-01-08.01 - Jarda 10.01.2015 18:04:55.8.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8163.5297 [GMT 1:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\InViewer
c:\program files (x86)\InViewer\AxInterop.WMPLib.dll
c:\program files (x86)\InViewer\gpl.txt
c:\program files (x86)\InViewer\changelog.txt
c:\program files (x86)\InViewer\Interop.WMPLib.dll
c:\program files (x86)\InViewer\invhelper.exe
c:\program files (x86)\InViewer\inviewer.exe
c:\program files (x86)\InViewer\readme.txt
c:\program files (x86)\InViewer\unins000.dat
c:\program files (x86)\InViewer\unins000.exe
c:\program files (x86)\Project Cars\APEX_BasicFS_x64.dll
c:\program files (x86)\Project Cars\APEX_BasicFS_x86.dll
c:\program files (x86)\Project Cars\APEX_BasicFSDEBUG_x64.dll
c:\program files (x86)\Project Cars\APEX_BasicFSDEBUG_x86.dll
c:\program files (x86)\Project Cars\APEX_BasicFSCHECKED_x64.dll
c:\program files (x86)\Project Cars\APEX_BasicFSCHECKED_x86.dll
c:\program files (x86)\Project Cars\APEX_BasicFSPROFILE_x64.dll
c:\program files (x86)\Project Cars\APEX_BasicFSPROFILE_x86.dll
c:\program files (x86)\Project Cars\APEX_BasicIOS_x64.dll
c:\program files (x86)\Project Cars\APEX_BasicIOS_x86.dll
c:\program files (x86)\Project Cars\APEX_BasicIOSDEBUG_x86.dll
c:\program files (x86)\Project Cars\APEX_BasicIOSCHECKED_x64.dll
c:\program files (x86)\Project Cars\APEX_BasicIOSCHECKED_x86.dll
c:\program files (x86)\Project Cars\APEX_BasicIOSPROFILE_x64.dll
c:\program files (x86)\Project Cars\APEX_BasicIOSPROFILE_x86.dll
c:\program files (x86)\Project Cars\APEX_Emitter_x64.dll
c:\program files (x86)\Project Cars\APEX_Emitter_x86.dll
c:\program files (x86)\Project Cars\APEX_EmitterDEBUG_x64.dll
c:\program files (x86)\Project Cars\APEX_EmitterDEBUG_x86.dll
c:\program files (x86)\Project Cars\APEX_EmitterCHECKED_x64.dll
c:\program files (x86)\Project Cars\APEX_EmitterCHECKED_x86.dll
c:\program files (x86)\Project Cars\APEX_EmitterPROFILE_x64.dll
c:\program files (x86)\Project Cars\APEX_EmitterPROFILE_x86.dll
c:\program files (x86)\Project Cars\APEX_FieldSampler_x64.dll
c:\program files (x86)\Project Cars\APEX_FieldSampler_x86.dll
c:\program files (x86)\Project Cars\APEX_FieldSamplerDEBUG_x64.dll
c:\program files (x86)\Project Cars\APEX_FieldSamplerDEBUG_x86.dll
c:\program files (x86)\Project Cars\APEX_FieldSamplerCHECKED_x64.dll
c:\program files (x86)\Project Cars\APEX_FieldSamplerCHECKED_x86.dll
c:\program files (x86)\Project Cars\APEX_FieldSamplerPROFILE_x64.dll
c:\program files (x86)\Project Cars\APEX_FieldSamplerPROFILE_x86.dll
c:\program files (x86)\Project Cars\APEX_ParticleIOS_x64.dll
c:\program files (x86)\Project Cars\APEX_ParticleIOS_x86.dll
c:\program files (x86)\Project Cars\APEX_ParticleIOSDEBUG_x86.dll
c:\program files (x86)\Project Cars\APEX_ParticleIOSCHECKED_x64.dll
c:\program files (x86)\Project Cars\APEX_ParticleIOSCHECKED_x86.dll
c:\program files (x86)\Project Cars\APEX_ParticleIOSPROFILE_x64.dll
c:\program files (x86)\Project Cars\APEX_ParticleIOSPROFILE_x86.dll
c:\users\Jarda\AppData\Local\Msgbox.exe
c:\users\Jarda\AppData\Roaming\SpeedRunnersLog.txt
c:\windows\msdownld.tmp
c:\windows\XSxS
.
Nakažená kopie c:\windows\SysWow64\ntdll.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\wow64_microsoft-windows-ntdll_31bf3856ad364e35_6.1.7601.22436_none_c1c770f6605a21ff\ntdll.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-10 do 2015-01-10 )))))))))))))))))))))))))))))))
.
.
2015-01-10 17:12 . 2015-01-10 17:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-10 17:12 . 2015-01-10 17:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-10 16:39 . 2015-01-10 16:40 -------- d-----w- C:\FRST
2015-01-10 15:58 . 2015-01-10 16:00 -------- d-----w- C:\AdwCleaner
2015-01-10 13:42 . 2015-01-10 15:57 -------- d-----w- c:\program files\trend micro
2015-01-10 13:42 . 2015-01-10 13:43 -------- d-----w- C:\rsit
2015-01-08 04:31 . 2015-01-08 04:31 -------- d-----w- c:\users\Jarda\AppData\Roaming\3909
2015-01-07 17:30 . 2015-01-07 17:39 -------- d-----w- c:\users\Jarda\AppData\Local\Culling_Of_The_Cows
2014-12-29 01:35 . 2014-12-29 01:38 -------- d-----w- c:\users\Jarda\AppData\Roaming\Mount&Blade Warband
2014-12-19 19:30 . 2015-01-10 17:11 -------- d-----w- c:\program files (x86)\Project Cars
2014-12-19 01:26 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-19 01:26 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-19 00:49 . 2014-12-19 01:09 -------- d-----w- c:\program files (x86)\Metal Gear Solid V Ground Zeroes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-19 20:23 . 2014-04-06 19:22 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-13 11:51 . 2013-03-18 13:46 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-13 11:51 . 2013-03-18 13:46 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 22:21 . 2011-12-31 00:29 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-11 22:21 . 2012-11-30 19:59 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-12-11 21:36 . 2014-07-18 18:52 925184 ----a-w- c:\windows\expstart.exe
2014-12-10 23:04 . 2011-12-08 22:48 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-27 01:43 . 2014-12-10 22:59 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-23 14:16 . 2012-01-15 11:12 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-11-23 14:16 . 2012-01-15 11:12 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-11-22 11:42 . 2014-04-07 11:44 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-22 03:13 . 2014-12-10 22:58 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 22:59 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 22:59 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 22:59 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 22:58 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 22:59 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 22:59 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 22:58 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 22:59 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 22:59 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 22:59 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 22:59 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 22:58 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 22:58 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 22:59 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 22:59 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 22:59 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 22:59 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 22:58 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 22:58 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 22:59 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 22:59 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 22:59 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 22:59 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 22:59 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 22:59 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 22:59 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 22:59 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 22:58 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 22:59 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 22:58 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 22:59 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 22:59 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 22:58 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 22:59 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 22:59 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 22:59 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 22:59 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 22:59 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-21 05:14 . 2014-04-06 19:22 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-04-06 19:22 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2011-12-20 22:31 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-17 22:18 . 2014-11-19 21:59 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-11-17 22:18 . 2014-11-19 21:59 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-11-17 22:18 . 2014-11-19 21:59 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-11-17 20:02 . 2014-11-19 22:02 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-11-17 20:02 . 2014-11-19 22:02 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-11-17 20:02 . 2014-11-19 22:02 2800296 ----a-w- c:\windows\system32\nvspcap64.dll
2014-11-17 20:02 . 2014-11-19 22:02 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-11-13 00:20 . 2014-11-19 22:01 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-13 00:20 . 2014-11-19 22:01 59592 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-13 00:20 . 2014-11-19 21:59 989056 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-11-13 00:20 . 2014-11-19 21:59 964928 ----a-w- c:\windows\system32\NvIFR64.dll
2014-11-13 00:20 . 2014-11-19 21:59 935240 ----a-w- c:\windows\system32\NvFBC64.dll
2014-11-13 00:20 . 2014-11-19 21:59 923792 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-11-13 00:20 . 2014-11-19 21:59 900928 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-11-13 00:20 . 2014-11-19 21:59 871648 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-11-13 00:20 . 2014-11-19 21:59 4292416 ----a-w- c:\windows\system32\nvcuvid.dll
2014-11-13 00:20 . 2014-11-19 21:59 4011208 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-11-13 00:20 . 2014-11-19 21:59 352016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-11-13 00:20 . 2014-11-19 21:59 3262784 ----a-w- c:\windows\system32\nvapi64.dll
2014-11-13 00:20 . 2014-11-19 21:59 31893136 ----a-w- c:\windows\system32\nvoglv64.dll
2014-11-13 00:20 . 2014-11-19 21:59 303600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-11-13 00:20 . 2014-11-19 21:59 2874456 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-11-13 00:20 . 2014-11-19 21:59 24557712 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-11-13 00:20 . 2014-11-19 21:59 20986592 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-11-13 00:20 . 2014-11-19 21:59 20922512 ----a-w- c:\windows\system32\nvcompiler.dll
2014-11-13 00:20 . 2014-11-19 21:59 19966344 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-11-13 00:20 . 2014-11-19 21:59 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-11-19 21:59 18514616 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-11-13 00:20 . 2014-11-19 21:59 174856 ----a-w- c:\windows\system32\nvinitx.dll
2014-11-13 00:20 . 2014-11-19 21:59 17259664 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-11-13 00:20 . 2014-11-19 21:59 16884632 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-11-13 00:20 . 2014-11-19 21:59 156840 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-11-13 00:20 . 2014-11-19 21:59 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-13 00:20 . 2014-11-19 21:59 14032984 ----a-w- c:\windows\system32\nvopencl.dll
2014-11-13 00:20 . 2014-11-19 21:59 13944952 ----a-w- c:\windows\system32\nvcuda.dll
2014-11-13 00:20 . 2014-11-19 21:59 13213512 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-11-13 00:20 . 2014-11-19 21:59 11397744 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-11-13 00:20 . 2014-11-19 21:59 11336432 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-11-12 21:56 . 2014-11-19 22:01 6897352 ----a-w- c:\windows\system32\nvcpl.dll
2014-11-12 21:56 . 2014-11-19 22:01 3534152 ----a-w- c:\windows\system32\nvsvc64.dll
2014-11-12 21:56 . 2014-11-19 22:01 934032 ----a-w- c:\windows\system32\nvvsvc.exe
2014-11-12 21:56 . 2014-11-19 22:01 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-11-12 21:56 . 2014-11-19 22:01 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-11-12 21:56 . 2014-11-19 22:01 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-11-12 20:46 . 2014-11-19 22:01 615624 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-11-12 13:53 . 2012-03-07 18:37 1657984 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-01-10 1942208]
"puush"="c:\program files (x86)\puush\puush.exe" [2014-11-12 567880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-09 5227112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Outlook 2010.lnk - c:\windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe [2012-12-25 304296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS;c:\users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 monectdevices;Monect Hid Device;c:\windows\system32\DRIVERS\monectdevices.sys;c:\windows\SYSNATIVE\DRIVERS\monectdevices.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 ptun0901;TAP Adapter V9 for Private Tunnel;c:\windows\system32\DRIVERS\ptun0901.sys;c:\windows\SYSNATIVE\DRIVERS\ptun0901.sys [x]
R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R4 MonectServerService;MonectServerService;c:\users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe;c:\users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Jarda\AppData\Local\Temp\ALSysIO64.sys;c:\users\Jarda\AppData\Local\Temp\ALSysIO64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ALSYSIO
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-08 18:53 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-11-17 2465088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{7E575733-1DF5-4064-AE38-289BA932398A}_is1 - c:\program files (x86)\InViewer\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:81,b7,f1,9b,f8,3a,ce,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:e4,1d,71,d1,d5,57,ab,e9,9e,4d,72,63,a2,7a,9b,05,48,a0,58,77,64,
01,36,33,c8,1f,93,12,34,b2,a7,61,e9,04,bc,3e,06,18,d8,ef,c4,a6,64,5f,f4,3b,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:e4,1d,71,d1,d5,57,ab,e9,9e,4d,72,63,a2,7a,9b,05,48,a0,58,77,64,
01,36,33,c8,1f,93,12,34,b2,a7,61,e9,04,bc,3e,06,18,d8,ef,c4,a6,64,5f,f4,3b,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
c:\program files (x86)\Bandicam\bdcam.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Steam\bin\steamwebhelper.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-01-10 18:22:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-10 17:22
.
Před spuštěním: Volných bajtů: 28 461 268 992
Po spuštění: Volných bajtů: 28 421 464 064
.
- - End Of File - - B79A1FF6EB99DE8850E146939C3E74E9
A36C5E4F47E84449FF07ED3517B43A31

#8 Příspěvek od **altrok** » 10 led 2015 21:08

ComboFix dal do karanteny slozky

c:\program files (x86)\InViewer
c:\program files (x86)\Project Cars

znate tyto programy? Jestli je z karanteny vytahnem nebo nechame smazane.

Na virustotal.com otestujte c:\windows\expstart.exe - vysledek analyzy (link) vlozte do pristi odpovedi.

Pokud jeste nemate, presunte ComboFix na plochu.

Otevrete Poznamkovy blok (Start -> Spustit -> notepad)

zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=-

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

ClearJavaCache::

Reboot::

Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Jarda62 · #9 Příspěvek od **Jarda62** » 10 led 2015 21:35

InViewer je program na gify, který používám
Project Cars je závodní simulátor

Zde je odkaz https://www.virustotal.com/cs/file/79be ... 420920701/

ComboFix 15-01-08.01 - Jarda 10.01.2015 21:16:09.9.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8163.5933 [GMT 1:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jarda\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-10 do 2015-01-10 )))))))))))))))))))))))))))))))
.
.
2015-01-10 20:23 . 2015-01-10 20:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-01-10 20:23 . 2015-01-10 20:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-10 20:23 . 2015-01-10 20:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-10 16:39 . 2015-01-10 16:40 -------- d-----w- C:\FRST
2015-01-10 15:58 . 2015-01-10 16:00 -------- d-----w- C:\AdwCleaner
2015-01-10 13:42 . 2015-01-10 15:57 -------- d-----w- c:\program files\trend micro
2015-01-10 13:42 . 2015-01-10 13:43 -------- d-----w- C:\rsit
2015-01-08 04:31 . 2015-01-08 04:31 -------- d-----w- c:\users\Jarda\AppData\Roaming\3909
2015-01-07 17:30 . 2015-01-07 17:39 -------- d-----w- c:\users\Jarda\AppData\Local\Culling_Of_The_Cows
2014-12-29 01:35 . 2014-12-29 01:38 -------- d-----w- c:\users\Jarda\AppData\Roaming\Mount&Blade Warband
2014-12-19 19:30 . 2015-01-10 17:11 -------- d-----w- c:\program files (x86)\Project Cars
2014-12-19 01:26 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-19 01:26 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-19 00:49 . 2014-12-19 01:09 -------- d-----w- c:\program files (x86)\Metal Gear Solid V Ground Zeroes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-19 20:23 . 2014-04-06 19:22 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-13 11:51 . 2013-03-18 13:46 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-13 11:51 . 2013-03-18 13:46 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 22:21 . 2011-12-31 00:29 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-11 22:21 . 2012-11-30 19:59 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-12-11 21:36 . 2014-07-18 18:52 925184 ----a-w- c:\windows\expstart.exe
2014-12-10 23:04 . 2011-12-08 22:48 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-27 01:43 . 2014-12-10 22:59 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-23 14:16 . 2012-01-15 11:12 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-11-23 14:16 . 2012-01-15 11:12 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-11-22 11:42 . 2014-04-07 11:44 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-22 03:13 . 2014-12-10 22:58 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 22:59 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 22:59 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 22:59 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 22:58 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 22:59 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 22:59 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 22:58 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 22:59 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 22:59 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 22:59 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 22:59 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 22:58 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 22:58 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 22:59 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 22:59 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 22:59 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 22:59 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 22:58 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 22:58 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 22:59 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 22:59 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 22:59 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 22:59 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 22:59 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 22:59 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 22:59 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 22:59 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 22:58 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 22:59 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 22:58 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 22:59 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 22:59 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 22:58 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 22:59 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 22:59 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 22:59 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 22:59 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 22:59 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-21 05:14 . 2014-04-06 19:22 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-04-06 19:22 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2011-12-20 22:31 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-17 22:18 . 2014-11-19 21:59 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-11-17 22:18 . 2014-11-19 21:59 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-11-17 22:18 . 2014-11-19 21:59 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-11-17 20:02 . 2014-11-19 22:02 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-11-17 20:02 . 2014-11-19 22:02 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-11-17 20:02 . 2014-11-19 22:02 2800296 ----a-w- c:\windows\system32\nvspcap64.dll
2014-11-17 20:02 . 2014-11-19 22:02 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-11-13 00:20 . 2014-11-19 22:01 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-13 00:20 . 2014-11-19 22:01 59592 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-13 00:20 . 2014-11-19 21:59 989056 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-11-13 00:20 . 2014-11-19 21:59 964928 ----a-w- c:\windows\system32\NvIFR64.dll
2014-11-13 00:20 . 2014-11-19 21:59 935240 ----a-w- c:\windows\system32\NvFBC64.dll
2014-11-13 00:20 . 2014-11-19 21:59 923792 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-11-13 00:20 . 2014-11-19 21:59 900928 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-11-13 00:20 . 2014-11-19 21:59 871648 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-11-13 00:20 . 2014-11-19 21:59 4292416 ----a-w- c:\windows\system32\nvcuvid.dll
2014-11-13 00:20 . 2014-11-19 21:59 4011208 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-11-13 00:20 . 2014-11-19 21:59 352016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-11-13 00:20 . 2014-11-19 21:59 3262784 ----a-w- c:\windows\system32\nvapi64.dll
2014-11-13 00:20 . 2014-11-19 21:59 31893136 ----a-w- c:\windows\system32\nvoglv64.dll
2014-11-13 00:20 . 2014-11-19 21:59 303600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-11-13 00:20 . 2014-11-19 21:59 2874456 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-11-13 00:20 . 2014-11-19 21:59 24557712 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-11-13 00:20 . 2014-11-19 21:59 20986592 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-11-13 00:20 . 2014-11-19 21:59 20922512 ----a-w- c:\windows\system32\nvcompiler.dll
2014-11-13 00:20 . 2014-11-19 21:59 19966344 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-11-13 00:20 . 2014-11-19 21:59 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-11-19 21:59 18514616 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-11-13 00:20 . 2014-11-19 21:59 174856 ----a-w- c:\windows\system32\nvinitx.dll
2014-11-13 00:20 . 2014-11-19 21:59 17259664 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-11-13 00:20 . 2014-11-19 21:59 16884632 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-11-13 00:20 . 2014-11-19 21:59 156840 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-11-13 00:20 . 2014-11-19 21:59 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-13 00:20 . 2014-11-19 21:59 14032984 ----a-w- c:\windows\system32\nvopencl.dll
2014-11-13 00:20 . 2014-11-19 21:59 13944952 ----a-w- c:\windows\system32\nvcuda.dll
2014-11-13 00:20 . 2014-11-19 21:59 13213512 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-11-13 00:20 . 2014-11-19 21:59 11397744 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-11-13 00:20 . 2014-11-19 21:59 11336432 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-11-12 21:56 . 2014-11-19 22:01 6897352 ----a-w- c:\windows\system32\nvcpl.dll
2014-11-12 21:56 . 2014-11-19 22:01 3534152 ----a-w- c:\windows\system32\nvsvc64.dll
2014-11-12 21:56 . 2014-11-19 22:01 934032 ----a-w- c:\windows\system32\nvvsvc.exe
2014-11-12 21:56 . 2014-11-19 22:01 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-11-12 21:56 . 2014-11-19 22:01 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-11-12 21:56 . 2014-11-19 22:01 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-11-12 20:46 . 2014-11-19 22:01 615624 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-11-12 13:53 . 2012-03-07 18:37 1657984 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-01-10 1942208]
"puush"="c:\program files (x86)\puush\puush.exe" [2014-11-12 567880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-09 5227112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Outlook 2010.lnk - c:\windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe [2012-12-25 304296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS;c:\users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 monectdevices;Monect Hid Device;c:\windows\system32\DRIVERS\monectdevices.sys;c:\windows\SYSNATIVE\DRIVERS\monectdevices.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 ptun0901;TAP Adapter V9 for Private Tunnel;c:\windows\system32\DRIVERS\ptun0901.sys;c:\windows\SYSNATIVE\DRIVERS\ptun0901.sys [x]
R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R4 MonectServerService;MonectServerService;c:\users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe;c:\users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Jarda\AppData\Local\Temp\ALSysIO64.sys;c:\users\Jarda\AppData\Local\Temp\ALSysIO64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-08 18:53 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{7E575733-1DF5-4064-AE38-289BA932398A}_is1 - c:\program files (x86)\InViewer\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:e4,1d,71,d1,d5,57,ab,e9,9e,4d,72,63,a2,7a,9b,05,48,a0,58,77,64,
01,36,33,c8,1f,93,12,34,b2,a7,61,e9,04,bc,3e,06,18,d8,ef,c4,a6,64,5f,f4,3b,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:e4,1d,71,d1,d5,57,ab,e9,9e,4d,72,63,a2,7a,9b,05,48,a0,58,77,64,
01,36,33,c8,1f,93,12,34,b2,a7,61,e9,04,bc,3e,06,18,d8,ef,c4,a6,64,5f,f4,3b,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
c:\program files (x86)\Bandicam\bdcam.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Steam\bin\steamwebhelper.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-01-10 21:33:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-10 20:33
ComboFix2.txt 2015-01-10 17:22
.
Před spuštěním: Volných bajtů: 28 215 734 272
Po spuštění: Volných bajtů: 28 013 576 192
.
- - End Of File - - 356F7D4A68E4AA0EC73955820BBDA323
A36C5E4F47E84449FF07ED3517B43A31

#10 Příspěvek od **altrok** » 10 led 2015 21:55

Pokud jeste nemate, presunte ComboFix na plochu.

Otevrete Poznamkovy blok (Start -> Spustit -> notepad)

zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)

Kód: Vybrat vše

DeQuarantine::
C:\Qoobox\Quarantine\c\program files (x86)\InViewer
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars

Quit::

Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
vyskoci na Vas log, jehoz obsah mi vlozte do dalsi odpovedi.

Otestujte pak funkcnost techto dvou aplikaci.

Jarda62 · #11 Příspěvek od **Jarda62** » 10 led 2015 22:09

Aplikace fungují.

C:\Qoobox\Quarantine\c\program files (x86)\InViewer\AxInterop.WMPLib.dll -> C:\program files (x86)\InViewer\AxInterop.WMPLib.dll
C:\Qoobox\Quarantine\c\program files (x86)\InViewer\changelog.txt -> C:\program files (x86)\InViewer\changelog.txt
C:\Qoobox\Quarantine\c\program files (x86)\InViewer\gpl.txt -> C:\program files (x86)\InViewer\gpl.txt
C:\Qoobox\Quarantine\c\program files (x86)\InViewer\Interop.WMPLib.dll -> C:\program files (x86)\InViewer\Interop.WMPLib.dll
C:\Qoobox\Quarantine\c\program files (x86)\InViewer\invhelper.exe -> C:\program files (x86)\InViewer\invhelper.exe
C:\Qoobox\Quarantine\c\program files (x86)\InViewer\inviewer.exe -> C:\program files (x86)\InViewer\inviewer.exe
C:\Qoobox\Quarantine\c\program files (x86)\InViewer\readme.txt -> C:\program files (x86)\InViewer\readme.txt
C:\Qoobox\Quarantine\c\program files (x86)\InViewer\unins000.dat -> C:\program files (x86)\InViewer\unins000.dat
C:\Qoobox\Quarantine\c\program files (x86)\InViewer\unins000.exe -> C:\program files (x86)\InViewer\unins000.exe
Zkopˇrovan‚ soubory: 9
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicFSCHECKED_x64.dll -> C:\program files (x86)\Project Cars\APEX_BasicFSCHECKED_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicFSCHECKED_x86.dll -> C:\program files (x86)\Project Cars\APEX_BasicFSCHECKED_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicFSDEBUG_x64.dll -> C:\program files (x86)\Project Cars\APEX_BasicFSDEBUG_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicFSDEBUG_x86.dll -> C:\program files (x86)\Project Cars\APEX_BasicFSDEBUG_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicFSPROFILE_x64.dll -> C:\program files (x86)\Project Cars\APEX_BasicFSPROFILE_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicFSPROFILE_x86.dll -> C:\program files (x86)\Project Cars\APEX_BasicFSPROFILE_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicFS_x64.dll -> C:\program files (x86)\Project Cars\APEX_BasicFS_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicFS_x86.dll -> C:\program files (x86)\Project Cars\APEX_BasicFS_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicIOSCHECKED_x64.dll -> C:\program files (x86)\Project Cars\APEX_BasicIOSCHECKED_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicIOSCHECKED_x86.dll -> C:\program files (x86)\Project Cars\APEX_BasicIOSCHECKED_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicIOSDEBUG_x86.dll -> C:\program files (x86)\Project Cars\APEX_BasicIOSDEBUG_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicIOSPROFILE_x64.dll -> C:\program files (x86)\Project Cars\APEX_BasicIOSPROFILE_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicIOSPROFILE_x86.dll -> C:\program files (x86)\Project Cars\APEX_BasicIOSPROFILE_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicIOS_x64.dll -> C:\program files (x86)\Project Cars\APEX_BasicIOS_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_BasicIOS_x86.dll -> C:\program files (x86)\Project Cars\APEX_BasicIOS_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_EmitterCHECKED_x64.dll -> C:\program files (x86)\Project Cars\APEX_EmitterCHECKED_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_EmitterCHECKED_x86.dll -> C:\program files (x86)\Project Cars\APEX_EmitterCHECKED_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_EmitterDEBUG_x64.dll -> C:\program files (x86)\Project Cars\APEX_EmitterDEBUG_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_EmitterDEBUG_x86.dll -> C:\program files (x86)\Project Cars\APEX_EmitterDEBUG_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_EmitterPROFILE_x64.dll -> C:\program files (x86)\Project Cars\APEX_EmitterPROFILE_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_EmitterPROFILE_x86.dll -> C:\program files (x86)\Project Cars\APEX_EmitterPROFILE_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_Emitter_x64.dll -> C:\program files (x86)\Project Cars\APEX_Emitter_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_Emitter_x86.dll -> C:\program files (x86)\Project Cars\APEX_Emitter_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_FieldSamplerCHECKED_x64.dll -> C:\program files (x86)\Project Cars\APEX_FieldSamplerCHECKED_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_FieldSamplerCHECKED_x86.dll -> C:\program files (x86)\Project Cars\APEX_FieldSamplerCHECKED_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_FieldSamplerDEBUG_x64.dll -> C:\program files (x86)\Project Cars\APEX_FieldSamplerDEBUG_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_FieldSamplerDEBUG_x86.dll -> C:\program files (x86)\Project Cars\APEX_FieldSamplerDEBUG_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_FieldSamplerPROFILE_x64.dll -> C:\program files (x86)\Project Cars\APEX_FieldSamplerPROFILE_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_FieldSamplerPROFILE_x86.dll -> C:\program files (x86)\Project Cars\APEX_FieldSamplerPROFILE_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_FieldSampler_x64.dll -> C:\program files (x86)\Project Cars\APEX_FieldSampler_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_FieldSampler_x86.dll -> C:\program files (x86)\Project Cars\APEX_FieldSampler_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_ParticleIOSCHECKED_x64.dll -> C:\program files (x86)\Project Cars\APEX_ParticleIOSCHECKED_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_ParticleIOSCHECKED_x86.dll -> C:\program files (x86)\Project Cars\APEX_ParticleIOSCHECKED_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_ParticleIOSDEBUG_x86.dll -> C:\program files (x86)\Project Cars\APEX_ParticleIOSDEBUG_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_ParticleIOSPROFILE_x64.dll -> C:\program files (x86)\Project Cars\APEX_ParticleIOSPROFILE_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_ParticleIOSPROFILE_x86.dll -> C:\program files (x86)\Project Cars\APEX_ParticleIOSPROFILE_x86.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_ParticleIOS_x64.dll -> C:\program files (x86)\Project Cars\APEX_ParticleIOS_x64.dll
C:\Qoobox\Quarantine\c\program files (x86)\Project Cars\APEX_ParticleIOS_x86.dll -> C:\program files (x86)\Project Cars\APEX_ParticleIOS_x86.dll
Zkopˇrovan‚ soubory: 38

#12 Příspěvek od **altrok** » 10 led 2015 22:16

Vyborne, dejte jeste novy log FRST (frst.txt i addition.txt).

Jarda62 · #13 Příspěvek od **Jarda62** » 10 led 2015 22:23

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2015
Ran by Jarda (administrator) on JARDA-PC on 10-01-2015 22:21:50
Running from C:\Users\Jarda\Desktop
Loaded Profile: Jarda (Available profiles: Jarda)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\Core Temp\Core Temp.exe
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam64.bin
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\puush\puush.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jarda\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942208 2015-01-10] (Valve Corporation)
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-11-12] ()
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2015-01-10] () <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\bmqwkvg7.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKU\S-1-5-21-3344855712-2548836808-2162885872-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3344855712-2548836808-2162885872-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jarda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3344855712-2548836808-2162885872-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jarda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3344855712-2548836808-2162885872-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-07]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/", "hxxp://facebook.com/"
CHR Profile: C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (LinkPeelr) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhcmjnfhbpgagklnjhlcabnbcdgipje [2014-12-14]
CHR Extension: (BetterTTV) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-02-26]
CHR Extension: (AdBlock) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-23]
CHR Extension: (Classic) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn [2014-05-21]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-07-05]
CHR Extension: (Twitch Now) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2013-10-20]
CHR Extension: (Peněženka Google) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Hover Zoom) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-07-13]
CHR HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jarda\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-08]
CHR StartMenuInternet: Google Chrome - C:\Users\Jarda\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-08] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-08] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [762752 2015-01-06] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-20] (Electronic Arts)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-01-04] (Microsoft Corporation) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S4 MonectServerService; C:\Users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-08] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-03-13] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-07] (Disc Soft Ltd)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-07-10] (Echobit, LLC)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-03-13] ()
S3 monectdevices; C:\Windows\System32\DRIVERS\monectdevices.sys [10432 2013-03-23] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-04-24] (The OpenVPN Project)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2012-12-30] (Sony Ericsson Mobile Communications)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-08] (Avast Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113952 2014-02-25] (Oracle Corporation)
R3 ALSysIO; \??\C:\Users\Jarda\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 HWiNFO32; \??\C:\Users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 22:21 - 2015-01-10 22:21 - 00112640 _____ (forum.viry.cz) C:\Users\Jarda\Downloads\Nepotvrzeno 287585.crdownload
2015-01-10 22:01 - 2015-01-10 22:01 - 00006847 _____ () C:\DeQuarantine.txt
2015-01-10 22:01 - 2015-01-10 22:01 - 00000000 ____D () C:\Program Files (x86)\InViewer
2015-01-10 22:00 - 2015-01-10 22:01 - 00000000 ___SD () C:\ComboFix
2015-01-10 18:03 - 2015-01-10 22:01 - 00000000 ____D () C:\Qoobox
2015-01-10 18:03 - 2015-01-10 18:21 - 00000000 ____D () C:\Windows\erdnt
2015-01-10 18:03 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-10 18:03 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-10 18:03 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-10 18:03 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-10 18:03 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-10 18:03 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-10 18:03 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-10 18:00 - 2015-01-10 18:01 - 00004288 _____ () C:\Users\Jarda\Desktop\Rkill.txt
2015-01-10 17:59 - 2015-01-10 17:59 - 05609736 ____R (Swearware) C:\Users\Jarda\Desktop\ComboFix.exe
2015-01-10 17:58 - 2015-01-10 17:59 - 05609736 _____ (Swearware) C:\Users\Jarda\Downloads\ComboFix.exe
2015-01-10 17:58 - 2015-01-10 17:58 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Jarda\Downloads\rkill.com
2015-01-10 17:58 - 2015-01-10 17:58 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Jarda\Desktop\rkill.com
2015-01-10 17:41 - 2015-01-10 17:41 - 00036020 _____ () C:\Users\Jarda\Desktop\FRST2.txt
2015-01-10 17:39 - 2015-01-10 22:22 - 00021731 _____ () C:\Users\Jarda\Desktop\FRST.txt
2015-01-10 17:39 - 2015-01-10 22:21 - 00000000 ____D () C:\FRST
2015-01-10 17:38 - 2015-01-10 17:38 - 00112640 _____ (forum.viry.cz) C:\Users\Jarda\Desktop\FRSTLauncher.exe
2015-01-10 17:38 - 2015-01-10 17:36 - 02124288 _____ (Farbar) C:\Users\Jarda\Desktop\FRST64.exe
2015-01-10 17:37 - 2015-01-10 17:37 - 00112280 _____ (forum.viry.cz) C:\Users\Jarda\Downloads\Nepotvrzeno 146645.crdownload
2015-01-10 17:36 - 2015-01-10 17:36 - 02124288 _____ (Farbar) C:\Users\Jarda\Downloads\FRST64.exe
2015-01-10 17:01 - 2015-01-10 22:04 - 00002140 _____ () C:\Windows\PFRO.log
2015-01-10 16:58 - 2015-01-10 17:00 - 00000000 ____D () C:\AdwCleaner
2015-01-10 16:58 - 2015-01-10 16:57 - 02191360 _____ () C:\Users\Jarda\Desktop\adwcleaner_4.107.exe
2015-01-10 16:57 - 2015-01-10 16:57 - 02191360 _____ () C:\Users\Jarda\Downloads\adwcleaner_4.107.exe
2015-01-10 14:42 - 2015-01-10 16:57 - 00000000 ____D () C:\Program Files\trend micro
2015-01-10 14:42 - 2015-01-10 14:43 - 00000000 ____D () C:\rsit
2015-01-10 14:42 - 2015-01-10 14:42 - 01222144 _____ () C:\Users\Jarda\Downloads\RSITx64.exe
2015-01-10 14:42 - 2015-01-10 14:42 - 01222144 _____ () C:\Users\Jarda\Desktop\RSITx64.exe
2015-01-08 05:31 - 2015-01-08 05:31 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\3909
2015-01-07 19:42 - 2015-01-07 19:59 - 00000000 ____D () C:\Users\Jarda\Documents\Proteus
2015-01-07 18:30 - 2015-01-07 18:39 - 00000000 ____D () C:\Users\Jarda\AppData\Local\Culling_Of_The_Cows
2015-01-06 02:56 - 2015-01-08 05:21 - 00000000 ____D () C:\Users\Jarda\Downloads\Designer Sound FX
2015-01-03 13:00 - 2015-01-03 13:00 - 05116840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-02 19:28 - 2015-01-03 13:18 - 00022596 _____ () C:\Windows\DirectX.log
2015-01-01 22:02 - 2015-01-10 22:07 - 00002768 _____ () C:\Windows\setupact.log
2015-01-01 22:02 - 2015-01-01 22:02 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-01 21:52 - 2015-01-01 21:52 - 00113728 _____ () C:\Users\Jarda\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 02:36 - 2014-12-29 03:04 - 00000000 ____D () C:\Users\Jarda\Documents\Mount&Blade Warband Savegames
2014-12-29 02:35 - 2014-12-29 02:39 - 00000000 ____D () C:\Users\Jarda\Documents\Mount&Blade Warband
2014-12-29 02:35 - 2014-12-29 02:38 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Mount&Blade Warband
2014-12-26 12:07 - 2014-12-26 12:07 - 00000000 ____D () C:\Users\Jarda\Documents\Criterion Games
2014-12-19 20:44 - 2014-12-19 20:50 - 00000000 ____D () C:\Users\Jarda\Documents\CARS
2014-12-19 20:43 - 2014-12-19 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Cars
2014-12-19 20:30 - 2015-01-10 22:01 - 00000000 ____D () C:\Program Files (x86)\Project Cars
2014-12-19 18:46 - 2014-12-19 18:51 - 29923321 _____ () C:\Users\Jarda\Desktop\Sprinkle Islands v1.1.0.apk
2014-12-19 03:53 - 2015-01-09 16:54 - 00000334 _____ () C:\Users\Jarda\Desktop\..txt
2014-12-19 02:26 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-19 02:26 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-19 01:51 - 2014-12-19 01:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Gear Solid V Ground Zeroes
2014-12-19 01:49 - 2014-12-19 02:09 - 00000000 ____D () C:\Program Files (x86)\Metal Gear Solid V Ground Zeroes
2014-12-15 02:20 - 2014-12-15 02:22 - 37646256 _____ () C:\Users\Jarda\Desktop\Townsmen Premium v1.4.7.apk
2014-12-11 00:02 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 00:01 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-10 22:14 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 22:14 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 22:12 - 2011-12-09 04:36 - 01653031 _____ () C:\Windows\WindowsUpdate.log
2015-01-10 22:10 - 2014-07-18 19:52 - 00925184 _____ () C:\Windows\expstart.exe
2015-01-10 22:10 - 2012-04-05 20:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-10 22:06 - 2014-07-24 20:06 - 00000000 ____D () C:\Users\Jarda\Documents\Soubory aplikace Outlook
2015-01-10 22:05 - 2012-04-05 14:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-10 22:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-10 22:04 - 2014-10-26 14:27 - 00003022 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2015-01-10 21:27 - 2014-04-07 12:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-10 21:25 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-10 18:47 - 2013-06-10 15:52 - 00000000 ___RD () C:\Users\Jarda\Desktop\
2015-01-10 14:47 - 2014-08-04 21:19 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2015-01-10 14:14 - 2012-09-26 19:08 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\vlc
2015-01-10 13:49 - 2014-01-03 00:17 - 00000000 ___RD () C:\Users\Jarda\Desktop\Hry
2015-01-10 13:16 - 2013-03-25 20:55 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-10 04:36 - 2012-09-04 16:19 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\TS3Client
2015-01-09 07:46 - 2012-01-06 00:31 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-01-08 17:00 - 2012-04-12 22:40 - 00000000 ___RD () C:\Users\Jarda\Desktop\Škola
2015-01-08 13:16 - 2011-12-09 21:56 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\uTorrent
2015-01-06 23:55 - 2014-01-21 22:03 - 00000000 ____D () C:\Users\Jarda\AppData\Local\ArmA 2 OA
2015-01-05 03:05 - 2013-10-06 00:23 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Audacity
2015-01-04 17:14 - 2013-05-10 15:37 - 00000000 ____D () C:\Users\Jarda\Documents\youtube
2015-01-02 19:27 - 2009-07-14 16:18 - 00672158 _____ () C:\Windows\system32\perfh005.dat
2015-01-02 19:27 - 2009-07-14 16:18 - 00142754 _____ () C:\Windows\system32\perfc005.dat
2015-01-02 19:27 - 2009-07-14 06:13 - 01593302 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-01 21:52 - 2013-09-19 17:21 - 00000000 ____D () C:\Program Files (x86)\DesktopOK
2015-01-01 21:49 - 2014-02-17 14:12 - 00000000 ____D () C:\Users\Jarda\AppData\Local\CrashDumps
2015-01-01 21:49 - 2013-03-25 20:56 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\TeamViewer
2015-01-01 21:49 - 2011-12-09 15:30 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
2015-01-01 21:18 - 2014-07-18 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2015-01-01 21:18 - 2014-07-18 21:17 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2015-01-01 18:16 - 2014-06-16 00:13 - 00002888 _____ () C:\Windows\System32\Tasks\bandicam_start
2015-01-01 18:04 - 2012-07-03 16:06 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-01 18:04 - 2012-07-03 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-01 17:54 - 2011-12-08 22:35 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-31 17:08 - 2014-06-22 13:43 - 00000000 ____D () C:\Program Files (x86)\Software Updates Monitor
2014-12-31 17:07 - 2013-10-23 14:24 - 00000000 ___RD () C:\Users\Jarda\Desktop\Programy
2014-12-31 17:05 - 2014-08-03 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2014-12-31 17:03 - 2014-06-22 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileSeek
2014-12-31 17:03 - 2014-06-22 21:44 - 00000000 ____D () C:\Program Files (x86)\FileSeek
2014-12-31 08:08 - 2014-10-04 14:59 - 00000000 ____D () C:\Users\Jarda\Downloads\South.Park.S01-S15.DVDRip.WEB-DL.BDRip.XviD.CZ.ENG
2014-12-27 02:56 - 2012-10-24 20:06 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-26 14:00 - 2012-10-31 18:51 - 00000000 ____D () C:\ProgramData\Origin
2014-12-26 13:57 - 2012-10-31 18:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-23 20:27 - 2012-12-02 17:45 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-12-23 20:08 - 2014-06-19 19:00 - 00000000 ____D () C:\Users\Jarda\Documents\Euro Truck Simulator 2
2014-12-22 19:08 - 2011-12-09 15:23 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Skype
2014-12-22 18:19 - 2014-02-16 16:36 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Spotify
2014-12-22 18:12 - 2011-12-09 15:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-22 18:12 - 2011-12-09 15:23 - 00000000 ____D () C:\ProgramData\Skype
2014-12-22 18:09 - 2014-02-16 16:37 - 00000000 ____D () C:\Users\Jarda\AppData\Local\Spotify
2014-12-22 18:08 - 2011-12-10 01:25 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-19 21:23 - 2014-04-06 20:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-19 20:02 - 2011-12-09 04:34 - 00000000 ____D () C:\Users\Jarda
2014-12-17 03:22 - 2013-07-05 21:54 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\OBS
2014-12-15 02:04 - 2013-10-08 00:57 - 00000132 _____ () C:\Users\Jarda\AppData\Roaming\Formát PNG Adobe CC – předvolby
2014-12-13 12:51 - 2014-08-19 23:59 - 00000000 ____D () C:\Users\Jarda\AppData\Local\Adobe
2014-12-13 12:51 - 2013-03-18 14:46 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 12:51 - 2013-03-18 14:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 12:37 - 2013-08-15 20:37 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-11 23:21 - 2012-11-30 20:59 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-11 23:21 - 2011-12-31 01:29 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-11 21:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 00:09 - 2013-07-12 11:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 00:04 - 2011-12-10 13:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 00:04 - 2011-12-08 23:48 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\ProgramData\hash.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-05 18:51

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.66 GB) (Free:26.06 GB) NTFS
Drive d: (kappa) (Fixed) (Total:149.05 GB) (Free:21.57 GB) NTFS

Available physical RAM: 5041.69 MB
Total physical RAM: 8163.36 MB
Percentage of memory in use: 38%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: E61DDFEF)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24762475)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Data aplikací:NT
AlternateDataStreams: C:\ProgramData\Data aplikací:NT2
AlternateDataStreams: C:\ProgramData\Microsoft:ley31hqI9sGSlLzQK8X
AlternateDataStreams: C:\ProgramData\Microsoft:ykC2K75XRDRhWZdCqsF9oS2urE
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT2
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT2

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jarda\Desktop" je 21612 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe -update plugin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore
C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

add

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2015
Ran by Jarda at 2015-01-10 22:22:27
Running from C:\Users\Jarda\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.5.1525 - Open Media LLC)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - )
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme v4.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
Aktualizace NVIDIA 16.13.69 (Version: 16.13.69 - NVIDIA Corporation) Hidden
Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.0.638 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bridge Constructor (HKLM-x32\...\Steam App 250460) (Version: - )
BulletStorm (x32 Version: 1.0.0001.130 - EA) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cok Free Auto Clicker 2.0 (HKLM-x32\...\Cok Free Auto Clicker_is1) (Version: 2.0 - Cok Software)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games)
DiRT 3 (x32 Version: 1.0.0001.130 - Codemasters) Hidden
DiRT2 (x32 Version: 1.0.0002.133 - Codemasters) Hidden
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version: - 3D Realms)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fantasy Voice Pack (HKLM-x32\...\{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}) (Version: 1.3.2 - Screaming Bee)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Název společnosti:) Hidden
Female Voice Pack (HKLM-x32\...\{D947A225-8C23-4E52-866E-CF3967476BFC}) (Version: 3.3.2 - Screaming Bee)
FileSeek 4.0 (HKLM-x32\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 4.0.0.0 - Binary Fortress Software)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team)
Furry Voices for Second Life (HKLM-x32\...\{2032DA39-C844-43AE-B638-6A4F7496686E}) (Version: 1.3.1 - Screaming Bee)
Galactic Voices (HKLM-x32\...\{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}) (Version: 1.3.1 - Screaming Bee)
Galcon 2 (HKLM-x32\...\Steam App 294160) (Version: - Hassey Enterprises, Inc.)
GameRanger (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)
GRID (HKLM-x32\...\Steam App 12750) (Version: - Codemasters Studios)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
ibb & obb (HKLM-x32\...\Steam App 95400) (Version: - Sparpweed)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
InViewer version 0.87.0.2 (HKLM-x32\...\{7E575733-1DF5-4064-AE38-289BA932398A}_is1) (Version: 0.87.0.2 - Stefan Wobbe)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Kane & Lynch 2: Dog Days (HKLM-x32\...\Steam App 28000) (Version: - IO Interactive)
K-Lite Codec Pack 10.8.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.0 - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lightfish (HKLM-x32\...\Steam App 116120) (Version: - Eclipse Games)
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
LYNE (HKLM-x32\...\Steam App 266010) (Version: - Thomas Bowker)
Male Voice Pack (HKLM-x32\...\{2CC32E0E-9A10-4BCC-94F0-614F85375F59}) (Version: 1.3.1 - Screaming Bee)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios)
Metal Gear Solid V Ground Zeroes (HKLM-x32\...\Metal Gear Solid V Ground Zeroes_is1) (Version: - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2010 (HKLM-x32\...\{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MorphVOX Pro (HKLM-x32\...\{4bfc0d50-0417-46a0-ab1e-475fb1a90916}) (Version: 4.4.17.22603 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.17.22603 - Screaming Bee) Hidden
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mozilla Firefox 34.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 cs)) (Version: 34.0 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Multisim 8 (x32 Version: 8.0.24 - Electronics Workbench) Hidden
My Game Long Name (HKLM\...\UDK-a1bacc41-7245-43b1-b89b-73e4346187a9) (Version: - Epic Games, Inc.)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Personality Voices (HKLM-x32\...\{4B886E97-AF5B-46F0-9F48-6BE03149D972}) (Version: 1.0.1 - Screaming Bee)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
Project Cars verze 834 (HKLM-x32\...\Project Cars_is1) (Version: 834 - Repacky)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version: - Eugen Systems)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Red Faction: Guerrilla (x32 Version: 1.0.0002.132 - THQ) Hidden
Red Faction: Guerrilla (x32 Version: 1.0.0003.132 - THQ) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version: - ACE Team)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version: - Chris Sawyer Productions)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Sci-Fi Voice Pack (HKLM-x32\...\{BC038C91-D3C6-4E43-8439-B65976FE7937}) (Version: 1.3.1 - Screaming Bee)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shadow Warrior (HKLM-x32\...\Steam App 233130) (Version: - Flying Wild Hog)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Spotify (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Explorer 6.2.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Test Drive Unlimited 2 (HKLM-x32\...\Steam App 9930) (Version: - Eden Studios)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version: - Jonathan Lermitage)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Tower Wars (HKLM-x32\...\Steam App 214360) (Version: - SuperVillain Studios)
Translator Fun Voice Pack (HKLM-x32\...\{C39768C1-82E7-4466-8526-2D8AC44B768F}) (Version: 1.5.1 - Screaming Bee)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Types (HKLM\...\Types) (Version: 2.1.6 - E. Strunnikov)
Unity Web Player (HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Urban Trial Freestyle (HKLM-x32\...\Steam App 243450) (Version: - Tate Multimedia)
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version: - RuneStorm)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WRC Powerslide (HKLM-x32\...\Steam App 256350) (Version: - Milestone S.r.l.)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.3 - Xvid Team)
Zombie Driver HD (HKLM-x32\...\Steam App 220820) (Version: - Exor Studios)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

10-01-2015 15:49:22 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-10 21:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {057C05AB-1354-460D-8441-5214C2914176} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-08] (AVAST Software)
Task: {1D39CFDD-85E9-405D-8749-AF89AB94798C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14] (Google Inc.)
Task: {2A857517-F8EF-4C5E-BFA5-4F4B753E9061} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {5820C5F9-D4BA-46BE-AD30-90BFE3124E79} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6FEBE5AB-D507-4AD0-8495-42F29513C6D9} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-08-31] ()
Task: {7714D3CC-F448-4DC5-B3F8-5CC9D3FA954F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000Core => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-22] (Google Inc.)
Task: {782CE30F-03DB-4C1E-837A-FBA1D92B8479} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {7AB6681D-9B27-4D69-AF94-8127CB980C28} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-10-06] ()
Task: {86C2FDCB-ACE6-4F9F-A7EC-0E17AB7DA826} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3344855712-2548836808-2162885872-1000UA => C:\Users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-22] (Google Inc.)
Task: {9216B18D-E3AE-4135-B5CA-82FDEA4946ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14] (Google Inc.)
Task: {CFEC5B1B-6A17-4687-89A7-24029484BC55} - System32\Tasks\Core Temp Autostart Jarda => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {E6F86F3F-A093-4AE0-AA46-EEAC2978F3C9} - System32\Tasks\bandicam_start => C:\Program Files (x86)\Bandicam\bdcam.exe [2014-05-30] (www.Bandisoft.com)

==================== Loaded Modules (whitelisted) =============

2014-11-19 23:01 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-05 10:41 - 2014-08-30 19:07 - 00400384 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2012-02-26 12:12 - 2013-10-08 13:23 - 00890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-08-31 14:00 - 2014-08-31 14:00 - 00512512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2012-01-10 14:41 - 2014-11-12 14:19 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-15 02:36 - 2013-02-15 02:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-08-30 19:07 - 2014-08-30 19:07 - 00195584 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-08-30 19:07 - 2014-08-30 19:07 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-08-30 19:07 - 2014-08-30 19:07 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-01-10 21:25 - 2015-01-10 21:25 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011002\algo.dll
2014-06-05 10:40 - 2014-08-30 19:07 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2014-08-31 13:58 - 2014-08-31 13:58 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-08-31 13:58 - 2014-08-31 13:58 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-08-31 13:59 - 2014-08-31 13:59 - 00217600 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-08-31 13:59 - 2014-08-31 13:59 - 00324608 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-08-31 14:00 - 2014-08-31 14:00 - 00648192 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-02 20:17 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-02 20:17 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-02 20:17 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 21:11 - 2015-01-10 04:21 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 12:40 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-04-05 20:38 - 2015-01-10 04:21 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-08 19:53 - 2014-11-08 19:53 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-04-05 20:38 - 2014-12-20 00:38 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-30 19:07 - 2014-08-30 19:07 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-08-30 19:07 - 2014-08-30 19:07 - 00324608 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-08-30 19:07 - 2014-08-30 19:07 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2014-08-14 20:52 - 2014-12-20 00:38 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 01077064 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 00211272 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 09009480 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 01677128 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 13:42 - 2014-12-06 02:50 - 14913352 _____ () C:\Users\Jarda\AppData\Local\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Data aplikací:NT
AlternateDataStreams: C:\ProgramData\Data aplikací:NT2
AlternateDataStreams: C:\ProgramData\Microsoft:ley31hqI9sGSlLzQK8X
AlternateDataStreams: C:\ProgramData\Microsoft:ykC2K75XRDRhWZdCqsF9oS2urE
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT2
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jarda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe -update plugin
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

========================= Accounts: ==========================

Administrator (S-1-5-21-3344855712-2548836808-2162885872-500 - Administrator - Disabled)
Guest (S-1-5-21-3344855712-2548836808-2162885872-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3344855712-2548836808-2162885872-1027 - Limited - Enabled)
Jarda (S-1-5-21-3344855712-2548836808-2162885872-1000 - Administrator - Enabled) => C:\Users\Jarda

==================== Faulty Device Manager Devices =============

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2015 10:07:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/10/2015 10:07:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/10/2015 10:07:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/10/2015 09:28:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan't create NSS process. [0]

Error: (01/10/2015 09:28:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to create process. [1018]

Error: (01/10/2015 09:28:12 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/10/2015 09:28:12 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/10/2015 09:28:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/10/2015 06:15:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan't create NSS process. [0]

Error: (01/10/2015 06:15:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to create process. [1018]

System errors:
=============
Error: (01/10/2015 09:25:45 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače MONI-PC,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{51B7B1EB-D3C3-4B1D-8C79-C6D0875E712F}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (01/10/2015 09:24:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/10/2015 09:21:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/10/2015 09:15:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/10/2015 09:15:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/10/2015 06:12:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/10/2015 06:11:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/10/2015 06:09:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/10/2015 05:00:44 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (01/10/2015 05:00:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E175B6D-F52A-11D8-B9A5-505054503030}

Microsoft Office Sessions:
=========================
Error: (01/10/2015 10:07:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/10/2015 10:07:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/10/2015 10:07:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/10/2015 09:28:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan't create NSS process. [0]

Error: (01/10/2015 09:28:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to create process. [1018]

Error: (01/10/2015 09:28:12 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/10/2015 09:28:12 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/10/2015 09:28:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/10/2015 06:15:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan't create NSS process. [0]

Error: (01/10/2015 06:15:50 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to create process. [1018]

CodeIntegrity Errors:
===================================
Date: 2015-01-10 22:21:39.796
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:21:39.736
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:21:34.684
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:21:06.540
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:21:06.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:20:09.650
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:19:36.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:18:56.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:18:39.556
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-10 22:12:06.286
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 38%
Total physical RAM: 8163.36 MB
Available physical RAM: 5041.69 MB
Total Pagefile: 16324.9 MB
Available Pagefile: 12734.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:26.06 GB) NTFS
Drive d: (kappa) (Fixed) (Total:149.05 GB) (Free:21.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: E61DDFEF)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24762475)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#14 Příspěvek od **altrok** » 10 led 2015 22:34

Velikost plochy by nemela presahovat 200 MB. Snizuje se pak start i samotny chod celeho PC.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2015-01-10] () <==== ATTENTION 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
S4 MonectServerService; C:\Users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe [X]
R3 ALSysIO; \??\C:\Users\Jarda\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 HWiNFO32; \??\C:\Users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

2015-01-10 22:21 - 2015-01-10 22:21 - 00112640 _____ (forum.viry.cz) C:\Users\Jarda\Downloads\Nepotvrzeno 287585.crdownload
2015-01-10 22:01 - 2015-01-10 22:01 - 00006847 _____ () C:\DeQuarantine.txt
2015-01-10 18:00 - 2015-01-10 18:01 - 00004288 _____ () C:\Users\Jarda\Desktop\Rkill.txt
2015-01-10 17:58 - 2015-01-10 17:58 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Jarda\Downloads\rkill.com
2015-01-10 17:58 - 2015-01-10 17:58 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Jarda\Desktop\rkill.com
2015-01-10 17:41 - 2015-01-10 17:41 - 00036020 _____ () C:\Users\Jarda\Desktop\FRST2.txt
2015-01-10 17:39 - 2015-01-10 22:22 - 00021731 _____ () C:\Users\Jarda\Desktop\FRST.txt
2015-01-10 17:38 - 2015-01-10 17:38 - 00112640 _____ (forum.viry.cz) C:\Users\Jarda\Desktop\FRSTLauncher.exe
2015-01-10 17:37 - 2015-01-10 17:37 - 00112280 _____ (forum.viry.cz) C:\Users\Jarda\Downloads\Nepotvrzeno 146645.crdownload
2015-01-10 17:36 - 2015-01-10 17:36 - 02124288 _____ (Farbar) C:\Users\Jarda\Downloads\FRST64.exe
2015-01-10 17:01 - 2015-01-10 22:04 - 00002140 _____ () C:\Windows\PFRO.log
2015-01-10 16:58 - 2015-01-10 17:00 - 00000000 ____D () C:\AdwCleaner
2015-01-10 16:58 - 2015-01-10 16:57 - 02191360 _____ () C:\Users\Jarda\Desktop\adwcleaner_4.107.exe
2015-01-10 16:57 - 2015-01-10 16:57 - 02191360 _____ () C:\Users\Jarda\Downloads\adwcleaner_4.107.exe
2015-01-10 14:42 - 2015-01-10 16:57 - 00000000 ____D () C:\Program Files\trend micro
2015-01-10 14:42 - 2015-01-10 14:43 - 00000000 ____D () C:\rsit
2015-01-10 14:42 - 2015-01-10 14:42 - 01222144 _____ () C:\Users\Jarda\Downloads\RSITx64.exe
2015-01-10 14:42 - 2015-01-10 14:42 - 01222144 _____ () C:\Users\Jarda\Desktop\RSITx64.exe
C:\ProgramData\hash.dat

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Data aplikací:NT
AlternateDataStreams: C:\ProgramData\Data aplikací:NT2
AlternateDataStreams: C:\ProgramData\Microsoft:ley31hqI9sGSlLzQK8X
AlternateDataStreams: C:\ProgramData\Microsoft:ykC2K75XRDRhWZdCqsF9oS2urE
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT2
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT2

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru" /f
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t "REG_DWORD" /d "00000001"

Folder: C:\Users\Jarda\AppData\Roaming\3909
Hosts:
EmptyTemp:
End

Jarda62 · #15 Příspěvek od **Jarda62** » 10 led 2015 22:52

Asi bych mohl s tou plochou něco udělat. Má 21GB

Jinak ten pomalý start je takový, že se dlouho načítají programy které mám dané při spuštění a třeba chrome než se zapne taky trvá. Po 5 minutách už je všechno v pořádku.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-01-2015
Ran by Jarda at 2015-01-10 22:43:58 Run:1
Running from C:\Users\Jarda\Desktop
Loaded Profile: Jarda (Available profiles: Jarda)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2015-01-10] () <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
S4 MonectServerService; C:\Users\Jarda\Downloads\Monect_v2.0.3\MonectServerService.exe [X]
R3 ALSysIO; \??\C:\Users\Jarda\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 HWiNFO32; \??\C:\Users\Jarda\AppData\Local\Temp\HWiNFO64A.SYS [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

2015-01-10 22:21 - 2015-01-10 22:21 - 00112640 _____ (forum.viry.cz) C:\Users\Jarda\Downloads\Nepotvrzeno 287585.crdownload
2015-01-10 22:01 - 2015-01-10 22:01 - 00006847 _____ () C:\DeQuarantine.txt
2015-01-10 18:00 - 2015-01-10 18:01 - 00004288 _____ () C:\Users\Jarda\Desktop\Rkill.txt
2015-01-10 17:58 - 2015-01-10 17:58 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Jarda\Downloads\rkill.com
2015-01-10 17:58 - 2015-01-10 17:58 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Jarda\Desktop\rkill.com
2015-01-10 17:41 - 2015-01-10 17:41 - 00036020 _____ () C:\Users\Jarda\Desktop\FRST2.txt
2015-01-10 17:39 - 2015-01-10 22:22 - 00021731 _____ () C:\Users\Jarda\Desktop\FRST.txt
2015-01-10 17:38 - 2015-01-10 17:38 - 00112640 _____ (forum.viry.cz) C:\Users\Jarda\Desktop\FRSTLauncher.exe
2015-01-10 17:37 - 2015-01-10 17:37 - 00112280 _____ (forum.viry.cz) C:\Users\Jarda\Downloads\Nepotvrzeno 146645.crdownload
2015-01-10 17:36 - 2015-01-10 17:36 - 02124288 _____ (Farbar) C:\Users\Jarda\Downloads\FRST64.exe
2015-01-10 17:01 - 2015-01-10 22:04 - 00002140 _____ () C:\Windows\PFRO.log
2015-01-10 16:58 - 2015-01-10 17:00 - 00000000 ____D () C:\AdwCleaner
2015-01-10 16:58 - 2015-01-10 16:57 - 02191360 _____ () C:\Users\Jarda\Desktop\adwcleaner_4.107.exe
2015-01-10 16:57 - 2015-01-10 16:57 - 02191360 _____ () C:\Users\Jarda\Downloads\adwcleaner_4.107.exe
2015-01-10 14:42 - 2015-01-10 16:57 - 00000000 ____D () C:\Program Files\trend micro
2015-01-10 14:42 - 2015-01-10 14:43 - 00000000 ____D () C:\rsit
2015-01-10 14:42 - 2015-01-10 14:42 - 01222144 _____ () C:\Users\Jarda\Downloads\RSITx64.exe
2015-01-10 14:42 - 2015-01-10 14:42 - 01222144 _____ () C:\Users\Jarda\Desktop\RSITx64.exe
C:\ProgramData\hash.dat

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Data aplikací:NT
AlternateDataStreams: C:\ProgramData\Data aplikací:NT2
AlternateDataStreams: C:\ProgramData\Microsoft:ley31hqI9sGSlLzQK8X
AlternateDataStreams: C:\ProgramData\Microsoft:ykC2K75XRDRhWZdCqsF9oS2urE
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT
AlternateDataStreams: C:\Users\Jarda\Data aplikací:NT2
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:NT2

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru" /f
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t "REG_DWORD" /d "00000001"

Folder: C:\Users\Jarda\AppData\Roaming\3909
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3344855712-2548836808-2162885872-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Winsock: Catalog5 entry 000000000001\\LibraryPath was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath was set successfully to %SystemRoot%\system32\NLAapi.dll
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.4" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.1" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect" => Key deleted successfully.
MonectServerService => Service deleted successfully.
ALSysIO => Service stopped successfully.
ALSysIO => Service deleted successfully.
EagleX64 => Service deleted successfully.
GGSAFERDriver => Service deleted successfully.
HWiNFO32 => Service deleted successfully.
NTIOLib_1_0_4 => Service deleted successfully.
VBoxNetFlt => Service deleted successfully.
vmci => Service deleted successfully.
VMnetAdapter => Service deleted successfully.
"C:\Users\Jarda\Downloads\Nepotvrzeno 287585.crdownload" => File/Directory not found.
C:\DeQuarantine.txt => Moved successfully.
C:\Users\Jarda\Desktop\Rkill.txt => Moved successfully.
C:\Users\Jarda\Downloads\rkill.com => Moved successfully.
C:\Users\Jarda\Desktop\rkill.com => Moved successfully.
"C:\Users\Jarda\Desktop\FRST2.txt" => File/Directory not found.
"C:\Users\Jarda\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Jarda\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Jarda\Downloads\Nepotvrzeno 146645.crdownload => Moved successfully.
C:\Users\Jarda\Downloads\FRST64.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Jarda\Desktop\adwcleaner_4.107.exe => Moved successfully.
C:\Users\Jarda\Downloads\adwcleaner_4.107.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Jarda\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Jarda\Desktop\RSITx64.exe => Moved successfully.
C:\ProgramData\hash.dat => Moved successfully.
C:\ProgramData => ":NT" ADS removed successfully.
C:\ProgramData => ":NT2" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\All Users" => ":NT2" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT2" ADS not found.
"C:\ProgramData\Data aplikací" => ":NT" ADS not found.
"C:\ProgramData\Data aplikací" => ":NT2" ADS not found.
C:\ProgramData\Microsoft => ":ley31hqI9sGSlLzQK8X" ADS removed successfully.
C:\ProgramData\Microsoft => ":ykC2K75XRDRhWZdCqsF9oS2urE" ADS removed successfully.
"C:\Users\Jarda\Data aplikací" => ":NT" ADS not found.
"C:\Users\Jarda\Data aplikací" => ":NT2" ADS not found.
C:\Users\Jarda\AppData\Roaming => ":NT" ADS removed successfully.
C:\Users\Jarda\AppData\Roaming => ":NT2" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t "REG_DWORD" /d "00000001" =========

Hodnota EnableFirewall existuje, chcete ji pýepsat (Y-Ano/N-Ne)? Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========================= Folder: C:\Users\Jarda\AppData\Roaming\3909 ========================

2015-01-08 05:31 - 2015-01-08 05:50 - 0000000 ____D () C:\Users\Jarda\AppData\Roaming\3909\PapersPlease
2015-01-08 05:37 - 2015-01-08 05:49 - 0000560 _____ () C:\Users\Jarda\AppData\Roaming\3909\PapersPlease\headers.sav
2015-01-08 05:50 - 2015-01-08 05:50 - 0000064 _____ () C:\Users\Jarda\AppData\Roaming\3909\PapersPlease\names.sav
2015-01-08 05:49 - 2015-01-08 05:49 - 0002184 _____ () C:\Users\Jarda\AppData\Roaming\3909\PapersPlease\save_G9U1HFVN8R4CNP6SSA14DVR6AW8UN04X.sav
2015-01-08 05:41 - 2015-01-08 05:41 - 0002032 _____ () C:\Users\Jarda\AppData\Roaming\3909\PapersPlease\save_VTY0OPRYQO9C0YV6CNXF4LRVWI6LDFYF.sav
2015-01-08 05:37 - 2015-01-08 05:37 - 0001784 _____ () C:\Users\Jarda\AppData\Roaming\3909\PapersPlease\save_WZMXHBMWKYPVVHU88V5U1GV513QD8NN7.sav
2015-01-08 05:31 - 2015-01-08 05:50 - 0000728 _____ () C:\Users\Jarda\AppData\Roaming\3909\PapersPlease\settings.sav
2015-01-08 05:33 - 2015-01-08 05:50 - 0000520 _____ () C:\Users\Jarda\AppData\Roaming\3909\PapersPlease\stats.sav

====== End of Folder: ======

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 706 MB temporary data.

The system needed a reboot.

==== End of Fixlog 22:44:38 ====

VIRY.CZ

Preventiví kontrola

Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola

Re: Preventiví kontrola