Zavirovaný počítač

[DalrondX]

Dobrý den. Už pár dní je celý počítač zpomalený a seká se. Občas se dokonce stane, že se sekne, zvuk v bedničkách se sekne na jednom tonu a buď se to po chvíli rozjede nebo se restartuje PC. Včera byl tak zasekaný, že jsem ho musel restartovat natvrdo. Všiml jsem si ale, že pok každých zásecích přibývaly procesy "conhost.exe" a "HD-LogRotator.exe". Při běžnému používání PC mam spuštěných +-70 procesů, ale včera jich bylo +-110. Když už jsem u toho "zpovídání", tak občas se stává, že když chci dát PC do režimu spánku tak to trvá buď strašně dlouho anebo se to neprovede vůbec, třeba ani po 10 minutách a musím PC vypnout natvrdo. Tak jestli byste byli tak hodní a podívali se na log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ondrej at 2013-11-04 15:53:07
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 32 GB (7%) free of 477 GB
Total RAM: 4094 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:53:24, on 4.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Genius\Gila\mousehid.exe
C:\Program Files (x86)\Genius\Gila\trayicon.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Ondrej.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=da ... 8&affilt=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~2\APPGRA~1\APPGRA~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Gila] C:\Program Files (x86)\Genius\Gila\mousehid.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [msmujiSrv] C:\Windows\inf\msmuji.vbe
O4 - HKLM\..\Run: [msrgjuSrv] C:\Windows\inf\msrgju.vbe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AGupdate] C:\Program Files (x86)\AppGraffiti\AGupdate.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-818844184-144965152-1167717117-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11216 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\SysWOW64\FsUsbExService.Exe
taskeng.exe {1FDD2B1E-4D14-4A66-87A0-F88957327A84}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry -p 0
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-419213845-718407582-357501636-396807808-536310938485182050-1225103462-346751411
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\BlueStacks\HD-Network.exe"
\??\C:\Windows\system32\conhost.exe "557912698-408838436-1045024920-18260507531047973752-10471157561302482250-121383595
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe"
\??\C:\Windows\system32\conhost.exe "-12424194061746631110287333030245153964-14666783-1396554962-1800739587-444800425
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe"
\??\C:\Windows\system32\conhost.exe "1150586824-183228694-81950000616479375079446876892042336013-201869759635720158
"C:\Program Files (x86)\Genius\Gila\mousehid.exe"
"C:\Program Files (x86)\Genius\Gila\trayicon.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe" -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552
"C:\Users\Ondrej\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
nsIBitCometAgent.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\extensions\
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\searchplugins\
bingp.xml
ividi.xml
privitize.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-12 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-12 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}]
AppGraffiti - C:\PROGRA~2\APPGRA~1\APPGRA~1.DLL [2013-05-07 273576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-09 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-09 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-10-18 1028384]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []
"Cm108Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-10-18 1063200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"AGupdate"=C:\Program Files (x86)\AppGraffiti\AGupdate.exe [2013-03-19 894048]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-05-13 601928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2013-06-06 9842992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-01 2345296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Gila"=C:\Program Files (x86)\Genius\Gila\mousehid.exe [2013-01-16 307712]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-01 2345296]
"msmujiSrv"=C:\Windows\inf\msmuji.vbe [2013-08-27 1558]
"msrgjuSrv"=C:\Windows\inf\msrgju.vbe [2013-08-27 1558]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-05-29 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousUserGroupPolicy"=0
"SynchronousMachineGroupPolicy"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll
"vidc.XVID"=xvidvfw.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-11-04 15:53:07 ----D---- C:\rsit
2013-10-30 10:13:35 ----D---- C:\Program Files (x86)\PhotoModeler6
2013-10-30 10:00:55 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-30 09:17:38 ----HD---- C:\ProgramData\CanonBJ
2013-10-28 18:52:16 ----A---- C:\Windows\system32\nvhdagenco64.dll
2013-10-28 18:52:15 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-10-28 18:52:15 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-10-28 18:52:15 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-10-28 18:52:15 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-10-28 18:52:15 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-10-28 18:52:15 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-10-28 18:52:15 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-10-28 18:52:15 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-28 18:52:15 ----A---- C:\Windows\system32\nvoglv64.dll
2013-10-28 18:52:15 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-10-28 18:52:15 ----A---- C:\Windows\system32\nvinitx.dll
2013-10-28 18:52:15 ----A---- C:\Windows\system32\NvIFR64.dll
2013-10-28 18:52:15 ----A---- C:\Windows\system32\NvFBC64.dll
2013-10-28 18:52:15 ----A---- C:\Windows\system32\nvdispgenco6433165.dll
2013-10-28 18:52:15 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-28 18:52:14 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-10-28 18:52:14 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-10-28 18:52:14 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-10-28 18:52:14 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-10-28 18:52:14 ----A---- C:\Windows\system32\nvdispco6433165.dll
2013-10-28 18:52:14 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-28 18:52:14 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-28 18:52:14 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-28 18:52:14 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-28 18:43:13 ----D---- C:\Program Files\Disk Check
2013-10-28 17:53:42 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2013-10-28 17:53:42 ----A---- C:\Windows\system32\nvspcap64.dll
2013-10-28 17:51:10 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-10-28 17:51:09 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-10-25 16:20:50 ----A---- C:\Windows\system32\nvdispgenco6433158.dll
2013-10-25 16:20:50 ----A---- C:\Windows\system32\nvdispco6433158.dll
2013-10-25 16:20:50 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-10-23 03:02:36 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2013-10-21 15:31:54 ----D---- C:\Program Files (x86)\LEGO Batman 2 Crack
2013-10-21 15:28:33 ----D---- C:\Users\Ondrej\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-10-21 15:02:57 ----D---- C:\Program Files (x86)\LEGO Batman 2
2013-10-15 17:32:33 ----D---- C:\Program Files (x86)\Team Meat
2013-10-14 22:09:56 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-10-14 22:06:14 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-10-14 22:06:14 ----A---- C:\Windows\system32\nvhdap64.dll
2013-10-14 22:06:14 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-10-14 22:06:12 ----A---- C:\Windows\system32\nvdispgenco6432723.dll
2013-10-14 22:06:12 ----A---- C:\Windows\system32\nvdispco6432723.dll

======List of files/folders modified in the last 1 month======

2013-11-04 15:53:14 ----D---- C:\Windows\Temp
2013-11-04 15:53:12 ----D---- C:\Program Files\trend micro
2013-11-04 15:48:35 ----D---- C:\Users\Ondrej\AppData\Roaming\Skype
2013-11-04 13:49:54 ----D---- C:\Windows\SysWOW64
2013-11-04 13:49:35 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-11-04 12:26:44 ----D---- C:\Windows\system32\Tasks
2013-11-04 12:26:21 ----D---- C:\ProgramData\NVIDIA
2013-11-03 18:49:40 ----D---- C:\Users\Ondrej\AppData\Roaming\BitComet
2013-11-03 09:13:10 ----D---- C:\ProgramData\Tunngle
2013-11-03 08:59:03 ----D---- C:\Windows
2013-11-02 16:35:57 ----D---- C:\Windows\Prefetch
2013-11-02 15:17:37 ----D---- C:\ProgramData\TrackMania
2013-11-02 11:01:11 ----D---- C:\Downloads
2013-10-31 15:56:02 ----SHD---- C:\System Volume Information
2013-10-31 14:22:35 ----D---- C:\Windows\system32\config
2013-10-31 13:11:10 ----D---- C:\Windows\system32\catroot2
2013-10-31 07:30:01 ----D---- C:\Windows\System32
2013-10-31 07:30:01 ----D---- C:\Windows\inf
2013-10-31 07:30:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-31 07:23:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-30 16:08:23 ----RD---- C:\Program Files (x86)
2013-10-30 13:52:07 ----AD---- C:\ProgramData\TEMP
2013-10-30 09:17:38 ----D---- C:\ProgramData
2013-10-30 09:17:34 ----D---- C:\Windows\system32\spool
2013-10-30 09:17:34 ----D---- C:\Windows\system32\DriverStore
2013-10-28 18:56:04 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-10-28 18:55:56 ----D---- C:\Windows\system32\catroot
2013-10-28 18:53:41 ----D---- C:\Windows\system32\drivers
2013-10-28 18:43:13 ----RD---- C:\Program Files
2013-10-28 17:53:55 ----D---- C:\ProgramData\NVIDIA Corporation
2013-10-28 17:53:42 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-28 17:53:38 ----RSD---- C:\Windows\assembly
2013-10-28 16:58:16 ----D---- C:\Program Files (x86)\DOSBox-0.74
2013-10-26 13:34:09 ----D---- C:\Program Files (x86)\Spyware Terminator
2013-10-26 07:40:47 ----D---- C:\Program Files\wkokes_7_25
2013-10-26 07:37:38 ----SHD---- C:\Windows\Installer
2013-10-26 07:28:14 ----D---- C:\Program Files (x86)\SpeedFan
2013-10-23 11:30:23 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-10-23 11:30:23 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-10-23 11:30:23 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30:23 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-10-23 11:30:23 ----A---- C:\Windows\system32\nvapi64.dll
2013-10-23 09:20:08 ----A---- C:\Windows\system32\nvcpl.dll
2013-10-23 09:20:07 ----A---- C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20:05 ----A---- C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20:05 ----A---- C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20:05 ----A---- C:\Windows\system32\nvshext.dll
2013-10-23 09:20:05 ----A---- C:\Windows\system32\nvmctray.dll
2013-10-22 16:04:28 ----D---- C:\Windows\Microsoft.NET
2013-10-21 16:27:43 ----D---- C:\Windows\SYSWOW64\directx
2013-10-21 16:27:34 ----HD---- C:\Windows\msdownld.tmp
2013-10-21 16:10:02 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-21 16:06:43 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-21 16:06:43 ----D---- C:\Windows\system32\en-US
2013-10-21 14:48:17 ----D---- C:\Program Files (x86)\Surgeon Simulator 2013
2013-10-21 14:47:43 ----D---- C:\Program Files (x86)\Steam
2013-10-20 12:15:43 ----D---- C:\Users\Ondrej\AppData\Roaming\BSplayer
2013-10-15 17:32:52 ----D---- C:\Windows\Logs
2013-10-15 16:25:49 ----RD---- C:\Program Files (x86)\Skype
2013-10-11 09:28:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-11 09:27:50 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-05-29 560184]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-09-13 237400]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-09-13 119640]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-05-13 70984]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-16 283200]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-11-04 25640]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-09-28 39200]
R3 PdiPorts;Portrait Displays low level device driver; C:\Windows\system32\DRIVERS\PdiPorts.sys [2009-12-17 20592]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-09-13 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-09-13 146264]
S1 Uim_IM;Universal Image Mounter Plugin; C:\Windows\System32\Drivers\Uim_IMx64.sys [2010-01-15 158736]
S1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\uimx64.sys [2010-01-15 48144]
S2 hardlock;hardlock; C:\Windows\System32\DRIVERS\hardlock.sys []
S2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2012-06-27 36328]
S3 ATICDSDr;ATICDSDr; \??\C:\Users\Ondrej\AppData\Local\Temp\ATICDSDr.sys []
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2012-05-29 25640]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2012-10-29 36640]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-05-30 30528]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2012-06-27 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-11 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-11 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-11 33792]
S3 USBPNPA;USB PnP Sound Device Interface; C:\Windows\system32\drivers\CM10864.sys [2009-11-18 1308160]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-09-13 105816]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-05-13 393032]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-05-13 384840]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [2010-04-30 121456]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 FsUsbExService;FsUsbExService; C:\Windows\syswow64\FsUsbExService.Exe [2012-10-29 217088]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-18 15122208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-18 1914656]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-12-17 109168]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-08-02 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-03 116648]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-01 2746704]
S2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-11 257416]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2013-01-29 85096]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 Desura Install Service;Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-12-03 131912]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-09 1030600]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-03 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-05-04 543656]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-08-16 757144]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-29 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[vyosek]

Zdravim

Uz jste si od minula koupil licenci na tu nejvyssi verzi W7 Ultimate nebo se stale drzite sveho hesla...

No tak co se dá dělat no. Ale kvůli tomuto problému si určitě kupovat originální OS nebudu.

Pokud ji zakoupenou nemate, tak moc nechapu, proc zadate o pomoc, kdyz jasne sam pisete, ze budete pravidla respetovat

Jsou to vaše pravidla a musím je respektovat.

[DalrondX]

Licenci jsem si nekoupil, ale legálně sehnal ze školy.

[vyosek]

Mohl bych prosim vedet jak??

[DalrondX]

Chodím na Vysokou školu báňskou v Ostravě-Porubě. A ta studentům nabízí SW studentské verze pro různé programy, ale jen po dobu studia.

[vyosek]

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[DalrondX]

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/04/2013 06:40:06 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\FsUsbExService.Exe (PID: 1880) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\Windows\System32\olepro32.dll : 164 112 : 03/08/1999 08:50 AM : ce0155405ea902797e88b92a78443aeb [NoSig]
+-> C:\Windows\erdnt\cache86\olepro32.dll : 90 112 : 11/20/2010 01:20 PM : 703ffd301ab900b047337c5d40fd6f96 [Pos Repl]
+-> C:\Windows\SysWOW64\olepro32.dll : 90 112 : 11/20/2010 01:20 PM : 703ffd301ab900b047337c5d40fd6f96 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7600.16385_none_39ea10b66307dbef\olepro32.dll : 90 112 : 07/14/2009 02:16 AM : c10459dbdc2099c5a8428cb7d87db85f [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7601.17514_none_3c1b247e5ff65f89\olepro32.dll : 90 112 : 11/20/2010 01:20 PM : 703ffd301ab900b047337c5d40fd6f96 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/04/2013 06:41:58 PM
Execution time: 0 hours(s), 1 minute(s), and 52 seconds(s)



ComboFix 13-11-03.02 - Ondrej 04.11.2013 18:46:44.7.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4094.2096 [GMT 1:00]
Spuštěný z: c:\users\Ondrej\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Ondrej\AppData\Roaming\Love
c:\users\Ondrej\AppData\Roaming\Love\mari0\options.txt
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\User
c:\windows\SysWow64\User\Wii\sys\uid.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-04 do 2013-11-04 )))))))))))))))))))))))))))))))
.
.
2013-11-04 17:56 . 2013-11-04 17:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-04 17:56 . 2013-11-04 17:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-04 14:53 . 2013-11-04 14:53 -------- d-----w- C:\rsit
2013-11-03 07:01 . 2013-11-04 11:28 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FAA7450F-E7FB-4009-9851-68FB2EC49E89}\offreg.dll
2013-10-30 09:14 . 2013-10-30 11:37 -------- d-----w- c:\users\Ondrej\AppData\Local\PhotoModeler
2013-10-30 09:13 . 2013-10-30 09:14 -------- d-----w- c:\program files (x86)\PhotoModeler6
2013-10-30 08:17 . 2013-10-30 08:17 -------- d--h--w- c:\programdata\CanonBJ
2013-10-30 08:17 . 2010-04-24 04:00 83968 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP9W.DLL
2013-10-30 08:17 . 2010-04-24 04:00 28672 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD9W.DLL
2013-10-28 17:43 . 2013-10-28 17:43 -------- d-----w- c:\program files\Disk Check
2013-10-28 16:53 . 2013-10-18 01:36 1063200 ----a-w- c:\windows\system32\nvspcap64.dll
2013-10-28 16:53 . 2013-10-18 01:36 955168 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-10-28 16:51 . 2013-09-27 23:01 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-10-28 16:51 . 2013-09-27 23:01 28960 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-10-26 06:21 . 2013-10-26 06:21 234010 ----a-w- c:\windows\SysWow64\poclbm130302GeForce GTX 460gv1w256l4.bin
2013-10-25 15:20 . 2013-10-23 10:30 18199872 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-10-25 15:20 . 2013-10-16 00:48 1884448 ----a-w- c:\windows\system32\nvdispco6433158.dll
2013-10-25 15:20 . 2013-10-16 00:48 1511712 ----a-w- c:\windows\system32\nvdispgenco6433158.dll
2013-10-23 02:02 . 2013-10-23 02:02 589600 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-21 14:31 . 2013-10-21 14:31 -------- d-----w- c:\program files (x86)\LEGO Batman 2 Crack
2013-10-21 14:28 . 2013-10-21 14:28 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-10-21 14:02 . 2013-10-22 16:21 -------- d-----w- c:\program files (x86)\LEGO Batman 2
2013-10-15 16:32 . 2013-10-15 16:32 -------- d-----w- c:\program files (x86)\Team Meat
2013-10-14 21:09 . 2013-10-14 21:09 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-10-14 21:06 . 2013-10-23 10:30 15855568 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-10-14 21:06 . 2013-06-16 12:38 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-10-14 21:06 . 2013-06-16 12:38 196384 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-10-14 21:06 . 2013-09-12 08:58 1884448 ----a-w- c:\windows\system32\nvdispco6432723.dll
2013-10-14 21:06 . 2013-09-12 08:58 1511712 ----a-w- c:\windows\system32\nvdispgenco6432723.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-04 17:07 . 2013-08-02 15:16 281152 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-11-04 17:07 . 2012-07-12 18:00 281152 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-11-04 12:49 . 2013-07-24 09:37 281152 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-11-04 11:26 . 2012-05-29 08:37 25640 ----a-w- c:\windows\gdrv.sys
2013-10-23 10:30 . 2012-10-10 20:23 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2013-10-23 10:30 . 2012-10-10 20:23 1435504 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-10-23 10:30 . 2012-05-29 07:25 2695200 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-10-23 10:30 . 2012-05-29 07:25 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-10-23 10:30 . 2012-05-29 07:25 15212336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-10-23 08:20 . 2012-05-29 07:26 6669600 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2012-05-29 07:26 3489568 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2012-05-29 07:26 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2012-05-29 07:26 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2012-05-29 07:26 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-23 08:20 . 2012-05-29 07:26 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-23 08:20 . 2012-05-29 07:26 3426956 ----a-w- c:\windows\system32\nvcoproc.bin
2013-10-11 08:28 . 2012-09-17 16:34 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-11 08:28 . 2012-09-17 16:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-27 23:01 . 2013-07-31 16:51 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-09-20 13:57 . 2013-09-20 13:57 106496 ----a-w- c:\windows\kokundo.exe
2013-09-15 12:54 . 2013-09-15 12:19 8146944 ----a-r- c:\windows\SysWow64\CM108.dll
2013-09-13 10:48 . 2013-09-13 10:49 1216471 ----a-w- c:\windows\unins000.exe
2013-09-04 18:00 . 2013-09-04 18:00 2337865 ----a-w- c:\windows\SysWow64\pbsvc.exe
2013-09-02 07:36 . 2013-09-02 07:36 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-09-02 07:36 . 2013-09-02 07:36 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-09-02 07:36 . 2013-09-02 07:36 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-09-02 07:36 . 2013-09-02 07:36 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-31 07:45 . 2013-08-31 07:45 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-02 20472992]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"AGupdate"="c:\program files (x86)\AppGraffiti\AGupdate.exe" [2013-03-19 894048]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Gila"="c:\program files (x86)\Genius\Gila\mousehid.exe" [2013-01-16 307712]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296]
"msmujiSrv"="c:\windows\inf\msmuji.vbe" [2013-08-27 1558]
"msrgjuSrv"="c:\windows\inf\msrgju.vbe" [2013-08-27 1558]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe;c:\windows\SYSNATIVE\FsUsbExService.Exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 ATICDSDr;ATICDSDr;c:\users\Ondrej\AppData\Local\Temp\ATICDSDr.sys;c:\users\Ondrej\AppData\Local\Temp\ATICDSDr.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe;c:\program files (x86)\BitComet\tools\BitCometService.exe [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys;c:\windows\SYSNATIVE\drivers\CM10864.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-18 10:55 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-17 08:28]
.
2013-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-03 13:27]
.
2013-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-03 13:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-10-18 1028384]
"Cm108Sound"="c:\windows\Syswow64\cm108.dll" [2013-09-15 8146944]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-10-18 1063200]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.ividi.org/?src=tbhp&id=da64a02000000000000000ffb5f14938&affilt=3
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - user.js: extensions.ividi.tlbrSrchUrl - hxxp://search.ividi.org/?src=tbsp&id=da64a02000000000000000ffb5f14938&affilt=3&q=
FF - user.js: extensions.ividi.id - da64a02000000000000000ffb5f14938
FF - user.js: extensions.ividi.appId - {685F23D9-FCFD-475C-B56A-362645945C5A}
FF - user.js: extensions.ividi.instlDay - 15979
FF - user.js: extensions.ividi.vrsn - 1.8.23.0
FF - user.js: extensions.ividi.vrsni - 1.8.23.0
FF - user.js: extensions.ividi.vrsnTs - 1.8.23.019:39
FF - user.js: extensions.ividi.prtnrId - ividi
FF - user.js: extensions.ividi.prdct - ividi
FF - user.js: extensions.ividi.aflt - 3
FF - user.js: extensions.ividi.smplGrp - none
FF - user.js: extensions.ividi.tlbrId - base
FF - user.js: extensions.ividi.instlRef -
FF - user.js: extensions.ividi.dfltLng -
FF - user.js: extensions.ividi.excTlbr - true
FF - user.js: extensions.ividi.ffxUnstlRst - false
FF - user.js: extensions.ividi.admin - false
FF - user.js: extensions.ividi.autoRvrt - false
FF - user.js: extensions.ividi.rvrt - false
FF - user.js: extensions.ividi.hmpg - true
FF - user.js: extensions.ividi.hmpgUrl - hxxp://search.ividi.org/?src=tbhp&id=da64a02000000000000000ffb5f14938&affilt=3
FF - user.js: extensions.ividi.hpOld0 - hxxp://www.seznam.cz/
FF - user.js: extensions.ividi.dfltSrch - true
FF - user.js: extensions.ividi.srchPrvdr - Search
FF - user.js: extensions.ividi.kw_url - hxxp://search.ividi.org/?src=tbsp&id=da64a02000000000000000ffb5f14938&affilt=3&q=
FF - user.js: extensions.ividi.dnsErr - true
FF - user.js: extensions.ividi.newTab - true
FF - user.js: extensions.ividi.newTabUrl - hxxp://search.ividi.org/?q={searchTerms}&src=tbnt&id=da64a02000000000000000ffb5f14938&affilt=3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
AddRemove-CodInstl - c:\windows\system32\CDUninst.isu
AddRemove-LinguaSaver_11 - c:\windows\system32\LinguaSaver_11.scr
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-818844184-144965152-1167717117-1000\Software\SecuROM\License information*]
"datasecu"=hex:35,c3,c6,03,18,db,f9,60,6a,b6,8a,3c,d4,ae,b2,c8,69,7b,39,67,af,
32,0f,d4,a9,05,67,c1,ea,40,28,fe,7b,3c,69,2d,85,5e,58,f0,78,62,57,7d,02,2c,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_USERS\S-1-5-21-818844184-144965152-1167717117-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-11-04 19:00:00
ComboFix-quarantined-files.txt 2013-11-04 18:00
.
Před spuštěním: Volných bajtů: 33 408 339 968
Po spuštění: Volných bajtů: 33 326 141 440
.
- - End Of File - - 65DF07933CC6442DAF4993242241B666
A36C5E4F47E84449FF07ED3517B43A31

[vyosek]

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[DalrondX]

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.11.05.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ondrej :: ONDREJ-PC [administrator]

5.11.2013 11:39:50
mbar-log-2013-11-05 (11-39-50).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 288435
Time elapsed: 18 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[DalrondX]

# AdwCleaner v3.011 - Report created 05/11/2013 at 12:59:56
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Ondrej - ONDREJ-PC
# Running from : C:\Users\Ondrej\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files (x86)\AppGraffiti
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\goforfiles
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Users\Ondrej\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\Ondrej\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Ondrej\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Ondrej\AppData\Roaming\SpeedyPC Software
Folder Deleted : C:\Users\Ondrej\Documents\smart pc cleaner
File Deleted : C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\invalidprefs.js
File Deleted : C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\searchplugins\bingp.xml
File Deleted : C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\SpeedyPC Software
Key Deleted : HKLM\Software\AppGraffiti
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\SpeedyPC Software
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16450


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\prefs.js ]

Line Deleted : user_pref("surfcanyon.add_craigslist_images", true);
Line Deleted : user_pref("surfcanyon.chummo_enabled", true);
Line Deleted : user_pref("surfcanyon.display_coupons_enabled", true);
Line Deleted : user_pref("surfcanyon.display_similar_product_images_enabled", false);
Line Deleted : user_pref("surfcanyon.dynamic_preferences_timestamp", "1383066478587");
Line Deleted : user_pref("surfcanyon.get_recs_on_sr_click", true);
Line Deleted : user_pref("surfcanyon.initialized_chummo", true);
Line Deleted : user_pref("surfcanyon.initialized_display_coupons", true);
Line Deleted : user_pref("surfcanyon.initialized_display_similar_product_images", true);
Line Deleted : user_pref("surfcanyon.initialized_roaming_suggestions", true);
Line Deleted : user_pref("surfcanyon.initialized_search_accelerator", true);
Line Deleted : user_pref("surfcanyon.initialized_search_links", true);
Line Deleted : user_pref("surfcanyon.inst_id", "396021786191268158689554469950579");
Line Deleted : user_pref("surfcanyon.inst_timestamp", "1377629894105");
Line Deleted : user_pref("surfcanyon.last_displayed_refinements", "<b><a href='hxxp://search.surfcanyon.com/search?f=nrl0&q=personal+search+completion+settings+remove+google&p=WTIFFRWO'>Google</a> &nbsp;<a href='htt[...]
Line Deleted : user_pref("surfcanyon.last_displayed_refinements_timestamp", "1383075356345");
Line Deleted : user_pref("surfcanyon.last_seen_splash", "513");
Line Deleted : user_pref("surfcanyon.max_num_recs", "3");
Line Deleted : user_pref("surfcanyon.partner_code", "WTIFFRWO");
Line Deleted : user_pref("surfcanyon.refinements_cache", "seznamka/seznamka:seznamka pro:sex seznamka:video:rande^weird al yankovic party in the cia lyrics/music:men in black:song:mp3:world place^apocalyptica movies[...]
Line Deleted : user_pref("surfcanyon.roaming_suggestions_enabled", true);
Line Deleted : user_pref("surfcanyon.search_accelerator_enabled", false);
Line Deleted : user_pref("surfcanyon.search_links_enabled", true);
Line Deleted : user_pref("surfcanyon.ss_page_links_enabled", true);

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Ondrej\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1181 octets] - [24/08/2013 17:47:56]
AdwCleaner[R1].txt - [7338 octets] - [24/08/2013 17:52:22]
AdwCleaner[R2].txt - [7756 octets] - [05/11/2013 12:57:45]
AdwCleaner[S0].txt - [6917 octets] - [24/08/2013 17:54:02]
AdwCleaner[S1].txt - [7606 octets] - [05/11/2013 12:59:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7666 octets] ##########

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Collect::
  c:\windows\inf\msmuji.vbe
  c:\windows\inf\msrgju.vbe
  
  Registry::
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}]
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Skype"=-
  "DAEMON Tools Lite"=-
  "AGupdate"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  "LogMeIn Hamachi Ui"=-
  "msmujiSrv"=-
  "msrgjuSrv"=-
  
  Folder::
  c:\windows\Tasks
  
  DDS::
  uStart Page = hxxp://search.ividi.org/?src=tbhp&id=da ... 8&affilt=3
  
  Firefox::
  FF - ProfilePath - c:\users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\
  FF - user.js: extensions.ividi.tlbrSrchUrl - hxxp://search.ividi.org/?src=tbsp&id=da ... ffilt=3&q=
  FF - user.js: extensions.ividi.id - da64a02000000000000000ffb5f14938
  FF - user.js: extensions.ividi.appId - {685F23D9-FCFD-475C-B56A-362645945C5A}
  FF - user.js: extensions.ividi.instlDay - 15979
  FF - user.js: extensions.ividi.vrsn - 1.8.23.0
  FF - user.js: extensions.ividi.vrsni - 1.8.23.0
  FF - user.js: extensions.ividi.vrsnTs - 1.8.23.019:39
  FF - user.js: extensions.ividi.prtnrId - ividi
  FF - user.js: extensions.ividi.prdct - ividi
  FF - user.js: extensions.ividi.aflt - 3
  FF - user.js: extensions.ividi.smplGrp - none
  FF - user.js: extensions.ividi.tlbrId - base
  FF - user.js: extensions.ividi.instlRef -
  FF - user.js: extensions.ividi.dfltLng -
  FF - user.js: extensions.ividi.excTlbr - true
  FF - user.js: extensions.ividi.ffxUnstlRst - false
  FF - user.js: extensions.ividi.admin - false
  FF - user.js: extensions.ividi.autoRvrt - false
  FF - user.js: extensions.ividi.rvrt - false
  FF - user.js: extensions.ividi.hmpg - true
  FF - user.js: extensions.ividi.hmpgUrl - hxxp://search.ividi.org/?src=tbhp&id=da ... 8&affilt=3
  FF - user.js: extensions.ividi.hpOld0 - hxxp://www.seznam.cz/
  FF - user.js: extensions.ividi.dfltSrch - true
  FF - user.js: extensions.ividi.srchPrvdr - Search
  FF - user.js: extensions.ividi.kw_url - hxxp://search.ividi.org/?src=tbsp&id=da ... ffilt=3&q=
  FF - user.js: extensions.ividi.dnsErr - true
  FF - user.js: extensions.ividi.newTab - true
  FF - user.js: extensions.ividi.newTabUrl - hxxp://search.ividi.org/?q={searchTerms}&src=tbnt&id=da64a02000000000000000ffb5f14938&affilt=3
  
  RegNull::
  [HKEY_USERS\S-1-5-21-818844184-144965152-1167717117-1000\Software\SecuROM\License information*]
  [HKEY_USERS\S-1-5-21-818844184-144965152-1167717117-1000\Control Panel\Desktop*]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[DalrondX]

Po scanu program chtěl poslat vzorky v testování na server, ale server nebyl dostupný, tak uložil webový dokument pro možné nahrání souboru na server. Mám ho tam uploadnout?

ComboFix 13-11-03.02 - Ondrej 05.11.2013 14:29:59.8.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4094.2848 [GMT 1:00]
Spuštěný z: c:\users\Ondrej\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ondrej\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\inf\msmuji.vbe
c:\windows\inf\msrgju.vbe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-05 do 2013-11-05 )))))))))))))))))))))))))))))))
.
.
2013-11-05 13:43 . 2013-11-05 13:43 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FAA7450F-E7FB-4009-9851-68FB2EC49E89}\offreg.dll
2013-11-05 13:39 . 2013-11-05 13:39 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-05 13:39 . 2013-11-05 13:39 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-05 13:39 . 2013-11-05 13:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-05 10:39 . 2013-11-05 11:00 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-05 10:39 . 2013-11-05 10:39 116440 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-11-05 10:38 . 2013-11-05 10:38 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-05 08:28 . 2013-11-05 08:28 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-11-04 14:53 . 2013-11-04 14:53 -------- d-----w- C:\rsit
2013-10-30 09:14 . 2013-10-30 11:37 -------- d-----w- c:\users\Ondrej\AppData\Local\PhotoModeler
2013-10-30 09:13 . 2013-10-30 09:14 -------- d-----w- c:\program files (x86)\PhotoModeler6
2013-10-30 08:17 . 2013-10-30 08:17 -------- d--h--w- c:\programdata\CanonBJ
2013-10-30 08:17 . 2010-04-24 04:00 83968 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP9W.DLL
2013-10-30 08:17 . 2010-04-24 04:00 28672 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD9W.DLL
2013-10-28 17:43 . 2013-10-28 17:43 -------- d-----w- c:\program files\Disk Check
2013-10-28 16:53 . 2013-10-18 01:36 1063200 ----a-w- c:\windows\system32\nvspcap64.dll
2013-10-28 16:53 . 2013-10-18 01:36 955168 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-10-28 16:51 . 2013-09-27 23:01 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-10-28 16:51 . 2013-09-27 23:01 28960 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-10-26 06:21 . 2013-10-26 06:21 234010 ----a-w- c:\windows\SysWow64\poclbm130302GeForce GTX 460gv1w256l4.bin
2013-10-25 15:20 . 2013-10-23 10:30 18199872 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-10-25 15:20 . 2013-10-16 00:48 1884448 ----a-w- c:\windows\system32\nvdispco6433158.dll
2013-10-25 15:20 . 2013-10-16 00:48 1511712 ----a-w- c:\windows\system32\nvdispgenco6433158.dll
2013-10-23 02:02 . 2013-10-23 02:02 589600 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-21 14:31 . 2013-10-21 14:31 -------- d-----w- c:\program files (x86)\LEGO Batman 2 Crack
2013-10-21 14:28 . 2013-10-21 14:28 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-10-21 14:02 . 2013-10-22 16:21 -------- d-----w- c:\program files (x86)\LEGO Batman 2
2013-10-15 16:32 . 2013-10-15 16:32 -------- d-----w- c:\program files (x86)\Team Meat
2013-10-14 21:09 . 2013-10-14 21:09 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-10-14 21:06 . 2013-10-23 10:30 15855568 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-10-14 21:06 . 2013-06-16 12:38 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-10-14 21:06 . 2013-06-16 12:38 196384 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-10-14 21:06 . 2013-09-12 08:58 1884448 ----a-w- c:\windows\system32\nvdispco6432723.dll
2013-10-14 21:06 . 2013-09-12 08:58 1511712 ----a-w- c:\windows\system32\nvdispgenco6432723.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-05 13:40 . 2012-05-29 08:37 25640 ----a-w- c:\windows\gdrv.sys
2013-11-05 09:54 . 2013-08-02 15:16 281152 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-11-05 09:54 . 2012-07-12 18:00 281152 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-11-04 17:07 . 2013-07-24 09:37 281152 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-10-23 10:30 . 2012-10-10 20:23 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2013-10-23 10:30 . 2012-10-10 20:23 1435504 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-10-23 10:30 . 2012-05-29 07:25 2695200 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-10-23 10:30 . 2012-05-29 07:25 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-10-23 10:30 . 2012-05-29 07:25 15212336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-10-23 08:20 . 2012-05-29 07:26 6669600 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2012-05-29 07:26 3489568 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2012-05-29 07:26 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2012-05-29 07:26 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2012-05-29 07:26 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-23 08:20 . 2012-05-29 07:26 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-23 08:20 . 2012-05-29 07:26 3426956 ----a-w- c:\windows\system32\nvcoproc.bin
2013-10-11 08:28 . 2012-09-17 16:34 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-11 08:28 . 2012-09-17 16:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-27 23:01 . 2013-07-31 16:51 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-09-20 13:57 . 2013-09-20 13:57 106496 ----a-w- c:\windows\kokundo.exe
2013-09-15 12:54 . 2013-09-15 12:19 8146944 ----a-r- c:\windows\SysWow64\CM108.dll
2013-09-13 10:48 . 2013-09-13 10:49 1216471 ----a-w- c:\windows\unins000.exe
2013-09-04 18:00 . 2013-09-04 18:00 2337865 ----a-w- c:\windows\SysWow64\pbsvc.exe
2013-09-02 07:36 . 2013-09-02 07:36 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-09-02 07:36 . 2013-09-02 07:36 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-09-02 07:36 . 2013-09-02 07:36 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-09-02 07:36 . 2013-09-02 07:36 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-31 07:45 . 2013-08-31 07:45 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"Gila"="c:\program files (x86)\Genius\Gila\mousehid.exe" [2013-01-16 307712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 ATICDSDr;ATICDSDr;c:\users\Ondrej\AppData\Local\Temp\ATICDSDr.sys;c:\users\Ondrej\AppData\Local\Temp\ATICDSDr.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe;c:\program files (x86)\BitComet\tools\BitCometService.exe [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys;c:\windows\SYSNATIVE\drivers\CM10864.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [x]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe;c:\windows\SYSNATIVE\FsUsbExService.Exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-18 10:55 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-17 08:28]
.
2013-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-03 13:27]
.
2013-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-03 13:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-10-18 1028384]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [BU]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [BU]
"Cm108Sound"="c:\windows\Syswow64\cm108.dll" [2013-09-15 8146944]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-10-18 1063200]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-CodInstl - c:\windows\system32\CDUninst.isu
AddRemove-LinguaSaver_11 - c:\windows\system32\LinguaSaver_11.scr
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-818844184-144965152-1167717117-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\FsUsbExService.Exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Genius\Gila\trayicon.exe
.
**************************************************************************
.
Celkový čas: 2013-11-05 14:47:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-05 13:47
ComboFix2.txt 2013-11-04 18:00
.
Před spuštěním: Volných bajtů: 32 664 829 952
Po spuštění: Volných bajtů: 32 566 796 288
.
- - End Of File - - B86A6FB7D9BCB27C03896513C2C81B14
A36C5E4F47E84449FF07ED3517B43A31

[vyosek]

Vzorky prosim odeslete, slouzi k dalsimu vyvoji aplikace

Nejak se nam mrchy jeste drzi

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

[DalrondX]

Teď se mi děje co se dělo před pár měsíci. A to sice počítač jede v pořádku, ale po nějaké době se vše sekne a po chvíli zase spustí.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Ondrej (administrator) on ONDREJ-PC on 05-11-2013 16:53:31
Running from C:\Users\Ondrej\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
(Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Genius\Gila\mousehid.exe
() C:\Program Files (x86)\Genius\Gila\trayicon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(forum.viry.cz) C:\Users\Ondrej\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Cm108Sound] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoInstrumentation] 0
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [Gila] - C:\Program Files (x86)\Genius\Gila\mousehid.exe [307712 2013-01-16] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - 6BB4A58E56A9485CB9352DBEBABB5495 URL = http://searchou.com/?q={searchTerms}&id ... ilt=5&r=84
SearchScopes: HKCU - {37EE25A4-948F-4481-A9EE-5663FB516395} URL = http://search.ividi.org/?q={searchTerms ... lt=3&r=939
SearchScopes: HKCU - {3AE17E74-EABE-4cce-ACB2-ACD9FBDD645C} URL = http://search.yahoo.com/search?p={searc ... type=STDVM
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.158.128.2

FireFox:
========
FF ProfilePath: C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ondrej\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\searchplugins\privitize.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: BitComet 视频下载器 - C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [sea-condensed@plugin.org] - C:\Program Files (x86)\The Sea App (Firefox)
FF Extension: The SEA App (C) - C:\Program Files (x86)\The Sea App (Firefox)

Chrome:
=======
CHR Extension: (Privitize Chrome Toolbar) - C:\Users\Ondrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhfcbmlocifngpbjdpgnkbjmgkadkjpp\1.0_0
CHR Extension: (iVidi Chrome Toolbar) - C:\Users\Ondrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0
CHR HKLM-x32\...\Chrome\Extension: [dhfcbmlocifngpbjdpgnkbjmgkadkjpp] - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitize.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-01-29] (Autodesk)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-05-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-05-13] (BlueStack Systems, Inc.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-04-30] ()
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 FsUsbExService; C:\Windows\SysWow64\FsUsbExService.Exe [217088 2012-10-29] (Teruten)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [578264 2011-12-21] (Pandora.TV)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-02] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [757144 2013-08-16] (Tunngle.net GmbH)
S2 MDM; "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe" [x]

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-05-13] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-16] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-05-29] (Windows (R) Server 2003 DDK provider)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [36640 2012-10-29] ()
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-11-05] (Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-05-30] ()
S2 hardlock; C:\Windows\SysWow64\DRIVERS\hardlock.sys [420000 2004-01-31] ()
S2 Haspnt; C:\Windows\SysWow64\drivers\Haspnt.sys [132608 2005-04-17] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2009-12-17] (Portrait Displays, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-05-29] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [48144 2010-01-15] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [158736 2010-01-15] (Paragon)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [105816 2012-09-13] (Oracle Corporation)
U3 a2drlxdj; C:\Windows\System32\Drivers\a2drlxdj.sys [0 ] (Advanced Micro Devices)
S3 ATICDSDr; \??\C:\Users\Ondrej\AppData\Local\Temp\ATICDSDr.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-05 16:53 - 2013-11-05 16:53 - 00000000 ____D C:\FRST
2013-11-05 16:51 - 2013-11-05 16:51 - 00112128 _____ (forum.viry.cz) C:\Users\Ondrej\Desktop\FRSTLauncher.exe
2013-11-05 16:50 - 2013-11-05 16:51 - 01957098 _____ (Farbar) C:\Users\Ondrej\Desktop\FRST64.exe
2013-11-05 14:47 - 2013-11-05 14:47 - 00023224 _____ C:\ComboFix.txt
2013-11-05 14:29 - 2013-11-05 14:29 - 00001204 _____ C:\CF-Submit.htm
2013-11-05 14:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-05 12:57 - 2013-11-05 12:57 - 01073258 _____ C:\Users\Ondrej\Desktop\adwcleaner.exe
2013-11-05 12:05 - 2013-11-05 14:40 - 00003316 _____ C:\Windows\System32\Tasks\gg_uac_daemon_Ondrej
2013-11-05 11:39 - 2013-11-05 12:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-05 11:39 - 2013-11-05 11:39 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-05 11:38 - 2013-11-05 12:00 - 00000000 ____D C:\Users\Ondrej\Desktop\mbar
2013-11-05 11:38 - 2013-11-05 11:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-05 11:37 - 2013-11-05 11:38 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Ondrej\Desktop\mbar-1.07.0.1007.exe
2013-11-05 09:28 - 2013-11-05 09:28 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-11-04 18:44 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-04 18:44 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-04 18:44 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-04 18:44 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-04 18:44 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-04 18:44 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-04 18:44 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-04 18:43 - 2013-11-05 14:49 - 00000000 ____D C:\Qoobox
2013-11-04 18:40 - 2013-11-04 18:41 - 00004018 _____ C:\Users\Ondrej\Desktop\Rkill.txt
2013-11-04 18:39 - 2013-11-04 18:39 - 05143677 ____R (Swearware) C:\Users\Ondrej\Desktop\ComboFix.exe
2013-11-04 18:37 - 2013-11-04 18:38 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Ondrej\Desktop\rkill.com
2013-11-04 15:53 - 2013-11-04 15:53 - 00000000 ____D C:\rsit
2013-11-04 15:52 - 2013-11-04 15:52 - 00935175 _____ C:\Users\Ondrej\Downloads\RSITx64.exe
2013-11-01 18:09 - 2013-11-01 18:11 - 364683561 _____ C:\Users\Ondrej\Desktop\american.horror.story.s03e04.hdtv.x264-2hd.mp4
2013-10-30 10:14 - 2013-10-30 12:37 - 00000000 ____D C:\Users\Ondrej\AppData\Local\PhotoModeler
2013-10-30 10:14 - 2013-10-30 10:14 - 00003120 _____ C:\Windows\swkalpmlic.lf
2013-10-30 10:14 - 2013-10-30 10:14 - 00000956 _____ C:\Users\Public\Desktop\PhotoModeler 6.lnk
2013-10-30 10:14 - 2013-10-30 10:14 - 00000000 ____D C:\Users\Ondrej\Documents\PhotoModeler
2013-10-30 10:13 - 2013-10-30 10:14 - 00000000 ____D C:\Program Files (x86)\PhotoModeler6
2013-10-30 10:13 - 2013-10-30 10:13 - 00000000 ____D C:\Users\Public\Documents\PhotoModeler
2013-10-30 10:13 - 2013-10-30 10:13 - 00000000 ____D C:\Users\Ondrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoModeler
2013-10-30 10:00 - 2013-10-30 16:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-30 09:43 - 2013-10-30 10:10 - 188887485 _____ C:\Users\Ondrej\Downloads\PM6DemoSetup.exe
2013-10-30 09:26 - 2013-10-30 11:53 - 00000000 ____D C:\Users\Ondrej\Documents\budova
2013-10-30 09:24 - 2013-10-09 11:04 - 04265854 _____ C:\Users\Ondrej\Documents\Fotogrammetrie.zip
2013-10-30 09:17 - 2013-10-30 09:17 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-10-29 17:52 - 2013-10-30 14:05 - 00000000 ____D C:\Users\Ondrej\Desktop\budova
2013-10-29 17:51 - 2013-10-29 17:51 - 00471354 _____ C:\Users\Ondrej\Desktop\budova.zip
2013-10-28 18:52 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-28 18:52 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-28 18:52 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-28 18:52 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-10-28 18:43 - 2013-10-28 18:43 - 00000836 _____ C:\Users\Ondrej\Desktop\Disk Check.lnk
2013-10-28 18:43 - 2013-10-28 18:43 - 00000000 ____D C:\Program Files\Disk Check
2013-10-28 18:42 - 2013-10-28 18:42 - 01468024 _____ (Puran Software ) C:\Users\Ondrej\Downloads\disk-check_1.0.exe
2013-10-28 17:53 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-28 17:53 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-28 17:51 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-28 17:51 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-26 07:56 - 2013-10-26 07:56 - 04181537 _____ C:\Users\Ondrej\Downloads\jak_psat_web.zip
2013-10-26 07:21 - 2013-10-26 07:21 - 00234010 _____ C:\Windows\SysWOW64\poclbm130302GeForce GTX 460gv1w256l4.bin
2013-10-26 07:19 - 2013-10-26 07:19 - 00000000 _____ C:\Users\Ondrej\regbcm
2013-10-25 16:20 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-25 16:20 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-25 16:20 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-21 15:31 - 2013-10-21 15:31 - 00000000 ____D C:\Program Files (x86)\LEGO Batman 2 Crack
2013-10-21 15:28 - 2013-10-21 15:28 - 00000000 ____D C:\Users\Ondrej\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-10-21 15:02 - 2013-10-22 17:21 - 00000000 ____D C:\Program Files (x86)\LEGO Batman 2
2013-10-18 12:39 - 2013-10-18 13:44 - 00038912 _____ C:\Users\Ondrej\Desktop\ExcelVojtechLhotskyCizinci.xls
2013-10-18 12:30 - 2013-10-18 12:29 - 00030720 _____ C:\Users\Ondrej\Desktop\data.xls
2013-10-18 11:57 - 2013-10-18 11:57 - 00056832 _____ C:\Users\Ondrej\Desktop\Nehody_v_doprave.xls
2013-10-15 17:32 - 2013-10-15 17:32 - 00000000 ____D C:\Program Files (x86)\Team Meat
2013-10-14 22:09 - 2013-10-14 22:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-14 22:06 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-14 22:06 - 2013-09-12 09:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-10-14 22:06 - 2013-09-12 09:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-10-14 22:06 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-10-14 22:06 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-10-06 20:31 - 2013-11-01 21:36 - 00000000 ____D C:\Users\Ondrej\Desktop\Subs

==================== One Month Modified Files and Folders =======

2013-11-05 16:54 - 2013-06-03 14:28 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-05 16:53 - 2013-11-05 16:53 - 00000000 ____D C:\FRST
2013-11-05 16:51 - 2013-11-05 16:51 - 00112128 _____ (forum.viry.cz) C:\Users\Ondrej\Desktop\FRSTLauncher.exe
2013-11-05 16:51 - 2013-11-05 16:50 - 01957098 _____ (Farbar) C:\Users\Ondrej\Desktop\FRST64.exe
2013-11-05 16:51 - 2012-05-29 09:52 - 00000000 ____D C:\Users\Ondrej\AppData\Roaming\Skype
2013-11-05 16:08 - 2013-08-02 16:16 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-05 16:08 - 2012-07-12 19:00 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-05 15:58 - 2012-09-17 17:34 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-05 14:50 - 2009-07-14 05:45 - 00016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-05 14:50 - 2009-07-14 05:45 - 00016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-05 14:49 - 2013-11-04 18:43 - 00000000 ____D C:\Qoobox
2013-11-05 14:47 - 2013-11-05 14:47 - 00023224 _____ C:\ComboFix.txt
2013-11-05 14:46 - 2012-05-29 08:17 - 01780496 _____ C:\Windows\WindowsUpdate.log
2013-11-05 14:42 - 2013-02-23 08:21 - 00000144 _____ C:\service.log
2013-11-05 14:41 - 2013-09-05 09:38 - 00020616 _____ C:\Windows\setupact.log
2013-11-05 14:41 - 2013-03-04 16:34 - 00000000 ____D C:\Users\Ondrej\AppData\Local\LogMeIn Hamachi
2013-11-05 14:41 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-05 14:40 - 2013-11-05 12:05 - 00003316 _____ C:\Windows\System32\Tasks\gg_uac_daemon_Ondrej
2013-11-05 14:40 - 2013-09-13 11:59 - 00005466 _____ C:\Windows\PFRO.log
2013-11-05 14:40 - 2013-06-03 14:28 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-05 14:40 - 2012-05-29 09:37 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-11-05 14:40 - 2012-05-29 08:26 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-05 14:40 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-05 14:39 - 2012-10-14 14:28 - 00000000 ____D C:\Windows\erdnt
2013-11-05 14:29 - 2013-11-05 14:29 - 00001204 _____ C:\CF-Submit.htm
2013-11-05 13:03 - 2012-11-12 20:34 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-05 13:00 - 2013-08-24 17:47 - 00000000 ____D C:\AdwCleaner
2013-11-05 12:57 - 2013-11-05 12:57 - 01073258 _____ C:\Users\Ondrej\Desktop\adwcleaner.exe
2013-11-05 12:00 - 2013-11-05 11:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-05 12:00 - 2013-11-05 11:38 - 00000000 ____D C:\Users\Ondrej\Desktop\mbar
2013-11-05 11:39 - 2013-11-05 11:39 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-05 11:38 - 2013-11-05 11:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-05 11:38 - 2013-11-05 11:37 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Ondrej\Desktop\mbar-1.07.0.1007.exe
2013-11-05 10:54 - 2013-07-24 10:37 - 00281152 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-05 09:28 - 2013-11-05 09:28 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-11-04 18:41 - 2013-11-04 18:40 - 00004018 _____ C:\Users\Ondrej\Desktop\Rkill.txt
2013-11-04 18:39 - 2013-11-04 18:39 - 05143677 ____R (Swearware) C:\Users\Ondrej\Desktop\ComboFix.exe
2013-11-04 18:38 - 2013-11-04 18:37 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Ondrej\Desktop\rkill.com
2013-11-04 15:53 - 2013-11-04 15:53 - 00000000 ____D C:\rsit
2013-11-04 15:53 - 2012-10-14 20:45 - 00000000 ____D C:\Program Files\trend micro
2013-11-04 15:52 - 2013-11-04 15:52 - 00935175 _____ C:\Users\Ondrej\Downloads\RSITx64.exe
2013-11-04 13:41 - 2013-03-29 18:11 - 00913408 _____ C:\Users\Ondrej\Desktop\Lhotsky.accdb
2013-11-04 13:40 - 2012-05-29 10:31 - 00000000 ____D C:\Users\Ondrej\Desktop\Prace_do_skoly
2013-11-03 18:52 - 2012-05-30 16:46 - 00000000 ____D C:\Users\Ondrej\Desktop\Hry+filmy na mobil
2013-11-03 18:49 - 2012-05-29 19:42 - 00000000 ____D C:\Users\Ondrej\AppData\Roaming\BitComet
2013-11-03 09:13 - 2012-08-04 17:48 - 00000000 ____D C:\ProgramData\Tunngle
2013-11-03 08:58 - 2012-09-17 17:19 - 00000000 ___HD C:\Users\Ondrej\.utjxkp-vi
2013-11-03 08:58 - 2012-09-17 17:19 - 00000000 ____D C:\Users\Ondrej\.borland
2013-11-02 15:31 - 2012-07-20 16:27 - 00000000 ____D C:\Users\Ondrej\Documents\TrackMania
2013-11-02 15:17 - 2012-07-20 16:28 - 00000000 ____D C:\ProgramData\TrackMania
2013-11-01 21:36 - 2013-10-06 20:31 - 00000000 ____D C:\Users\Ondrej\Desktop\Subs
2013-11-01 18:11 - 2013-11-01 18:09 - 364683561 _____ C:\Users\Ondrej\Desktop\american.horror.story.s03e04.hdtv.x264-2hd.mp4
2013-10-31 23:48 - 2012-05-29 08:22 - 00000000 ____D C:\Users\Ondrej
2013-10-31 15:01 - 2012-05-29 09:38 - 00000000 ___RD C:\Users\Ondrej\Desktop\Filmy
2013-10-31 07:30 - 2012-09-06 18:39 - 00747818 _____ C:\Windows\system32\perfh00A.dat
2013-10-31 07:30 - 2012-09-06 18:39 - 00163602 _____ C:\Windows\system32\perfc00A.dat
2013-10-31 07:30 - 2009-07-14 16:18 - 00678718 _____ C:\Windows\system32\perfh005.dat
2013-10-31 07:30 - 2009-07-14 16:18 - 00146588 _____ C:\Windows\system32\perfc005.dat
2013-10-31 07:30 - 2009-07-14 06:13 - 02526366 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-31 07:23 - 2012-05-29 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-30 16:08 - 2013-10-30 10:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-30 14:05 - 2013-10-29 17:52 - 00000000 ____D C:\Users\Ondrej\Desktop\budova
2013-10-30 12:37 - 2013-10-30 10:14 - 00000000 ____D C:\Users\Ondrej\AppData\Local\PhotoModeler
2013-10-30 11:53 - 2013-10-30 09:26 - 00000000 ____D C:\Users\Ondrej\Documents\budova
2013-10-30 10:14 - 2013-10-30 10:14 - 00003120 _____ C:\Windows\swkalpmlic.lf
2013-10-30 10:14 - 2013-10-30 10:14 - 00000956 _____ C:\Users\Public\Desktop\PhotoModeler 6.lnk
2013-10-30 10:14 - 2013-10-30 10:14 - 00000000 ____D C:\Users\Ondrej\Documents\PhotoModeler
2013-10-30 10:14 - 2013-10-30 10:13 - 00000000 ____D C:\Program Files (x86)\PhotoModeler6
2013-10-30 10:13 - 2013-10-30 10:13 - 00000000 ____D C:\Users\Public\Documents\PhotoModeler
2013-10-30 10:13 - 2013-10-30 10:13 - 00000000 ____D C:\Users\Ondrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoModeler
2013-10-30 10:10 - 2013-10-30 09:43 - 188887485 _____ C:\Users\Ondrej\Downloads\PM6DemoSetup.exe
2013-10-30 09:17 - 2013-10-30 09:17 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-10-30 09:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\spool
2013-10-29 17:51 - 2013-10-29 17:51 - 00471354 _____ C:\Users\Ondrej\Desktop\budova.zip
2013-10-28 18:56 - 2012-05-29 08:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-28 18:43 - 2013-10-28 18:43 - 00000836 _____ C:\Users\Ondrej\Desktop\Disk Check.lnk
2013-10-28 18:43 - 2013-10-28 18:43 - 00000000 ____D C:\Program Files\Disk Check
2013-10-28 18:42 - 2013-10-28 18:42 - 01468024 _____ (Puran Software ) C:\Users\Ondrej\Downloads\disk-check_1.0.exe
2013-10-28 17:53 - 2012-05-29 08:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-28 17:53 - 2012-05-29 08:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-28 16:58 - 2012-12-11 16:49 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2013-10-26 13:34 - 2013-08-31 08:41 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-10-26 07:56 - 2013-10-26 07:56 - 04181537 _____ C:\Users\Ondrej\Downloads\jak_psat_web.zip
2013-10-26 07:40 - 2013-09-20 15:59 - 00000000 ____D C:\Program Files\wkokes_7_25
2013-10-26 07:28 - 2012-05-29 11:37 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-10-26 07:21 - 2013-10-26 07:21 - 00234010 _____ C:\Windows\SysWOW64\poclbm130302GeForce GTX 460gv1w256l4.bin
2013-10-26 07:19 - 2013-10-26 07:19 - 00000000 _____ C:\Users\Ondrej\regbcm
2013-10-23 11:30 - 2013-10-28 18:52 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-10-28 18:52 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-10-23 11:30 - 2013-10-28 18:52 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-10-23 11:30 - 2013-10-25 16:20 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-10-14 22:06 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2012-10-10 21:23 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2012-10-10 21:23 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-10-23 11:30 - 2012-05-29 08:25 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2012-05-29 08:25 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2012-05-29 08:25 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2012-05-29 08:25 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 09:20 - 2012-05-29 08:26 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2012-05-29 08:26 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2012-05-29 08:26 - 03426956 _____ C:\Windows\system32\nvcoproc.bin
2013-10-23 09:20 - 2012-05-29 08:26 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2012-05-29 08:26 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2012-05-29 08:26 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2012-05-29 08:26 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-22 17:21 - 2013-10-21 15:02 - 00000000 ____D C:\Program Files (x86)\LEGO Batman 2
2013-10-21 16:27 - 2013-01-05 19:42 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-10-21 16:27 - 2012-05-31 21:57 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-21 16:10 - 2012-05-29 09:44 - 02485140 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-21 15:31 - 2013-10-21 15:31 - 00000000 ____D C:\Program Files (x86)\LEGO Batman 2 Crack
2013-10-21 15:28 - 2013-10-21 15:28 - 00000000 ____D C:\Users\Ondrej\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-10-21 14:48 - 2013-10-01 18:34 - 00000000 ____D C:\Program Files (x86)\Surgeon Simulator 2013
2013-10-21 14:47 - 2012-11-02 20:12 - 00000000 ____D C:\Users\Ondrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-10-21 14:47 - 2012-11-02 19:55 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-20 12:15 - 2012-06-24 19:21 - 00000000 ____D C:\Users\Ondrej\AppData\Roaming\BSplayer
2013-10-18 13:44 - 2013-10-18 12:39 - 00038912 _____ C:\Users\Ondrej\Desktop\ExcelVojtechLhotskyCizinci.xls
2013-10-18 12:29 - 2013-10-18 12:30 - 00030720 _____ C:\Users\Ondrej\Desktop\data.xls
2013-10-18 11:57 - 2013-10-18 11:57 - 00056832 _____ C:\Users\Ondrej\Desktop\Nehody_v_doprave.xls
2013-10-18 02:36 - 2013-10-28 17:53 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-28 17:53 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-16 16:18 - 2012-05-29 09:38 - 00000000 ___RD C:\Users\Ondrej\Desktop\hry
2013-10-16 15:32 - 2012-07-06 11:41 - 00000000 ____D C:\Users\Ondrej\Documents\My Games
2013-10-16 01:48 - 2013-10-25 16:20 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-25 16:20 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-15 17:33 - 2013-09-04 18:57 - 00223101 _____ C:\Windows\DirectX.log
2013-10-15 17:32 - 2013-10-15 17:32 - 00000000 ____D C:\Program Files (x86)\Team Meat
2013-10-15 16:25 - 2012-05-29 09:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 22:09 - 2013-10-14 22:09 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-10-11 09:28 - 2012-09-17 17:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-11 09:28 - 2012-09-17 17:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-11 09:28 - 2012-09-17 17:34 - 00003776 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-11 09:27 - 2012-05-29 09:52 - 00000000 ____D C:\ProgramData\Skype
2013-10-09 11:04 - 2013-10-30 09:24 - 04265854 _____ C:\Users\Ondrej\Documents\Fotogrammetrie.zip
2013-10-08 07:49 - 2012-06-11 14:46 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 07:49 - 2012-06-11 14:46 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 07:13 - 2013-09-08 13:28 - 00000000 ____D C:\Users\Ondrej\Documents\StarCraft II

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 14:03




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.66 GB) (Free:30.32 GB) NTFS

Available physical RAM: 2228.4 MB
Total physical RAM: 4093.55 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 82B42873)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4
AlternateDataStreams: C:\ProgramData\TEMP:A85D770C
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ondrej\Desktop" je 65098 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus
"C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================