Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prev.kontrola

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Prev.kontrola

#1 Příspěvek od digiart »

:31: Prosím o preventivní kontrolu, Avast hlásí vir win32:expiro-u, Předem děkuji.
Přikládám log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Digiart at 2014-05-18 23:13:33
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 116 GB (19%) free of 610 GB
Total RAM: 2046 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:13:36, on 18.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\System Explorer\SystemExplorer.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Digiart\AppData\Local\QIP\QIP Shot\QIPShot.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files\MSI Afterburner\MSIAfterburner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MyPC Backup\MyPC Backup.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Cumulus\cumulus.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Digiart\Desktop\Stahuju\Staženo\Software\RSIT.exe
C:\Program Files\trend micro\Digiart.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru/?utm_source=qip2012&utm_m ... 2012_start
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 1&tsp=5241
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: buenosearch Helper Object - {F1C81E40-2485-4DB6-8C9D-04BD596B281E} - C:\Program Files\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: buenosearch Toolbar - {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [QipShot] "C:\Users\Digiart\AppData\Local\QIP\QIP Shot\QIPShot.exe" /minimize
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Mobiola Web Camera USB.lnk = C:\Program Files\Mobiola Web Camera USB\BtCam.exe
O4 - Startup: MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe
O4 - Global Startup: Afteburner.lnk = C:\Program Files\MSI Afterburner\MSIAfterburner.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SystemExplorerDisabled
O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ALL_LINK
O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files\4shared Desktop\Desktop.32/D_ONE_LINK
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Stáhnout s IDM - J:\počasí\down\Crack\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - J:\počasí\down\Crack\IEGetAll.htm
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files\MyPC Backup\BackupStack.exe
O23 - Service: @comres.dll,-947 (COMSysApp) - Unknown owner - C:\Windows\system32\dllhost.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - J:\xampp\FileZillaFTP\FileZilla server.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NetSnap WebCam (NetSnap) - Unknown owner - C:\Program Files\PeleSoft\NetSnap\NetSnap.exe (file missing)
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files\System Explorer\service\SystemExplorerService.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

--
End of file - 14073 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\At1.job
C:\Windows\tasks\At2.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\iWebar-chromeinstaller.job
C:\Windows\tasks\iWebar-codedownloader.job
C:\Windows\tasks\iWebar-enabler.job
C:\Windows\tasks\iWebar-firefoxinstaller.job
C:\Windows\tasks\iWebar-updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Digiart\AppData\Roaming\Mozilla\Firefox\Profiles\iqlqz7yu.default

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.206 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@thrixxx.com/WebLaunch]
"Description"=thriXXX WebLaunch 1.0
"Path"=C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


C:\Program Files\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-18 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-09-01 140752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}]
buenosearch Helper Object - C:\Program Files\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll [2013-11-08 280984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{828DC97A-2277-4E10-92A9-4907FA0922A9} - buenosearch Toolbar - C:\Program Files\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll [2013-11-08 297368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"NPSStartup"= []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-06-25 7547424]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2012-12-09 336992]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2012-09-13 204136]
""= []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]
"SystemExplorerAutoStart"=C:\Program Files\System Explorer\SystemExplorer.exe [2014-03-18 2861600]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21 472992]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-18 3873704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"QipShot"=C:\Users\Digiart\AppData\Local\QIP\QIP Shot\QIPShot.exe [2014-04-17 4929024]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-09-16 800280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
C:\Program Files\Ashampoo\Ashampoo Snap 6\ashsnap.exe [2013-01-15 3769168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files\Guard-ICQ\GuardICQ.exe /gui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Digiart^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Afteburner.lnk - C:\Program Files\MSI Afterburner\MSIAfterburner.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
SystemExplorerDisabled

C:\Users\Digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Mobiola Web Camera USB.lnk - C:\Program Files\Mobiola Web Camera USB\BtCam.exe
MyPC Backup.lnk - C:\Program Files\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger="

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.ACDV"=ACDV.dll
"VIDC.FMVC"=fmcodec.dll
"vidc.tscc"=C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll
"vidc.tsc2"=C:\Windows\system32\tsc2_codec32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.iv50"=ir50_32.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.dvsd"=pdvcodec.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.dvacm_vspx7"=c:\PROGRA~1\Corel\CORELV~2\Dvacm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-05-19 00:12:04 ----AD---- C:\bd_logs
2014-05-18 23:06:53 ----D---- C:\rsit
2014-05-18 23:06:53 ----D---- C:\Program Files\trend micro
2014-05-18 22:54:13 ----A---- C:\Windows\ntbtlog.txt
2014-05-18 17:46:34 ----D---- C:\Users\Digiart\AppData\Roaming\AVAST Software
2014-05-18 17:44:57 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-05-18 17:44:57 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-05-18 17:44:57 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-05-18 17:44:57 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-05-18 17:44:56 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-05-18 17:44:56 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-05-18 17:44:56 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-05-18 17:44:54 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-05-18 17:44:44 ----A---- C:\Windows\system32\aswBoot.exe
2014-05-18 17:44:40 ----A---- C:\Windows\avastSS.scr
2014-05-18 17:43:17 ----D---- C:\Program Files\AVAST Software
2014-05-18 17:42:24 ----D---- C:\ProgramData\AVAST Software
2014-05-14 23:41:44 ----D---- C:\Program Files\Electronic Arts
2014-05-14 21:22:26 ----D---- C:\Program Files\CursorMania
2014-05-14 09:47:18 ----D---- C:\Program Files\SmartCam
2014-05-12 11:35:18 ----A---- C:\AVScanner.ini
2014-05-12 10:21:38 ----D---- C:\Program Files\McAfee Security Scan
2014-05-12 09:44:07 ----A---- C:\Windows\system32\javaws.exe
2014-05-12 09:43:58 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-05-12 09:43:58 ----A---- C:\Windows\system32\javaw.exe
2014-05-12 09:43:58 ----A---- C:\Windows\system32\java.exe
2014-05-11 12:27:54 ----A---- C:\Windows\UnGins.exe
2014-05-11 12:27:53 ----D---- C:\Program Files\REL Link Checker Lite
2014-05-11 10:09:32 ----D---- C:\Program Files\Mozilla Firefox
2014-05-11 09:51:59 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-05-10 09:29:54 ----D---- C:\Windows\system32\MRT
2014-05-10 09:29:52 ----A---- C:\Windows\system32\MRT.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\wininet.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\wextract.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\webcheck.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\vbscript.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\urlmon.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\url.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\pngfilt.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\occache.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\msrating.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\msls31.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\mshtmler.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\mshtml.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\mshta.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\msfeedssync.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\licmgr10.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\jsIntl.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\jscript9diag.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\jscript9.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\jscript.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\inseng.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\imgutil.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\iexpress.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ieui.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\iesysprep.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\iesetup.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\iertutil.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\iernonce.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\iepeers.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ieframe.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ieapfltr.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ieapfltr.dat
2014-05-10 09:24:15 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-10 09:24:15 ----A---- C:\Windows\system32\icardie.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\elshyph.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-05-10 09:24:15 ----A---- C:\Windows\system32\dxtmsft.dll
2014-05-10 09:23:21 ----A---- C:\Windows\system32\tdh.dll
2014-05-10 09:23:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-10 09:23:21 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-10 09:23:21 ----A---- C:\Windows\system32\ntdll.dll
2014-05-10 09:23:21 ----A---- C:\Windows\system32\advapi32.dll
2014-05-10 09:23:08 ----A---- C:\Windows\system32\mswsock.dll
2014-05-10 09:23:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-05-10 09:23:08 ----A---- C:\Windows\system32\drivers\afd.sys
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-10 09:22:27 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\XpsPrint.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\WMPhoto.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\UIAnimation.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\FntCache.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\dxgi.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\DWrite.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\d3d10warp.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\d3d10level9.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\d3d10core.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\d3d10_1.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\d3d10.dll
2014-05-10 09:22:27 ----A---- C:\Windows\system32\d2d1.dll
2014-05-10 09:19:46 ----A---- C:\Windows\system32\d3d11.dll
2014-05-10 09:02:03 ----A---- C:\Windows\system32\qedit.dll
2014-05-10 09:01:54 ----A---- C:\Windows\system32\kernel32.dll
2014-05-09 14:46:36 ----D---- C:\Program Files\webcam 7
2014-05-08 03:11:58 ----D---- C:\Program Files\buenosearch LTD
2014-05-08 03:11:55 ----D---- C:\Users\Digiart\AppData\Roaming\buenosearch LTD
2014-05-07 09:23:23 ----D---- C:\Program Files\Sim 2
2014-05-03 23:29:35 ----D---- C:\Program Files\ZD Soft
2014-05-03 11:10:38 ----D---- C:\adobeTemp
2014-05-01 16:29:01 ----D---- C:\Program Files\Tracker Software
2014-05-01 12:43:22 ----A---- C:\Windows\system32\drivers\BTCamDrv.sys
2014-05-01 12:43:19 ----D---- C:\Program Files\Mobiola Web Camera USB
2014-05-01 08:13:52 ----D---- C:\Users\Digiart\AppData\Roaming\WeatherWatcherLive
2014-05-01 08:12:24 ----D---- C:\Program Files\Weather Watcher Live
2014-04-30 11:21:23 ----D---- C:\ProgramData\TreeCardGames
2014-04-30 11:21:18 ----D---- C:\Users\Digiart\AppData\Roaming\MahJong Suite
2014-04-30 11:19:53 ----D---- C:\Program Files\MahJong Suite
2014-04-29 18:37:46 ----D---- C:\Users\Digiart\AppData\Roaming\Two Pilots
2014-04-29 18:29:27 ----D---- C:\Program Files\Exif Pilot
2014-04-28 13:21:49 ----D---- C:\Program Files\FastStone Capture
2014-04-28 08:41:18 ----D---- C:\ProgramData\DVD Shrink
2014-04-28 08:40:55 ----D---- C:\Program Files\DVD Shrink
2014-04-27 17:53:40 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2014-04-27 17:53:30 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2014-04-26 10:38:37 ----D---- C:\Program Files\webcamXP5
2014-04-25 13:47:30 ----D---- C:\Users\Digiart\AppData\Roaming\SimCity
2014-04-25 13:41:41 ----D---- C:\Program Files\R.G. Mechanics
2014-04-24 16:20:50 ----D---- C:\Program Files\Cabela's Big Game Hunter Pro Hunts
2014-04-23 01:48:06 ----D---- C:\Program Files\Oracle
2014-04-22 18:18:14 ----D---- C:\Program Files\CrystalDiskInfo
2014-04-22 13:02:35 ----D---- C:\ProgramData\McAfee
2014-04-21 23:06:43 ----D---- C:\Users\Digiart\AppData\Roaming\thriXXX
2014-04-21 23:06:43 ----D---- C:\Program Files\thriXXX
2014-04-21 13:03:58 ----D---- C:\ProgramData\SNT
2014-04-21 13:03:57 ----D---- C:\Program Files\SNT
2014-04-21 13:03:51 ----D---- C:\ProgramData\Rightapp software
2014-04-21 13:02:31 ----A---- C:\Users\Digiart\AppData\Roaming\LiveSupport.exe_log.txt
2014-04-21 13:02:30 ----A---- C:\Users\Digiart\AppData\Roaming\regsvr32.exe_log.txt
2014-04-21 13:02:28 ----D---- C:\Program Files\LiveSupport
2014-04-21 13:02:15 ----D---- C:\Program Files\Optimizer Pro
2014-04-21 13:01:01 ----D---- C:\Program Files\SW-Booster
2014-04-21 13:00:40 ----D---- C:\ProgramData\YoutubeAdblocker
2014-04-21 13:00:40 ----D---- C:\Program Files\YoutubeAdblocker
2014-04-21 13:00:25 ----D---- C:\ProgramData\savEE net
2014-04-21 13:00:23 ----D---- C:\Program Files\savEE net
2014-04-21 13:00:16 ----D---- C:\ProgramData\634d663d864c5e36
2014-04-21 01:11:14 ----D---- C:\Program Files\MD5Check
2014-04-20 09:11:37 ----D---- C:\Program Files\Hard Disk Sentinel

======List of files/folders modified in the last 1 month======

2014-05-19 00:33:27 ----D---- C:\Windows\system32\config
2014-05-18 23:13:36 ----D---- C:\Windows\Temp
2014-05-18 23:06:53 ----D---- C:\Program Files
2014-05-18 22:58:59 ----D---- C:\Program Files\MyPC Backup
2014-05-18 22:58:47 ----D---- C:\Windows\Registration
2014-05-18 22:54:13 ----D---- C:\Windows
2014-05-18 21:52:41 ----D---- C:\Windows\system32\Tasks
2014-05-18 21:21:29 ----D---- C:\Windows\Prefetch
2014-05-18 21:15:40 ----RD---- C:\Users
2014-05-18 21:15:19 ----HD---- C:\Config.Msi
2014-05-18 18:41:40 ----D---- C:\Program Files\Translat_V14
2014-05-18 17:58:43 ----D---- C:\Windows\system32\drivers
2014-05-18 17:57:41 ----D---- C:\Windows\system32\catroot2
2014-05-18 17:48:36 ----D---- C:\Windows\winsxs
2014-05-18 17:44:44 ----D---- C:\Windows\System32
2014-05-18 17:44:31 ----D---- C:\Program Files\Windows Sidebar
2014-05-18 17:43:14 ----SHD---- C:\System Volume Information
2014-05-18 17:42:24 ----D---- C:\ProgramData
2014-05-18 17:38:36 ----SHD---- C:\Windows\Installer
2014-05-18 17:38:36 ----D---- C:\ProgramData\f-secure
2014-05-18 17:33:15 ----A---- C:\missing.ini
2014-05-18 17:33:01 ----AD---- C:\ProgramData\TEMP
2014-05-18 16:50:19 ----D---- C:\Windows\inf
2014-05-18 16:50:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-18 15:03:01 ----D---- C:\Users\Digiart\AppData\Roaming\FileZilla
2014-05-18 00:22:49 ----D---- C:\Users\Digiart\AppData\Roaming\uTorrent
2014-05-17 21:39:21 ----D---- C:\Program Files\FastShare
2014-05-17 20:52:03 ----D---- C:\Program Files\QIP 2012
2014-05-17 00:52:35 ----RSD---- C:\Windows\Fonts
2014-05-16 20:32:47 ----D---- C:\Users\Digiart\AppData\Roaming\ICQ
2014-05-16 11:53:39 ----D---- C:\Users\Digiart\AppData\Roaming\XnView
2014-05-15 18:04:58 ----HD---- C:\Program Files\InstallShield Installation Information
2014-05-15 01:51:31 ----D---- C:\ProgramData\BOINC
2014-05-14 09:51:00 ----D---- C:\Windows\system32\drivers\UMDF
2014-05-13 09:27:51 ----D---- C:\Users\Digiart\AppData\Roaming\.minecraft
2014-05-12 16:25:53 ----D---- C:\Users\Digiart\AppData\Roaming\WXtoImg
2014-05-12 16:17:17 ----D---- C:\Program Files\WXtoImg
2014-05-12 11:42:49 ----D---- C:\Program Files\FTP Commander
2014-05-12 11:41:50 ----D---- C:\Program Files\Chatango
2014-05-12 09:50:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-12 09:43:58 ----D---- C:\Program Files\Java
2014-05-11 10:28:06 ----D---- C:\Program Files\Music NFO Builder
2014-05-11 09:52:58 ----D---- C:\Users\Digiart\AppData\Roaming\Mozilla
2014-05-11 05:21:52 ----D---- C:\Windows\system32\catroot
2014-05-11 00:47:31 ----D---- C:\Windows\rescache
2014-05-10 23:17:37 ----D---- C:\Users\Digiart\AppData\Roaming\Centrum Mail
2014-05-10 12:03:36 ----D---- C:\Windows\Microsoft.NET
2014-05-10 11:59:07 ----RSD---- C:\Windows\assembly
2014-05-10 10:01:15 ----D---- C:\Windows\system32\cs-CZ
2014-05-10 10:01:04 ----D---- C:\Program Files\Windows Journal
2014-05-10 10:00:47 ----D---- C:\Program Files\Internet Explorer
2014-05-10 10:00:45 ----D---- C:\Windows\system32\migration
2014-05-10 10:00:45 ----D---- C:\Windows\PolicyDefinitions
2014-05-10 10:00:43 ----D---- C:\Windows\system32\en-US
2014-05-10 10:00:23 ----D---- C:\Windows\system32\zh-HK
2014-05-10 10:00:23 ----D---- C:\Windows\system32\pt-PT
2014-05-10 10:00:23 ----D---- C:\Windows\system32\pt-BR
2014-05-10 10:00:23 ----D---- C:\Windows\system32\pl-PL
2014-05-10 10:00:23 ----D---- C:\Windows\system32\ko-KR
2014-05-10 10:00:23 ----D---- C:\Windows\system32\it-IT
2014-05-10 10:00:23 ----D---- C:\Windows\system32\hu-HU
2014-05-10 10:00:22 ----D---- C:\Windows\system32\nl-NL
2014-05-10 10:00:22 ----D---- C:\Windows\system32\fr-FR
2014-05-10 10:00:22 ----D---- C:\Windows\system32\el-GR
2014-05-10 10:00:21 ----D---- C:\Windows\system32\fi-FI
2014-05-10 10:00:20 ----D---- C:\Windows\system32\zh-TW
2014-05-10 10:00:20 ----D---- C:\Windows\system32\zh-CN
2014-05-10 10:00:20 ----D---- C:\Windows\system32\tr-TR
2014-05-10 10:00:20 ----D---- C:\Windows\system32\sv-SE
2014-05-10 10:00:20 ----D---- C:\Windows\system32\ja-JP
2014-05-10 10:00:20 ----D---- C:\Windows\system32\es-ES
2014-05-10 10:00:20 ----D---- C:\Windows\system32\de-DE
2014-05-10 10:00:19 ----D---- C:\Windows\system32\ru-RU
2014-05-10 10:00:19 ----D---- C:\Windows\system32\nb-NO
2014-05-10 10:00:19 ----D---- C:\Windows\system32\da-DK
2014-05-10 10:00:02 ----D---- C:\Windows\system32\DriverStore
2014-05-10 09:29:54 ----D---- C:\Windows\debug
2014-05-10 09:28:01 ----D---- C:\Windows\Logs
2014-05-09 21:57:19 ----A---- C:\Windows\OverlayXP.ini
2014-05-08 23:42:08 ----D---- C:\Unreal Commander
2014-05-08 17:11:29 ----D---- C:\Users\Digiart\AppData\Roaming\QipShot
2014-05-08 16:42:58 ----A---- C:\out.txt
2014-05-05 12:34:03 ----D---- C:\Users\Digiart\AppData\Roaming\LangSoft
2014-05-03 14:11:00 ----D---- C:\Users\Digiart\AppData\Roaming\Adobe
2014-05-03 13:35:56 ----A---- C:\Windows\system32\dllhost.exe
2014-05-03 13:35:55 ----A---- C:\Windows\system32\rundll32.exe
2014-05-03 13:03:45 ----A---- C:\Windows\system32\sppsvc.exe
2014-05-03 11:16:41 ----D---- C:\Program Files\Seznam DVD 2011
2014-05-03 11:16:37 ----D---- C:\HeavyWeather
2014-05-03 11:16:36 ----D---- C:\Program Files\BitSpirit
2014-05-03 11:16:34 ----D---- C:\Program Files\XBMC
2014-05-03 11:10:53 ----D---- C:\Program Files\Adobe
2014-05-03 11:10:44 ----D---- C:\Program Files\Common Files\Adobe
2014-05-03 10:47:23 ----D---- C:\ProgramData\Adobe
2014-05-02 05:28:05 ----A---- C:\Windows\system32\wrap_oal.dll
2014-05-02 05:28:04 ----A---- C:\Windows\system32\OpenAL32.dll
2014-05-02 05:17:14 ----D---- C:\Lichterfelde
2014-05-01 08:06:11 ----N---- C:\Windows\Setup1.exe
2014-04-28 13:22:15 ----D---- C:\Users\Digiart\AppData\Roaming\FastStone
2014-04-27 22:51:43 ----D---- C:\Program Files\AutoGK
2014-04-27 22:50:34 ----D---- C:\Program Files\AviSynth 2.5
2014-04-27 17:53:40 ----DC---- C:\Windows\system32\DRVSTORE
2014-04-27 10:28:15 ----D---- C:\Windows\system32\wdi
2014-04-27 08:01:03 ----D---- C:\Program Files\eFMer
2014-04-27 07:57:21 ----D---- C:\Program Files\BOINC
2014-04-26 00:23:03 ----D---- C:\Program Files\Nero
2014-04-26 00:19:38 ----D---- C:\Program Files\phpEditorIDE
2014-04-26 00:18:24 ----D---- C:\Program Files\MyAshampoo
2014-04-25 18:17:54 ----D---- C:\Program Files\WinZip
2014-04-25 13:36:27 ----D---- C:\Program Files\Common Files
2014-04-25 13:30:56 ----D---- C:\Program Files\PHOTORECOVERY
2014-04-24 14:14:36 ----D---- C:\Program Files\Recepty doma
2014-04-23 18:01:17 ----D---- C:\Program Files\Bitcoin
2014-04-22 13:16:51 ----D---- C:\Program Files\HD Tune Pro
2014-04-22 13:10:06 ----D---- C:\Program Files\FileViewPro
2014-04-21 13:03:51 ----D---- C:\ProgramData\InstallMate
2014-04-21 12:51:05 ----D---- C:\Cumulus
2014-04-21 11:49:58 ----D---- C:\Users\Digiart\AppData\Roaming\Dropbox
2014-04-20 18:20:57 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-18 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-18 180632]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 15672]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-18 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-18 777488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-18 411680]
R1 cputemperature;cputemperature; C:\Windows\System32\Drivers\cputemperature.sys [2012-07-15 24512]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-12-09 113168]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-03-26 204064]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-03-26 104736]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2013-10-21 229224]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-18 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-18 67824]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-18 68312]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-08-21 35088]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 290304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-02-23 86544]
R3 BTCAMDRV;Mobiola Web Camera driver; C:\Windows\system32\DRIVERS\BTCamDrv.sys [2006-01-11 219136]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-25 2375776]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2012-01-18 312096]
R3 LVUVC;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-01-18 4332960]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 RTCore32;RTCore32; \??\C:\Program Files\MSI Afterburner\RTCore32.sys [2011-09-06 5632]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2013-07-16 27632]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-03-26 116512]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-03-26 126752]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2008-02-05 59960]
S2 SPDRIVER_1.0.0.24;SPDRIVER_1.0.0.24; \??\C:\Program Files\ShopperPro\JSDriver\1.0.0.24\jsdrv.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2013-08-21 32064]
S3 AODDriver;AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2013-03-25 17488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-11-17 17488]
S3 GVTDrv;GVTDrv; \??\C:\Windows\system32\Drivers\GVTDrv.sys [2013-04-03 24944]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 OLYMRYE;OLYMRYE; \??\C:\Windows\system32\olymrye.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2014-02-27 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys [2009-08-22 9088]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-04-24 18944]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-07-12 36984]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-08-21 136904]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-08-21 17864]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-08-21 153672]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2013-08-21 130248]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-18 50344]
R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files\MyPC Backup\BackupStack.exe [2014-03-14 36392]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2013-12-25 69632]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PSI_SVC_2;Corel License Validation Service V2, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 277360]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files\System Explorer\service\SystemExplorerService.exe [2012-11-25 567256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 FileZilla Server;FileZilla Server FTP server; J:\xampp\FileZillaFTP\FileZilla server.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-28 116648]
S2 NetSnap;NetSnap WebCam; C:\Program Files\PeleSoft\NetSnap\NetSnap.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-12 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-05-04 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-28 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-10 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-11 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-23 1343400]
S4 c67abfdb;SW-Sustainer; c:\progra~1\sw-boo~1\AssistantSvc.dll,service []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prev.kontrola

#2 Příspěvek od vyosek »

Zdravicko :)

:arrow: Je tam trochu bordelu ala adware

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prev.kontrola

#3 Příspěvek od digiart »

Log z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by Digiart on po 19.05.2014 at 10:08:10,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3959972875-4047148329-670703157-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilividtoolbarguid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitengine
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\ilividtoolbarguid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\simplytech
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3959972875-4047148329-670703157-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\livesupport_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\livesupport_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\search results toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c670dcae-e392-aa32-6f42-143c7fc4bdfd}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035510.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035510.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035510.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0035510.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311551110}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355555510}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366556610}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344554410}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035510.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035510.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035510.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0035510.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2475029
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344554410}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551110}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPIP_FF__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPIP_FF__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\boinctasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\boinctasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_android-x86_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_android-x86_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{244420F8-96C2-48C1-BAB8-4F0F210BEF57}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2446}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2446}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\epupdater
Successfully deleted: [File] "C:\Windows\System32\Tasks\YourFile DownloaderUpdate"
Successfully deleted: [File] "C:\Users\Digiart\AppData\Roaming\microsoft\internet explorer\qipsearchbar.dll"
Successfully deleted: [File] "C:\end"
Successfully deleted: [File] "C:\Users\Digiart\AppData\Local\Temp\searchqu.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\dsearchlink"
Successfully deleted: [Folder] "C:\ProgramData\snt"
Successfully deleted: [Folder] "C:\ProgramData\starapp"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\ProgramData\youtubeadblocker"
Successfully deleted: [Folder] "C:\Users\Digiart\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Digiart\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Digiart\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Digiart\AppData\Roaming\newnext.me"
Failed to delete: [Folder] "C:\Users\Digiart\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Digiart\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Digiart\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Digiart\appdata\locallow\conduitengine"
Successfully deleted: [Folder] "C:\Users\Digiart\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Digiart\appdata\locallow\ilividtoolbarguid"
Successfully deleted: [Folder] "C:\Users\Digiart\appdata\locallow\myashampoo"
Successfully deleted: [Folder] "C:\Users\Digiart\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Users\Digiart\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduitengine"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files\livesupport"
Successfully deleted: [Folder] "C:\Program Files\mobogenie"
Successfully deleted: [Folder] "C:\Program Files\myashampoo"
Successfully deleted: [Folder] "C:\Program Files\mypc backup"
Successfully deleted: [Folder] "C:\Program Files\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files\outobox"
Successfully deleted: [Folder] "C:\Program Files\snt"
Successfully deleted: [Folder] "C:\Program Files\windows searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files\yourfiledownloader"
Successfully deleted: [Folder] "C:\Program Files\youtubeadblocker"
Successfully deleted: [Folder] "C:\Program Files\Common Files\software update utility"
Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"
Successfully deleted: [Folder] "C:\Users\Digiart\AppData\Roaming\microsoft\windows\start menu\programs\browserprotect"
Successfully deleted: [Folder] "C:\Users\Digiart\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
Successfully deleted: [Folder] "C:\Users\Digiart\documents\optimizer pro"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Digiart\appdata\local\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 19.05.2014 at 10:14:05,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log z AdwCleaner:

# AdwCleaner v3.209 - Report created 19/05/2014 at 10:35:37
# Updated 18/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Digiart - DIGIART-PC
# Running from : C:\Users\Digiart\Desktop\adwcleaner_3.209.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack
[#] Service Deleted : c67abfdb

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Rightapp software
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\savEE net
Folder Deleted : C:\Program Files\buenosearch LTD
Folder Deleted : C:\Program Files\CursorMania
Folder Deleted : C:\Program Files\iWebar
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\SW-Booster
Folder Deleted : C:\Program Files\savEE net
Folder Deleted : C:\Windows\system32\SearchProtect
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\ASPNET\AppData\Local\torch
Folder Deleted : C:\Users\boinc_master\AppData\Local\torch
Folder Deleted : C:\Users\boinc_project\AppData\Local\torch
Folder Deleted : C:\Users\Digiart\AppData\Local\Babylon
Folder Deleted : C:\Users\Digiart\AppData\Local\Conduit
Folder Deleted : C:\Users\Digiart\AppData\Local\DownTango
Folder Deleted : C:\Users\Digiart\AppData\Local\genienext
Folder Deleted : C:\Users\Digiart\AppData\Local\iac
Folder Deleted : C:\Users\Digiart\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Digiart\AppData\Local\Pokki
Folder Deleted : C:\Users\Digiart\AppData\Local\torch
Folder Deleted : C:\Users\Digiart\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Digiart\AppData\Local\Temp\diamondata
Folder Deleted : C:\Users\Digiart\AppData\Local\Temp\mt_ffx
Folder Deleted : C:\Users\Digiart\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\Digiart\AppData\LocalLow\iWebar
Folder Deleted : C:\Users\Digiart\AppData\Roaming\buenosearch LTD
Folder Deleted : C:\Users\Digiart\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Digiart\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Digiart\Documents\Mobogenie
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fieakbncnpbjmkdajdmffajmicafnaea
Folder Deleted : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fieakbncnpbjmkdajdmffajmicafnaea
Folder Deleted : C:\Users\boinc_master\AppData\Local\Google\Chrome\User Data\Default\Extensions\fieakbncnpbjmkdajdmffajmicafnaea
Folder Deleted : C:\Users\boinc_project\AppData\Local\Google\Chrome\User Data\Default\Extensions\fieakbncnpbjmkdajdmffajmicafnaea
Folder Deleted : C:\Users\Digiart\AppData\Local\Google\Chrome\User Data\Default\Extensions\fieakbncnpbjmkdajdmffajmicafnaea
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fieakbncnpbjmkdajdmffajmicafnaea
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fieakbncnpbjmkdajdmffajmicafnaea
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\imiipmmncchpmmeieokpljfcccnhnkim
Folder Deleted : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\imiipmmncchpmmeieokpljfcccnhnkim
Folder Deleted : C:\Users\boinc_master\AppData\Local\Google\Chrome\User Data\Default\Extensions\imiipmmncchpmmeieokpljfcccnhnkim
Folder Deleted : C:\Users\boinc_project\AppData\Local\Google\Chrome\User Data\Default\Extensions\imiipmmncchpmmeieokpljfcccnhnkim
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\imiipmmncchpmmeieokpljfcccnhnkim
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\imiipmmncchpmmeieokpljfcccnhnkim
File Deleted : C:\Users\Digiart\daemonprocess.txt
File Deleted : C:\Users\Digiart\AppData\Local\Temp\END
File Deleted : C:\Users\Digiart\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Digiart\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\Digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Digiart\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\Digiart\Desktop\Sync Folder.lnk
File Deleted : C:\Windows\Tasks\iWebar-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\iWebar-codedownloader
File Deleted : C:\Windows\Tasks\iWebar-enabler.job
File Deleted : C:\Windows\System32\Tasks\iWebar-enabler
File Deleted : C:\Windows\Tasks\iWebar-updater.job
File Deleted : C:\Windows\System32\Tasks\iWebar-updater
File Deleted : C:\Windows\System32\Tasks\ShopperPro
File Deleted : C:\Windows\System32\Tasks\ShopperProJSUpd
File Deleted : C:\Windows\System32\Tasks\SMupdate1
File Deleted : C:\Windows\System32\Tasks\SPDriver
File Deleted : C:\Windows\Tasks\iWebar-chromeinstaller.job
File Deleted : C:\Windows\System32\Tasks\iWebar-chromeinstaller
File Deleted : C:\Windows\Tasks\iWebar-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\iWebar-firefoxinstaller

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF2A2C4B-4E02-4A5D-94E5-2ECDC40CCAAB}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF2A2C4B-4E02-4A5D-94E5-2ECDC40CCAAB}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15CA45D6-EE5C-4748-8D4E-90159EB508C4}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15CA45D6-EE5C-4748-8D4E-90159EB508C4}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2D80A26-EFCE-4B62-87FC-6CB0497CAC3B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2D80A26-EFCE-4B62-87FC-6CB0497CAC3B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC5FFB60-AAC8-4EEB-BCC6-EE83A5D11A2D}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC5FFB60-AAC8-4EEB-BCC6-EE83A5D11A2D}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D07C2FAF-1706-437F-8DAF-988827631036}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86593D0D-B8CB-4F38-8BDA-8557D8E6C7DC}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D07C2FAF-1706-437F-8DAF-988827631036}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9ADCFCD-CBE1-461C-9332-300BD8B55AE7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9ADCFCD-CBE1-461C-9332-300BD8B55AE7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C74E4BD-4C9E-435F-A9AF-C7B2B2FB048F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C74E4BD-4C9E-435F-A9AF-C7B2B2FB048F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C05B61E-FD70-4A26-883C-4E141C7C0F57}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C05B61E-FD70-4A26-883C-4E141C7C0F57}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6BB5D78-2AA2-423D-8047-816B0BEA1CA2}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6BB5D78-2AA2-423D-8047-816B0BEA1CA2}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2900B351-FCAB-4CC8-BE60-AF9568B0E2DD}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2900B351-FCAB-4CC8-BE60-AF9568B0E2DD}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59C8161E-16A2-46F1-BEE7-AC951F0A032B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C8161E-16A2-46F1-BEE7-AC951F0A032B}
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchappCore
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchHlpr
Key Deleted : HKLM\SOFTWARE\Classes\buenosearch.buenosearchHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.buenosearchESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.buenosearchESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\outobox_Setup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\outobox_Setup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\outobox1120_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\outobox1120_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\53e8ddbb66ee410
Key Deleted : HKLM\SOFTWARE\53e8ddbb66ee410
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4CC15FBA-46A4-4CB5-BFAF-F2335365AE76}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B6E533F-F78F-4525-B316-312BAF1295D1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8322EB6E-B594-41F6-A30B-CF3F800E1874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{600E980A-676B-44B7-B4E4-2DBD95B3B3AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B1290521-AB01-40EB-B993-AD122BEFC9E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1EB0A0B0-CABB-495C-A85A-7C8F891799C7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E6772887-C1E1-405E-94BB-D8760A1CF8DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F06672-0E95-41A9-80CB-DEE386AF99AD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{600E980A-676B-44B7-B4E4-2DBD95B3B3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{708D0DD7-FBC0-4437-B525-C098F450A62C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{06deb4b1-e1e5-4a7d-9e2d-20fbed93edf6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bc4995c-6aab-4370-a696-68cde34343af}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fe06ae-7016-478d-a84f-bf07f1d2ce47}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d9d7a328-f1c0-4db2-8729-968c127ebc1e}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BC92780-43D4-4813-9867-81AD1FE478BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D848D604-B316-47D4-886E-E668011F59AB}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{828DC97A-2277-4E10-92A9-4907FA0922A9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Key Deleted : HKCU\Software\buenosearch LTD
Key Deleted : HKCU\Software\fTalk
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\outobox
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\buenosearch LTD
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\MyAshampoo\toolbar
Key Deleted : HKLM\Software\outobox
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchquSRTB
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\iWebar
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKLM\Software\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\buenosearch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iWebar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Digiart\AppData\Roaming\Mozilla\Firefox\Profiles\iqlqz7yu.default\prefs.js ]


-\\ Google Chrome v34.0.1847.137

[ File : C:\Users\Digiart\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.certified-toolbar.com/?si=41460&st=bs&tid=2938&ts=1365375948742&tguid=41460-2938-1365375912450-405831&q={searchTerms}
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP7AE99414-98A6-4ABC-9207-D70A28E85CC8&q={searchTerms}&SSPV=
Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
Deleted [Search Provider] : hxxp://search.qip.ru/?query={searchTerms}
Deleted [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=88C26CF04964043B&affID=120008&tt=268013_icon&tsp=4986
Deleted [Search Provider] : hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5241
Deleted [Search Provider] : hxxp://search.photo.qip.ru/search/?query={searchTerms}&from=xml
Deleted [Startup_urls] : hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 1&tsp=5241
Deleted [Homepage] : hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 1&tsp=5241
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : fieakbncnpbjmkdajdmffajmicafnaea
Deleted [Extension] : fjpdnoojnohifgekbkmnfbiobhcbedka
Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [25487 octets] - [19/05/2014 10:17:21]
AdwCleaner[S0].txt - [22051 octets] - [19/05/2014 10:35:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22112 octets] ##########
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prev.kontrola

#4 Příspěvek od vyosek »

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prev.kontrola

#5 Příspěvek od digiart »

Log zasílám v RAR:
FRST.rar
(15.62 KiB) Staženo 147 x
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prev.kontrola

#6 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [336992 2012-12-09] (Power Software Ltd)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SystemExplorerAutoStart] => C:\Program Files\System Explorer\SystemExplorer.exe [2861600 2014-03-18] (Mister Group)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\Run: [QipShot] => C:\Users\Digiart\AppData\Local\QIP\QIP Shot\QIPShot.exe [4929024 2014-04-17] (QIP.ru)
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [800280 2013-09-16] (ZONER software)
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\MountPoints2: D - D:\cdstart.exe
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\MountPoints2: K - K:\instr.bat
IFEO\taskmgr.exe: [Debugger] 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Afteburner.lnk
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled ()

URLSearchHook: HKCU - (No Name) - {95289393-33EA-4F8D-B952-483415B9C955} -  No File
SearchScopes: HKLM - DefaultScope value is missing.

CHR HKLM\...\Chrome\Extension: [odiaflgoglmdpognebeehehkabaclnpb] - C:\Users\Digiart\AppData\Local\CRE\odiaflgoglmdpognebeehehkabaclnpb.crx [2013-05-15]
CHR HKLM\...\Chrome\Extension: [pjalfdhajfobgfnnmfcbphppgejklcge] - C:\Users\Digiart\AppData\Local\CRE\pjalfdhajfobgfnnmfcbphppgejklcge.crx [2013-05-15]
CHR HKCU\...\Chrome\Extension: [odiaflgoglmdpognebeehehkabaclnpb] - C:\Users\Digiart\AppData\Local\CRE\odiaflgoglmdpognebeehehkabaclnpb.crx [2013-05-15]
CHR HKCU\...\Chrome\Extension: [pjalfdhajfobgfnnmfcbphppgejklcge] - C:\Users\Digiart\AppData\Local\CRE\pjalfdhajfobgfnnmfcbphppgejklcge.crx [2013-05-15]

2014-05-19 10:58 - 2014-05-19 10:58 - 00112640 _____ (forum.viry.cz) C:\Users\Digiart\Desktop\FRSTLauncher.exe
2014-05-19 10:56 - 2014-05-19 10:56 - 00112640 _____ (forum.viry.cz) C:\Users\Digiart\Desktop\Nepotvrzeno 677670.crdownload
2014-05-19 10:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-19 10:17 - 2014-05-19 10:39 - 00000000 ____D () C:\AdwCleaner
2014-05-19 10:14 - 2014-05-19 10:14 - 00017310 _____ () C:\Users\Digiart\Desktop\JRT.txt
2014-05-19 10:08 - 2014-05-19 10:08 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 10:06 - 2014-05-19 10:06 - 01328723 _____ () C:\Users\Digiart\Desktop\adwcleaner_3.209.exe
2014-05-19 10:05 - 2014-05-19 10:05 - 01016261 _____ (Thisisu) C:\Users\Digiart\Desktop\JRT.exe
2014-05-19 09:21 - 2014-05-19 09:21 - 00000000 _____ () C:\Users\Digiart\Desktop\Nový textový dokument (6).txt
2014-05-19 09:21 - 2014-05-19 09:21 - 00000000 _____ () C:\Users\Digiart\Desktop\Nový textový dokument (5).txt
2014-05-19 00:33 - 2014-05-19 00:33 - 84148224 _____ () C:\Windows\system32\config\SOFTWARE.bdkup
2014-05-19 00:33 - 2014-05-19 00:33 - 19660800 _____ () C:\Windows\system32\config\SYSTEM.bdkup
2014-05-18 23:06 - 2014-05-18 23:13 - 00000000 ____D () C:\Program Files\trend micro
2014-05-18 23:06 - 2014-05-18 23:07 - 00000000 ____D () C:\rsit
C:\Users\Digiart\AppData\Roaming\Camdata.ini
C:\Users\Digiart\AppData\Roaming\CamLayout.ini
C:\Users\Digiart\AppData\Roaming\CamShapes.ini
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Users\Digiart\AppData\Local\Temp\app.exe
C:\Users\Digiart\AppData\Local\Temp\AutoRun.exe
C:\Users\Digiart\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Digiart\AppData\Local\Temp\AVG.exe
C:\Users\Digiart\AppData\Local\Temp\BackupSetup.exe
C:\Users\Digiart\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\Digiart\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Digiart\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Digiart\AppData\Local\Temp\eauninstall.exe
C:\Users\Digiart\AppData\Local\Temp\fsprod.dll
C:\Users\Digiart\AppData\Local\Temp\fssfm.dll
C:\Users\Digiart\AppData\Local\Temp\FUp_updater.exe
C:\Users\Digiart\AppData\Local\Temp\GdiPlus.dll
C:\Users\Digiart\AppData\Local\Temp\GLF3F61.tmp.ConduitEngineSetup.exe
C:\Users\Digiart\AppData\Local\Temp\GuardICQ.exe
C:\Users\Digiart\AppData\Local\Temp\hcuninstaller_20140224_172012_11860.exe
C:\Users\Digiart\AppData\Local\Temp\htmlayout.dll
C:\Users\Digiart\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Digiart\AppData\Local\Temp\installhelper.dll
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_4791696113074421393.dll
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_753366641611109225.dll
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_8400607822383562691.dll
C:\Users\Digiart\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Digiart\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Digiart\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Digiart\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Digiart\AppData\Local\Temp\msxml6-KB927977-enu-x86.exe
C:\Users\Digiart\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Digiart\AppData\Local\Temp\Need For Speed Underground_uninst.exe
C:\Users\Digiart\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Digiart\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Digiart\AppData\Local\Temp\nsa92B.exe
C:\Users\Digiart\AppData\Local\Temp\nsbD860.exe
C:\Users\Digiart\AppData\Local\Temp\nsbDB1F.exe
C:\Users\Digiart\AppData\Local\Temp\nse95DC.exe
C:\Users\Digiart\AppData\Local\Temp\nsk985C.exe
C:\Users\Digiart\AppData\Local\Temp\nsk9BB7.exe
C:\Users\Digiart\AppData\Local\Temp\nsl5D36.exe
C:\Users\Digiart\AppData\Local\Temp\nsr6015.exe
C:\Users\Digiart\AppData\Local\Temp\nstB689.exe
C:\Users\Digiart\AppData\Local\Temp\nsuFEAE.exe
C:\Users\Digiart\AppData\Local\Temp\oalinst.exe
C:\Users\Digiart\AppData\Local\Temp\OCL3B53.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCL40A2.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCL6793.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCL7670.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCLDEDA.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCLE8B6.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\ose00001.exe
C:\Users\Digiart\AppData\Local\Temp\preconfig.exe
C:\Users\Digiart\AppData\Local\Temp\propsys.dll
C:\Users\Digiart\AppData\Local\Temp\prxGLF3F61.tmp.tbMyAs.dll
C:\Users\Digiart\AppData\Local\Temp\Quarantine.exe
C:\Users\Digiart\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Digiart\AppData\Local\Temp\sfareca00001.dll
C:\Users\Digiart\AppData\Local\Temp\sfextra.dll
C:\Users\Digiart\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Digiart\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Digiart\AppData\Local\Temp\tu17p84.exe
C:\Users\Digiart\AppData\Local\Temp\UN32.EXE
C:\Users\Digiart\AppData\Local\Temp\uninst1.exe
C:\Users\Digiart\AppData\Local\Temp\uninstall87018777.exe
C:\Users\Digiart\AppData\Local\Temp\uninstall87018870.exe
C:\Users\Digiart\AppData\Local\Temp\uninstall929079.exe
C:\Users\Digiart\AppData\Local\Temp\uninstall930701.exe
C:\Users\Digiart\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Digiart\AppData\Local\Temp\vcheck12.dll
C:\Users\Digiart\AppData\Local\Temp\Welcome.exe
C:\Users\Digiart\AppData\Local\Temp\ytd_bu10_setup.exe
C:\Users\Digiart\AppData\Local\Temp\_is8306.exe
C:\Users\Digiart\AppData\Local\Temp\_is9500.exe
C:\Users\Digiart\AppData\Local\Temp\_isE0CF.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => ?
Task: C:\Windows\Tasks\At2.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f

Hosts:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prev.kontrola

#7 Příspěvek od digiart »

Moc se omlouvám za výpadek zde je log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:17-05-2014
Ran by Digiart at 2014-05-20 08:58:11 Run:1
Running from C:\Users\Digiart\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [336992 2012-12-09] (Power Software Ltd)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SystemExplorerAutoStart] => C:\Program Files\System Explorer\SystemExplorer.exe [2861600 2014-03-18] (Mister Group)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\Run: [QipShot] => C:\Users\Digiart\AppData\Local\QIP\QIP Shot\QIPShot.exe [4929024 2014-04-17] (QIP.ru)
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [800280 2013-09-16] (ZONER software)
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\MountPoints2: D - D:\cdstart.exe
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\...\MountPoints2: K - K:\instr.bat
IFEO\taskmgr.exe: [Debugger]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Afteburner.lnk
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled ()

URLSearchHook: HKCU - (No Name) - {95289393-33EA-4F8D-B952-483415B9C955} - No File
SearchScopes: HKLM - DefaultScope value is missing.

CHR HKLM\...\Chrome\Extension: [odiaflgoglmdpognebeehehkabaclnpb] - C:\Users\Digiart\AppData\Local\CRE\odiaflgoglmdpognebeehehkabaclnpb.crx [2013-05-15]
CHR HKLM\...\Chrome\Extension: [pjalfdhajfobgfnnmfcbphppgejklcge] - C:\Users\Digiart\AppData\Local\CRE\pjalfdhajfobgfnnmfcbphppgejklcge.crx [2013-05-15]
CHR HKCU\...\Chrome\Extension: [odiaflgoglmdpognebeehehkabaclnpb] - C:\Users\Digiart\AppData\Local\CRE\odiaflgoglmdpognebeehehkabaclnpb.crx [2013-05-15]
CHR HKCU\...\Chrome\Extension: [pjalfdhajfobgfnnmfcbphppgejklcge] - C:\Users\Digiart\AppData\Local\CRE\pjalfdhajfobgfnnmfcbphppgejklcge.crx [2013-05-15]

2014-05-19 10:58 - 2014-05-19 10:58 - 00112640 _____ (forum.viry.cz) C:\Users\Digiart\Desktop\FRSTLauncher.exe
2014-05-19 10:56 - 2014-05-19 10:56 - 00112640 _____ (forum.viry.cz) C:\Users\Digiart\Desktop\Nepotvrzeno 677670.crdownload
2014-05-19 10:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-19 10:17 - 2014-05-19 10:39 - 00000000 ____D () C:\AdwCleaner
2014-05-19 10:14 - 2014-05-19 10:14 - 00017310 _____ () C:\Users\Digiart\Desktop\JRT.txt
2014-05-19 10:08 - 2014-05-19 10:08 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 10:06 - 2014-05-19 10:06 - 01328723 _____ () C:\Users\Digiart\Desktop\adwcleaner_3.209.exe
2014-05-19 10:05 - 2014-05-19 10:05 - 01016261 _____ (Thisisu) C:\Users\Digiart\Desktop\JRT.exe
2014-05-19 09:21 - 2014-05-19 09:21 - 00000000 _____ () C:\Users\Digiart\Desktop\Nový textový dokument (6).txt
2014-05-19 09:21 - 2014-05-19 09:21 - 00000000 _____ () C:\Users\Digiart\Desktop\Nový textový dokument (5).txt
2014-05-19 00:33 - 2014-05-19 00:33 - 84148224 _____ () C:\Windows\system32\config\SOFTWARE.bdkup
2014-05-19 00:33 - 2014-05-19 00:33 - 19660800 _____ () C:\Windows\system32\config\SYSTEM.bdkup
2014-05-18 23:06 - 2014-05-18 23:13 - 00000000 ____D () C:\Program Files\trend micro
2014-05-18 23:06 - 2014-05-18 23:07 - 00000000 ____D () C:\rsit
C:\Users\Digiart\AppData\Roaming\Camdata.ini
C:\Users\Digiart\AppData\Roaming\CamLayout.ini
C:\Users\Digiart\AppData\Roaming\CamShapes.ini
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Users\Digiart\AppData\Local\Temp\app.exe
C:\Users\Digiart\AppData\Local\Temp\AutoRun.exe
C:\Users\Digiart\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Digiart\AppData\Local\Temp\AVG.exe
C:\Users\Digiart\AppData\Local\Temp\BackupSetup.exe
C:\Users\Digiart\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\Digiart\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Digiart\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Digiart\AppData\Local\Temp\eauninstall.exe
C:\Users\Digiart\AppData\Local\Temp\fsprod.dll
C:\Users\Digiart\AppData\Local\Temp\fssfm.dll
C:\Users\Digiart\AppData\Local\Temp\FUp_updater.exe
C:\Users\Digiart\AppData\Local\Temp\GdiPlus.dll
C:\Users\Digiart\AppData\Local\Temp\GLF3F61.tmp.ConduitEngineSetup.exe
C:\Users\Digiart\AppData\Local\Temp\GuardICQ.exe
C:\Users\Digiart\AppData\Local\Temp\hcuninstaller_20140224_172012_11860.exe
C:\Users\Digiart\AppData\Local\Temp\htmlayout.dll
C:\Users\Digiart\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Digiart\AppData\Local\Temp\installhelper.dll
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_4791696113074421393.dll
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_753366641611109225.dll
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_8400607822383562691.dll
C:\Users\Digiart\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Digiart\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Digiart\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Digiart\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Digiart\AppData\Local\Temp\msxml6-KB927977-enu-x86.exe
C:\Users\Digiart\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Digiart\AppData\Local\Temp\Need For Speed Underground_uninst.exe
C:\Users\Digiart\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Digiart\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Digiart\AppData\Local\Temp\nsa92B.exe
C:\Users\Digiart\AppData\Local\Temp\nsbD860.exe
C:\Users\Digiart\AppData\Local\Temp\nsbDB1F.exe
C:\Users\Digiart\AppData\Local\Temp\nse95DC.exe
C:\Users\Digiart\AppData\Local\Temp\nsk985C.exe
C:\Users\Digiart\AppData\Local\Temp\nsk9BB7.exe
C:\Users\Digiart\AppData\Local\Temp\nsl5D36.exe
C:\Users\Digiart\AppData\Local\Temp\nsr6015.exe
C:\Users\Digiart\AppData\Local\Temp\nstB689.exe
C:\Users\Digiart\AppData\Local\Temp\nsuFEAE.exe
C:\Users\Digiart\AppData\Local\Temp\oalinst.exe
C:\Users\Digiart\AppData\Local\Temp\OCL3B53.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCL40A2.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCL6793.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCL7670.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCLDEDA.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\OCLE8B6.tmp.dll
C:\Users\Digiart\AppData\Local\Temp\ose00001.exe
C:\Users\Digiart\AppData\Local\Temp\preconfig.exe
C:\Users\Digiart\AppData\Local\Temp\propsys.dll
C:\Users\Digiart\AppData\Local\Temp\prxGLF3F61.tmp.tbMyAs.dll
C:\Users\Digiart\AppData\Local\Temp\Quarantine.exe
C:\Users\Digiart\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Digiart\AppData\Local\Temp\sfareca00001.dll
C:\Users\Digiart\AppData\Local\Temp\sfextra.dll
C:\Users\Digiart\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Digiart\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Digiart\AppData\Local\Temp\tu17p84.exe
C:\Users\Digiart\AppData\Local\Temp\UN32.EXE
C:\Users\Digiart\AppData\Local\Temp\uninst1.exe
C:\Users\Digiart\AppData\Local\Temp\uninstall87018777.exe
C:\Users\Digiart\AppData\Local\Temp\uninstall87018870.exe
C:\Users\Digiart\AppData\Local\Temp\uninstall929079.exe
C:\Users\Digiart\AppData\Local\Temp\uninstall930701.exe
C:\Users\Digiart\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Digiart\AppData\Local\Temp\vcheck12.dll
C:\Users\Digiart\AppData\Local\Temp\Welcome.exe
C:\Users\Digiart\AppData\Local\Temp\ytd_bu10_setup.exe
C:\Users\Digiart\AppData\Local\Temp\_is8306.exe
C:\Users\Digiart\AppData\Local\Temp\_is9500.exe
C:\Users\Digiart\AppData\Local\Temp\_isE0CF.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => ?
Task: C:\Windows\Tasks\At2.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f

Hosts:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PWRISOVM.EXE => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SystemExplorerAutoStart => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\Software\Microsoft\Windows\CurrentVersion\Run\\QipShot => Value deleted successfully.
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => Value deleted successfully.
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3959972875-4047148329-670703157-1000 => Key not found.
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3959972875-4047148329-670703157-1000 => Key not found.
HKU\S-1-5-21-3959972875-4047148329-670703157-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3959972875-4047148329-670703157-1000 => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\taskmgr.exe => Key deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Afteburner.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\odiaflgoglmdpognebeehehkabaclnpb => Key deleted successfully.
C:\Users\Digiart\AppData\Local\CRE\odiaflgoglmdpognebeehehkabaclnpb.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\pjalfdhajfobgfnnmfcbphppgejklcge => Key deleted successfully.
"C:\Users\Digiart\AppData\Local\CRE\pjalfdhajfobgfnnmfcbphppgejklcge.crx" => File/Directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\odiaflgoglmdpognebeehehkabaclnpb => Key deleted successfully.
"C:\Users\Digiart\AppData\Local\CRE\odiaflgoglmdpognebeehehkabaclnpb.crx" => File/Directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\pjalfdhajfobgfnnmfcbphppgejklcge => Key deleted successfully.
"C:\Users\Digiart\AppData\Local\CRE\pjalfdhajfobgfnnmfcbphppgejklcge.crx" => File/Directory not found.
C:\Users\Digiart\Desktop\FRSTLauncher.exe => Moved successfully.
"C:\Users\Digiart\Desktop\Nepotvrzeno 677670.crdownload" => File/Directory not found.
C:\Windows\system32\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Digiart\Desktop\JRT.txt => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\Digiart\Desktop\adwcleaner_3.209.exe => Moved successfully.
C:\Users\Digiart\Desktop\JRT.exe => Moved successfully.
C:\Users\Digiart\Desktop\Nový textový dokument (6).txt => Moved successfully.
C:\Users\Digiart\Desktop\Nový textový dokument (5).txt => Moved successfully.
C:\Windows\system32\config\SOFTWARE.bdkup => Moved successfully.
C:\Windows\system32\config\SYSTEM.bdkup => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Digiart\AppData\Roaming\Camdata.ini => Moved successfully.
C:\Users\Digiart\AppData\Roaming\CamLayout.ini => Moved successfully.
C:\Users\Digiart\AppData\Roaming\CamShapes.ini => Moved successfully.
C:\Windows\Tasks\At1.job => Moved successfully.
C:\Windows\Tasks\At2.job => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\app.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\AutoRun.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\AutoRunGUI.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\AVG.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\BuenoSearchTB.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\BundleSweetIMSetup.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\dxwebsetup.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\eauninstall.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\fsprod.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\fssfm.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\FUp_updater.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\GdiPlus.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\GLF3F61.tmp.ConduitEngineSetup.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\GuardICQ.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\hcuninstaller_20140224_172012_11860.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\htmlayout.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\InstallerMessageBox.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\installhelper.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_4791696113074421393.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_753366641611109225.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\JNativeHook_8400607822383562691.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\LiveSupport_setup.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\msxml6-KB927977-enu-x86.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\MybabylonTB.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\Need For Speed Underground_uninst.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\NPSInstallerProxy.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nsa92B.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nsbD860.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nsbDB1F.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nse95DC.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nsk985C.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nsk9BB7.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nsl5D36.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nsr6015.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nstB689.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\nsuFEAE.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\oalinst.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\OCL3B53.tmp.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\OCL40A2.tmp.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\OCL6793.tmp.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\OCL7670.tmp.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\OCLDEDA.tmp.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\OCLE8B6.tmp.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\ose00001.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\preconfig.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\propsys.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\prxGLF3F61.tmp.tbMyAs.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\sfareca00001.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\sfextra.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\SRAssetsHelper.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\swt-win32-3740.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\tu17p84.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\UN32.EXE => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\uninst1.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\uninstall87018777.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\uninstall87018870.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\uninstall929079.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\uninstall930701.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\UpdateCheckerSetup.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\vcheck12.dll => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\Welcome.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\ytd_bu10_setup.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\_is8306.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\_is9500.exe => Moved successfully.
C:\Users\Digiart\AppData\Local\Temp\_isE0CF.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\At1.job not found.
C:\Windows\Tasks\At2.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":07BF512B" ADS removed successfully.
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prev.kontrola

#8 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prev.kontrola

#9 Příspěvek od digiart »

Jen jeden dotaz Avast mi občas vyhazuje tyto tabulky:
avast.jpg
avast.jpg (42.33 KiB) Zobrazeno 4824 x
co s tím ?

A ještě se mi ukazuje jedna tabulka když jsem ten soubor chtěl zkontrolovat přes Virustotal tak to nešlo a vyběhlo mi okno že je to virus.
už jen ten název toho souboru je podezřelí: DllHost.exe

Obrázek

Obrázek
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prev.kontrola

#10 Příspěvek od vyosek »

:arrow: Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe
  • Po spusteni odsouhlaste licencni podminky (klik na Accept)
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prev.kontrola

#11 Příspěvek od digiart »

Log je velký zasílám ho zapakovaný:
TDSSKiller_log.rar
(46.05 KiB) Staženo 156 x
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prev.kontrola

#12 Příspěvek od vyosek »

:arrow: Tady cisto, tak zkusime doplnek k Avastu

:arrow: Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.
  • Utilitu spustte a prikazte ji, at skenuje - klik na Scan
  • Kliknutim na Save log ulozte log aswMBR na plochu
  • Obsah logu aswMBR mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prev.kontrola

#13 Příspěvek od digiart »

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-21 12:11:50
-----------------------------
12:11:50.193 OS Version: Windows 6.1.7601 Service Pack 1
12:11:50.193 Number of processors: 2 586 0xF0B
12:11:50.194 ComputerName: DIGIART-PC UserName: Digiart
12:11:51.334 Initialize success
12:11:54.251 AVAST engine defs: 14052100
12:12:13.430 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
12:12:13.432 Disk 0 Vendor: WDC_WD6400AARS-00Y5B1 80.00A80 Size: 610479MB BusType: 3
12:12:13.435 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-2
12:12:13.438 Disk 1 Vendor: WDC_WD1600AAJS-00PSA0 05.06H05 Size: 152626MB BusType: 3
12:12:13.542 Disk 0 MBR read successfully
12:12:13.546 Disk 0 MBR scan
12:12:13.550 Disk 0 unknown MBR code
12:12:13.554 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 610377 MB offset 206848
12:12:13.561 Disk 0 scanning sectors +1250258944
12:12:13.626 Disk 0 scanning C:\Windows\system32\drivers
12:12:23.667 Service scanning
12:12:43.890 Modules scanning
12:12:50.627 Disk 0 trace - called modules:
12:12:50.636
12:12:51.674 AVAST engine scan C:\Windows
12:12:56.987 AVAST engine scan C:\Windows\system32
12:14:13.261 File: C:\Windows\system32\rundll32.exe **INFECTED** Win32:Evo-gen [Susp]
12:16:01.156 AVAST engine scan C:\Windows\system32\drivers
12:16:19.326 AVAST engine scan C:\Users\Digiart
15:09:49.264 AVAST engine scan C:\ProgramData
15:53:37.770 Scan finished successfully
16:00:51.142 Disk 0 MBR has been saved successfully to "C:\Users\Digiart\Desktop\Stahuju\Staženo\Software\MBR.dat"
16:00:51.149 The log file has been saved successfully to "C:\Users\Digiart\Desktop\Stahuju\Staženo\Software\aswMBR.txt"
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prev.kontrola

#14 Příspěvek od vyosek »

:arrow: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
  • Ulozte nejlepe na Plochu a rozbalte
  • Spustte kliknutim na mbar
  • Nyni postupne kliknete na Next a Update
  • Po dokonceni update (aktualizace) databaze kliknete opet na Next
  • Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
  • Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
  • Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
  • Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
  • PC bude restartovan
  • Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prev.kontrola

#15 Příspěvek od digiart »

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.17041

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, J:\ DRIVE_FIXED
CPU speed: 2.599000 GHz
Memory total: 2145902592, free: 295378944

Downloaded database version: v2014.05.21.07
Downloaded database version: v2014.03.27.01
Initializing...
======================
------------ Kernel report ------------
05/21/2014 19:58:45
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\speedfan.sys
\SystemRoot\System32\Drivers\SmartDefragDriver.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\giveio.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\??\C:\Windows\system32\Drivers\vmm.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\cputemperature.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\VMNetSrv.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\BTCamDrv.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\seehcri.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\MarvinBus.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW73.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\lvuvc.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\lvrs.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\FsUsbExDisk.SYS
\??\C:\Program Files\MSI Afterburner\RTCore32.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\MSPQM.sys
\SystemRoot\system32\drivers\MSPCLOCK.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\normaliz.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\imm32.dll
\Windows\System32\wininet.dll
\Windows\System32\difxapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\sechost.dll
\Windows\System32\urlmon.dll
\Windows\System32\advapi32.dll
\Windows\System32\user32.dll
\Windows\System32\gdi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\nsi.dll
\Windows\System32\iertutil.dll
\Windows\System32\psapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\setupapi.dll
\Windows\System32\usp10.dll
\Windows\System32\imagehlp.dll
\Windows\System32\ws2_32.dll
\Windows\System32\kernel32.dll
\Windows\System32\lpk.dll
\Windows\System32\shell32.dll
\Windows\System32\msctf.dll
\Windows\System32\ole32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk6\DR6
Upper Device Object: 0xffffffff873a6030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000093\
Lower Device Object: 0xffffffff87cfb630
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xffffffff87cf1ac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000092\
Lower Device Object: 0xffffffff87ca4030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xffffffff87cf1030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000091\
Lower Device Object: 0xffffffff87c7eca8
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xffffffff87ca5030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000090\
Lower Device Object: 0xffffffff87c66ca8
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff87b726f0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000008e\
Lower Device Object: 0xffffffff87c2a030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff862418e0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T1L0-2\
Lower Device Object: 0xffffffff85d9c030
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86240150
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xffffffff85d9b030
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86240150, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86241020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86240150, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85d6a918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85d9b030, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B2D279F7

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 206848 Numsec = 1250052096
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 640133946880 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-206847-1250241615-1250261615)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff862418e0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff862415c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff862418e0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85d9e918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85d9c030, DeviceName: \Device\Ide\IdeDeviceP1T1L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9E1A0

Partition information:

Partition 0 type is Other (0x83)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 308385792

Partition 1 type is Extended with CSH (0x5)
Partition is NOT ACTIVE.
Partition starts at LBA: 308389886 Numsec = 4188162

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 160040803840 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xffffffff87b726f0, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87b723d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87b726f0, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87c2a030, DeviceName: \Device\0000008e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: CD096AE

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 2930272002

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1500301910016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff87ca5030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87ceb020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87ca5030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87c66ca8, DeviceName: \Device\00000090\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff87cf1030, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87cd64a8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87cf1030, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87c7eca8, DeviceName: \Device\00000091\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 512
Drive: 5, DevicePointer: 0xffffffff87cf1ac8, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87cf17a8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87cf1ac8, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87ca4030, DeviceName: \Device\00000092\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 5
Scanning MBR on drive 5...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0

Partition information:

Partition 0 type is Other (0x6)
Partition is ACTIVE.
Partition starts at LBA: 123 Numsec = 4095493
Partition file system is FAT
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 2097152000 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 6, DevicePointer: 0xffffffff873a6030, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff873a6d10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff873a6030, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87cfb630, DeviceName: \Device\00000093\, DriverName: \Driver\USBSTOR\
------------ End ----------
Infected: C:\Windows\AutoKMS.exe --> [Riskware.Keygen]
Infected: C:\Users\Public\Desktop\MP3 Downloader.lnk --> [Rogue.Link]
Infected: C:\Users\Digiart\AppData\Local\wsr17zt32.dll --> [Trojan.Agent]
Infected: C:\Windows\inf\ntvdm.inf --> [Malware.Trace]
Infected: C:\Users\Digiart\AppData\Local\QIP --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\netclient.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\netclient.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\openlibeay32.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\openssleay32.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\PTS55F.ttf --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\QIPShot.exe --> [Rogue.Multiple]
Infected: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|QipShot --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\QIPShot.exe --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\qsmenu.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\unins000.dat --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\unins000.exe --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\unins000.msg --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\WebWindow.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\hostings --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\hostings\SmotriCom.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\hostings\SmotriCom.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\hostings\social.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\hostings\social.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\Czech.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\Czech.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\English.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\French.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\German.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\Hebrew.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\Italian.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\Polish.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\Russian.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\Spanish.dll --> [Rogue.Multiple]
Infected: C:\Users\Digiart\AppData\Local\QIP\QIP Shot\Langs\Ukrainian.dll --> [Rogue.Multiple]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\COMSYSAPP|Type --> [Hijack.Comsysapp]
Scan finished
Creating System Restore point...
Cleaning up...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“