Prosím o kontrolu logu [hjt]

[Orcus]

Vypni Microsoft Security Essentials a znovu skript.

[Reklama]

[lucAss]

Zajímavý, i před tím jsem ho vypl..
Nicméně, tady:

ComboFix 14-05-29.01 - Lukáš 03.06.2014 16:44:32.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3998.1947 [GMT 2:00]
Spuštěný z: c:\users\LukßÜ\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-03 do 2014-06-03 )))))))))))))))))))))))))))))))
.
.
2014-06-03 14:48 . 2014-06-03 14:48 -------- d-----w- c:\users\Luk ç\AppData\Local\temp
2014-06-03 14:48 . 2014-06-03 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-01 16:01 . 2014-06-01 16:01 79064 ----a-w- c:\windows\system32\drivers\ehqwce.sys
2014-06-01 15:53 . 2014-06-01 15:53 -------- d-----w- c:\programdata\RogueKiller
2014-06-01 10:39 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-01 10:38 . 2014-06-01 15:36 -------- d-----w- C:\AdwCleaner
2014-05-29 18:49 . 2014-06-03 13:38 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-05-29 15:56 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-05-29 15:56 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-05-28 10:44 . 2014-05-28 10:44 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{668F55BC-F470-4415-A349-15EDD9352C4D}\gapaengine.dll
2014-05-28 10:41 . 2014-05-28 10:41 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-05-28 10:41 . 2014-05-28 10:41 -------- d-----w- c:\program files\Microsoft Security Client
2014-05-28 10:39 . 2014-06-01 15:44 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-28 10:39 . 2014-05-28 10:39 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-28 10:39 . 2014-05-28 10:39 -------- d-----w- c:\programdata\Malwarebytes
2014-05-28 10:39 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-28 10:39 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-28 10:39 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-28 10:33 . 2014-06-01 16:01 -------- d-----w- c:\programdata\2992199F9A
2014-05-23 04:43 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A37F1802-3B99-4B26-A68A-B9D2B3C10E4E}\mpengine.dll
2014-05-19 17:25 . 2014-05-19 17:25 -------- d-----w- c:\programdata\Samsung
2014-05-19 17:13 . 2014-05-19 17:13 -------- d-----w- c:\users\Lukáš\AppData\Roaming\QuickScan
2014-05-19 17:11 . 2014-05-19 17:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-05-19 17:10 . 2014-05-19 17:10 -------- d-----w- c:\users\Lukáš\.android
2014-05-19 17:10 . 2014-05-19 17:10 -------- d-----w- c:\users\Lukáš\AppData\Local\cache
2014-05-19 10:36 . 2014-05-19 10:36 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Macromedia
2014-05-19 10:36 . 2014-05-19 10:36 -------- d-----w- c:\users\Lukáš\AppData\Local\Macromedia
2014-05-19 10:34 . 2014-05-19 10:34 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-19 10:34 . 2014-05-19 10:34 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-19 10:34 . 2014-05-19 10:34 -------- d-----w- c:\windows\SysWow64\Macromed
2014-05-19 10:34 . 2014-05-19 10:34 -------- d-----w- c:\windows\system32\Macromed
2014-05-19 09:47 . 2014-05-19 09:48 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Mozilla
2014-05-19 09:47 . 2014-05-19 09:48 -------- d-----w- c:\users\Lukáš\AppData\Local\Mozilla
2014-05-16 18:41 . 2014-05-16 18:41 -------- d-----w- c:\users\Lukáš\AppData\Roaming\TeamViewer
2014-05-16 18:36 . 2014-05-16 18:36 -------- d-----w- c:\program files (x86)\TeamViewer
2014-05-16 12:59 . 2014-05-16 12:59 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Gyazo
2014-05-16 12:59 . 2014-05-16 14:59 -------- d-----w- c:\program files (x86)\Gyazo
2014-05-08 12:37 . 2014-05-08 12:37 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Mediatronic
2014-05-08 12:37 . 2014-05-08 12:37 -------- d-----w- c:\program files (x86)\MediaCoder
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-01 15:40 . 2014-04-27 15:59 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-05-03 11:46 . 2014-05-03 11:46 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-03 11:46 . 2014-05-03 11:47 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-03 11:46 . 2014-05-03 11:46 191400 ----a-w- c:\windows\system32\javaw.exe
2014-05-03 11:46 . 2014-05-03 11:46 190888 ----a-w- c:\windows\system32\java.exe
2014-04-30 18:29 . 2014-04-27 17:21 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2014-04-27 17:21 1225920 ----a-w- c:\windows\system32\nvspcap64.dll
2014-04-30 14:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-04-30 14:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-04-29 13:05 . 2014-04-29 13:05 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-29 13:05 . 2014-04-29 13:05 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-29 13:05 . 2014-04-29 13:05 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2014-04-29 13:05 . 2014-04-29 13:05 1806848 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-04-29 13:05 . 2014-04-29 13:05 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-29 13:05 . 2014-04-29 13:05 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-29 13:05 . 2014-04-29 13:05 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-29 13:05 . 2014-04-29 13:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-29 13:05 . 2014-04-29 13:05 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-29 13:05 . 2014-04-29 13:05 367104 ----a-w- c:\windows\SysWow64\html.iec
2014-04-29 13:05 . 2014-04-29 13:05 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-04-29 13:05 . 2014-04-29 13:05 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-04-29 13:05 . 2014-04-29 13:05 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-29 13:05 . 2014-04-29 13:05 421376 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-29 13:05 . 2014-04-29 13:05 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-29 13:05 . 2014-04-29 13:05 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-04-29 13:05 . 2014-04-29 13:05 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-04-29 13:05 . 2014-04-29 13:05 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-29 13:05 . 2014-04-29 13:05 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2014-04-29 13:05 . 2014-04-29 13:05 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-29 13:05 . 2014-04-29 13:05 222208 ----a-w- c:\windows\system32\msls31.dll
2014-04-29 13:05 . 2014-04-29 13:05 1347072 ----a-w- c:\windows\system32\urlmon.dll
2014-04-29 13:05 . 2014-04-29 13:05 1392128 ----a-w- c:\windows\system32\wininet.dll
2014-04-29 13:05 . 2014-04-29 13:05 85504 ----a-w- c:\windows\system32\jsproxy.dll
2014-04-29 13:05 . 2014-04-29 13:05 2147840 ----a-w- c:\windows\system32\iertutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 197120 ----a-w- c:\windows\system32\msrating.dll
2014-04-29 13:05 . 2014-04-29 13:05 17848832 ----a-w- c:\windows\system32\mshtml.dll
2014-04-29 13:05 . 2014-04-29 13:05 65024 ----a-w- c:\windows\system32\pngfilt.dll
2014-04-29 13:05 . 2014-04-29 13:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-29 13:05 . 2014-04-29 13:05 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2014-04-29 13:05 . 2014-04-29 13:05 149504 ----a-w- c:\windows\system32\occache.dll
2014-04-29 13:05 . 2014-04-29 13:05 12288 ----a-w- c:\windows\system32\mshta.exe
2014-04-29 13:05 . 2014-04-29 13:05 114176 ----a-w- c:\windows\system32\admparse.dll
2014-04-29 13:05 . 2014-04-29 13:05 267776 ----a-w- c:\windows\system32\ieaksie.dll
2014-04-29 13:05 . 2014-04-29 13:05 2334720 ----a-w- c:\windows\system32\jscript9.dll
2014-04-29 13:05 . 2014-04-29 13:05 163840 ----a-w- c:\windows\system32\ieakui.dll
2014-04-29 13:05 . 2014-04-29 13:05 816640 ----a-w- c:\windows\system32\jscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-29 13:05 . 2014-04-29 13:05 49664 ----a-w- c:\windows\system32\imgutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 145920 ----a-w- c:\windows\system32\iepeers.dll
2014-04-29 13:05 . 2014-04-29 13:05 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-04-29 13:05 . 2014-04-29 13:05 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-29 13:05 . 2014-04-29 13:05 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-29 13:05 . 2014-04-29 13:05 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-29 13:05 . 2014-04-29 13:05 248320 ----a-w- c:\windows\system32\ieui.dll
2014-04-29 13:05 . 2014-04-29 13:05 160256 ----a-w- c:\windows\system32\ieakeng.dll
2014-04-29 13:05 . 2014-04-29 13:05 111616 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-29 13:05 . 2014-04-29 13:05 10926592 ----a-w- c:\windows\system32\ieframe.dll
2014-04-29 13:05 . 2014-04-29 13:05 76800 ----a-w- c:\windows\system32\tdc.ocx
2014-04-29 13:05 . 2014-04-29 13:05 448512 ----a-w- c:\windows\system32\html.iec
2014-04-29 13:05 . 2014-04-29 13:05 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2014-04-29 13:05 . 2014-04-29 13:05 282112 ----a-w- c:\windows\system32\dxtrans.dll
2014-04-29 13:05 . 2014-04-29 13:05 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-29 13:05 . 2014-04-29 13:05 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2014-04-29 13:05 . 2014-04-29 13:05 85504 ----a-w- c:\windows\system32\iesetup.dll
2014-04-29 13:05 . 2014-04-29 13:05 82432 ----a-w- c:\windows\system32\icardie.dll
2014-04-29 13:05 . 2014-04-29 13:05 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2014-04-29 13:05 . 2014-04-29 13:05 39936 ----a-w- c:\windows\system32\iernonce.dll
2014-04-29 13:05 . 2014-04-29 13:05 237056 ----a-w- c:\windows\system32\url.dll
2014-04-29 13:05 . 2014-04-29 13:05 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-29 13:05 . 2014-04-29 13:05 96768 ----a-w- c:\windows\system32\mshtmled.dll
2014-04-29 13:05 . 2014-04-29 13:05 30720 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-29 13:05 . 2014-04-29 13:05 249344 ----a-w- c:\windows\system32\webcheck.dll
2014-04-29 13:05 . 2014-04-29 13:05 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2014-04-29 13:05 . 2014-04-29 13:05 103936 ----a-w- c:\windows\system32\inseng.dll
2014-04-29 13:05 . 2014-04-29 13:05 160256 ----a-w- c:\windows\system32\wextract.exe
2014-04-29 13:05 . 2014-04-29 13:05 729088 ----a-w- c:\windows\system32\msfeeds.dll
2014-04-29 13:05 . 2014-04-29 13:05 599040 ----a-w- c:\windows\system32\vbscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 165888 ----a-w- c:\windows\system32\iexpress.exe
2014-04-28 19:18 . 2014-04-28 19:18 180 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-04-27 17:14 . 2014-04-27 17:14 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-03-31 16:42 . 2014-04-27 17:20 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-03-31 01:51 . 2014-04-29 14:54 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-11 07:52 . 2014-03-11 07:52 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2014-05-08 2993376]
"icq"="c:\users\Lukáš\AppData\Roaming\ICQM\icq.exe" [2014-04-27 33664344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-03-17 224128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" [2014-05-12 54072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 jlxnjgsg;jlxnjgsg;c:\windows\system32\drivers\jlxnjgsg.sys;c:\windows\SYSNATIVE\drivers\jlxnjgsg.sys [x]
R1 nqduxgrc;nqduxgrc;c:\windows\system32\drivers\nqduxgrc.sys;c:\windows\SYSNATIVE\drivers\nqduxgrc.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ProtectMonitor;Protect Monitor;c:\program files\PCDApp\StartHelp.exe;c:\program files\PCDApp\StartHelp.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 rtcrfilt64;Realtek Turbo Mode Filter Driver;c:\windows\system32\DRIVERS\rtcrfilt64.sys;c:\windows\SYSNATIVE\DRIVERS\rtcrfilt64.sys [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 58393050
*NewlyCreated* - ASWMBR
*Deregistered* - 58393050
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-22 08:22 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-19 10:34]
.
2014-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27 15:57]
.
2014-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27 15:57]
.
2014-06-01 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 10:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-06-03 16:51:40
ComboFix-quarantined-files.txt 2014-06-03 14:51
ComboFix2.txt 2014-06-02 19:37
ComboFix3.txt 2014-06-02 14:23
.
Před spuštěním: Volných bajtů: 30 458 798 080
Po spuštění: Volných bajtů: 30 300 995 584
.
- - End Of File - - 3D5B97B017EC3659E046AE29BB174283
A36C5E4F47E84449FF07ED3517B43A31

[Orcus]

Ani tak se skript neprovedl. Tak ještě jeden pokus, ale v nouzovém režimu.

[Orcus]

Ani tak se skript neprovedl. Tak ještě jeden pokus, ale v nouzovém režimu.

[lucAss]

Já jsem nepochopil, jestli mám spustit tedy toto
ClearJavaCache::

KillAll::
Collect::
c:\windows\system32\drivers\ehqwce.sys
c:\windows\system32\drivers\jlxnjgsg.sys
c:\windows\system32\drivers\nqduxgrc.sys

File::
c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
jlxnjgsg
nqduxgrc
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

nebo jestli po mě chceš to aswmbr.

[Orcus]

Ten combofixovej, tjs. červený text.

[lucAss]

ComboFix 14-05-29.01 - Lukáš 04.06.2014 16:04:55.4.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3998.2452 [GMT 2:00]
Spuštěný z: c:\users\LukßÜ\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\LukßÜ\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-04 do 2014-06-04 )))))))))))))))))))))))))))))))
.
.
2014-06-04 14:08 . 2014-06-04 14:08 -------- d-----w- c:\users\Luk ç\AppData\Local\temp
2014-06-04 14:08 . 2014-06-04 14:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-01 16:01 . 2014-06-01 16:01 79064 ----a-w- c:\windows\system32\drivers\ehqwce.sys
2014-06-01 15:53 . 2014-06-01 15:53 -------- d-----w- c:\programdata\RogueKiller
2014-06-01 10:39 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-01 10:38 . 2014-06-01 15:36 -------- d-----w- C:\AdwCleaner
2014-05-29 18:49 . 2014-06-04 08:22 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-05-29 15:56 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-05-29 15:56 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-05-28 10:44 . 2014-05-28 10:44 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{668F55BC-F470-4415-A349-15EDD9352C4D}\gapaengine.dll
2014-05-28 10:41 . 2014-05-28 10:41 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-05-28 10:41 . 2014-05-28 10:41 -------- d-----w- c:\program files\Microsoft Security Client
2014-05-28 10:39 . 2014-06-01 15:44 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-28 10:39 . 2014-05-28 10:39 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-28 10:39 . 2014-05-28 10:39 -------- d-----w- c:\programdata\Malwarebytes
2014-05-28 10:39 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-28 10:39 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-28 10:39 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-28 10:33 . 2014-06-01 16:01 -------- d-----w- c:\programdata\2992199F9A
2014-05-23 04:43 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A37F1802-3B99-4B26-A68A-B9D2B3C10E4E}\mpengine.dll
2014-05-19 17:25 . 2014-05-19 17:25 -------- d-----w- c:\programdata\Samsung
2014-05-19 17:13 . 2014-05-19 17:13 -------- d-----w- c:\users\Lukáš\AppData\Roaming\QuickScan
2014-05-19 17:11 . 2014-05-19 17:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-05-19 17:10 . 2014-05-19 17:10 -------- d-----w- c:\users\Lukáš\.android
2014-05-19 17:10 . 2014-05-19 17:10 -------- d-----w- c:\users\Lukáš\AppData\Local\cache
2014-05-19 10:36 . 2014-05-19 10:36 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Macromedia
2014-05-19 10:36 . 2014-05-19 10:36 -------- d-----w- c:\users\Lukáš\AppData\Local\Macromedia
2014-05-19 10:34 . 2014-05-19 10:34 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-19 10:34 . 2014-05-19 10:34 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-19 10:34 . 2014-05-19 10:34 -------- d-----w- c:\windows\SysWow64\Macromed
2014-05-19 10:34 . 2014-05-19 10:34 -------- d-----w- c:\windows\system32\Macromed
2014-05-19 09:47 . 2014-05-19 09:48 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Mozilla
2014-05-19 09:47 . 2014-05-19 09:48 -------- d-----w- c:\users\Lukáš\AppData\Local\Mozilla
2014-05-16 18:41 . 2014-05-16 18:41 -------- d-----w- c:\users\Lukáš\AppData\Roaming\TeamViewer
2014-05-16 18:36 . 2014-05-16 18:36 -------- d-----w- c:\program files (x86)\TeamViewer
2014-05-16 12:59 . 2014-05-16 12:59 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Gyazo
2014-05-16 12:59 . 2014-05-16 14:59 -------- d-----w- c:\program files (x86)\Gyazo
2014-05-08 12:37 . 2014-05-08 12:37 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Mediatronic
2014-05-08 12:37 . 2014-05-08 12:37 -------- d-----w- c:\program files (x86)\MediaCoder
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-01 15:40 . 2014-04-27 15:59 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-05-03 11:46 . 2014-05-03 11:46 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-03 11:46 . 2014-05-03 11:47 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-03 11:46 . 2014-05-03 11:46 191400 ----a-w- c:\windows\system32\javaw.exe
2014-05-03 11:46 . 2014-05-03 11:46 190888 ----a-w- c:\windows\system32\java.exe
2014-04-30 18:29 . 2014-04-27 17:21 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2014-04-27 17:21 1225920 ----a-w- c:\windows\system32\nvspcap64.dll
2014-04-30 14:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-04-30 14:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-04-29 13:05 . 2014-04-29 13:05 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-29 13:05 . 2014-04-29 13:05 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-29 13:05 . 2014-04-29 13:05 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2014-04-29 13:05 . 2014-04-29 13:05 1806848 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-04-29 13:05 . 2014-04-29 13:05 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-29 13:05 . 2014-04-29 13:05 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-29 13:05 . 2014-04-29 13:05 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-29 13:05 . 2014-04-29 13:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-29 13:05 . 2014-04-29 13:05 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-29 13:05 . 2014-04-29 13:05 367104 ----a-w- c:\windows\SysWow64\html.iec
2014-04-29 13:05 . 2014-04-29 13:05 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-04-29 13:05 . 2014-04-29 13:05 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-04-29 13:05 . 2014-04-29 13:05 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-29 13:05 . 2014-04-29 13:05 421376 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-29 13:05 . 2014-04-29 13:05 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-29 13:05 . 2014-04-29 13:05 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-04-29 13:05 . 2014-04-29 13:05 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-04-29 13:05 . 2014-04-29 13:05 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-29 13:05 . 2014-04-29 13:05 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2014-04-29 13:05 . 2014-04-29 13:05 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-29 13:05 . 2014-04-29 13:05 222208 ----a-w- c:\windows\system32\msls31.dll
2014-04-29 13:05 . 2014-04-29 13:05 1347072 ----a-w- c:\windows\system32\urlmon.dll
2014-04-29 13:05 . 2014-04-29 13:05 1392128 ----a-w- c:\windows\system32\wininet.dll
2014-04-29 13:05 . 2014-04-29 13:05 85504 ----a-w- c:\windows\system32\jsproxy.dll
2014-04-29 13:05 . 2014-04-29 13:05 2147840 ----a-w- c:\windows\system32\iertutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 197120 ----a-w- c:\windows\system32\msrating.dll
2014-04-29 13:05 . 2014-04-29 13:05 17848832 ----a-w- c:\windows\system32\mshtml.dll
2014-04-29 13:05 . 2014-04-29 13:05 65024 ----a-w- c:\windows\system32\pngfilt.dll
2014-04-29 13:05 . 2014-04-29 13:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-29 13:05 . 2014-04-29 13:05 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2014-04-29 13:05 . 2014-04-29 13:05 149504 ----a-w- c:\windows\system32\occache.dll
2014-04-29 13:05 . 2014-04-29 13:05 12288 ----a-w- c:\windows\system32\mshta.exe
2014-04-29 13:05 . 2014-04-29 13:05 114176 ----a-w- c:\windows\system32\admparse.dll
2014-04-29 13:05 . 2014-04-29 13:05 267776 ----a-w- c:\windows\system32\ieaksie.dll
2014-04-29 13:05 . 2014-04-29 13:05 2334720 ----a-w- c:\windows\system32\jscript9.dll
2014-04-29 13:05 . 2014-04-29 13:05 163840 ----a-w- c:\windows\system32\ieakui.dll
2014-04-29 13:05 . 2014-04-29 13:05 816640 ----a-w- c:\windows\system32\jscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-29 13:05 . 2014-04-29 13:05 49664 ----a-w- c:\windows\system32\imgutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 145920 ----a-w- c:\windows\system32\iepeers.dll
2014-04-29 13:05 . 2014-04-29 13:05 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-04-29 13:05 . 2014-04-29 13:05 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-29 13:05 . 2014-04-29 13:05 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-29 13:05 . 2014-04-29 13:05 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-29 13:05 . 2014-04-29 13:05 248320 ----a-w- c:\windows\system32\ieui.dll
2014-04-29 13:05 . 2014-04-29 13:05 160256 ----a-w- c:\windows\system32\ieakeng.dll
2014-04-29 13:05 . 2014-04-29 13:05 111616 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-29 13:05 . 2014-04-29 13:05 10926592 ----a-w- c:\windows\system32\ieframe.dll
2014-04-29 13:05 . 2014-04-29 13:05 76800 ----a-w- c:\windows\system32\tdc.ocx
2014-04-29 13:05 . 2014-04-29 13:05 448512 ----a-w- c:\windows\system32\html.iec
2014-04-29 13:05 . 2014-04-29 13:05 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2014-04-29 13:05 . 2014-04-29 13:05 282112 ----a-w- c:\windows\system32\dxtrans.dll
2014-04-29 13:05 . 2014-04-29 13:05 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-29 13:05 . 2014-04-29 13:05 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2014-04-29 13:05 . 2014-04-29 13:05 85504 ----a-w- c:\windows\system32\iesetup.dll
2014-04-29 13:05 . 2014-04-29 13:05 82432 ----a-w- c:\windows\system32\icardie.dll
2014-04-29 13:05 . 2014-04-29 13:05 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2014-04-29 13:05 . 2014-04-29 13:05 39936 ----a-w- c:\windows\system32\iernonce.dll
2014-04-29 13:05 . 2014-04-29 13:05 237056 ----a-w- c:\windows\system32\url.dll
2014-04-29 13:05 . 2014-04-29 13:05 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-29 13:05 . 2014-04-29 13:05 96768 ----a-w- c:\windows\system32\mshtmled.dll
2014-04-29 13:05 . 2014-04-29 13:05 30720 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-29 13:05 . 2014-04-29 13:05 249344 ----a-w- c:\windows\system32\webcheck.dll
2014-04-29 13:05 . 2014-04-29 13:05 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2014-04-29 13:05 . 2014-04-29 13:05 103936 ----a-w- c:\windows\system32\inseng.dll
2014-04-29 13:05 . 2014-04-29 13:05 160256 ----a-w- c:\windows\system32\wextract.exe
2014-04-29 13:05 . 2014-04-29 13:05 729088 ----a-w- c:\windows\system32\msfeeds.dll
2014-04-29 13:05 . 2014-04-29 13:05 599040 ----a-w- c:\windows\system32\vbscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 165888 ----a-w- c:\windows\system32\iexpress.exe
2014-04-28 19:18 . 2014-04-28 19:18 180 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-04-27 17:14 . 2014-04-27 17:14 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-03-31 16:42 . 2014-04-27 17:20 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-03-31 01:51 . 2014-04-29 14:54 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-11 07:52 . 2014-03-11 07:52 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2014-05-08 2993376]
"icq"="c:\users\Lukáš\AppData\Roaming\ICQM\icq.exe" [2014-04-27 33664344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-03-17 224128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" [2014-05-12 54072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 jlxnjgsg;jlxnjgsg;c:\windows\system32\drivers\jlxnjgsg.sys;c:\windows\SYSNATIVE\drivers\jlxnjgsg.sys [x]
R1 nqduxgrc;nqduxgrc;c:\windows\system32\drivers\nqduxgrc.sys;c:\windows\SYSNATIVE\drivers\nqduxgrc.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ProtectMonitor;Protect Monitor;c:\program files\PCDApp\StartHelp.exe;c:\program files\PCDApp\StartHelp.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 rtcrfilt64;Realtek Turbo Mode Filter Driver;c:\windows\system32\DRIVERS\rtcrfilt64.sys;c:\windows\SYSNATIVE\DRIVERS\rtcrfilt64.sys [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 58393050
*NewlyCreated* - ASWMBR
*Deregistered* - 58393050
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-22 08:22 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-19 10:34]
.
2014-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27 15:57]
.
2014-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27 15:57]
.
2014-06-01 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 10:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-06-04 16:10:46
ComboFix-quarantined-files.txt 2014-06-04 14:10
ComboFix2.txt 2014-06-03 14:51
ComboFix3.txt 2014-06-02 19:37
ComboFix4.txt 2014-06-02 14:23
.
Před spuštěním: Volných bajtů: 29 627 977 728
Po spuštění: Volných bajtů: 29 560 340 480
.
- - End Of File - - 727110E951F6DBE8B9D4BB886816FB1C
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Spuštěný z: c:\users\LukßÜ\Downloads\ComboFix.exe

přesuň si ComboFix.exe na plochu!!!

Pak zkus znovu ten script v Combofixu , v nouz. režimu.

[lucAss]

Aha, omlouvám se. Ono se mi to stáhlo do stažených souborů a když jsem to dával na plochu, tak to jen vytvořilo zástupce.
Tady to je:
ComboFix 14-05-29.01 - Lukáš 05.06.2014 13:38:21.5.4 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3998.3024 [GMT 2:00]
Spuštěný z: c:\users\LukßÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LukßÜ\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-05 do 2014-06-05 )))))))))))))))))))))))))))))))
.
.
2014-06-05 11:43 . 2014-06-05 11:43 -------- d-----w- c:\users\Luk ç\AppData\Local\temp
2014-06-05 11:43 . 2014-06-05 11:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-05 09:03 . 2014-06-05 09:03 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-06-04 12:09 . 2014-04-30 14:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{84363DF9-8232-4D18-9D1A-D491B658BD55}\mpengine.dll
2014-06-03 13:45 . 2014-04-30 14:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-01 15:53 . 2014-06-01 15:53 -------- d-----w- c:\programdata\RogueKiller
2014-06-01 10:39 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-01 10:38 . 2014-06-01 15:36 -------- d-----w- C:\AdwCleaner
2014-05-29 15:56 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-05-29 15:56 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-05-28 10:44 . 2014-05-28 10:44 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{668F55BC-F470-4415-A349-15EDD9352C4D}\gapaengine.dll
2014-05-28 10:41 . 2014-05-28 10:41 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-05-28 10:41 . 2014-05-28 10:41 -------- d-----w- c:\program files\Microsoft Security Client
2014-05-28 10:39 . 2014-06-01 15:44 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-28 10:39 . 2014-05-28 10:39 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-28 10:39 . 2014-05-28 10:39 -------- d-----w- c:\programdata\Malwarebytes
2014-05-28 10:39 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-28 10:39 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-28 10:39 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-28 10:33 . 2014-06-01 16:01 -------- d-----w- c:\programdata\2992199F9A
2014-05-23 04:43 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A37F1802-3B99-4B26-A68A-B9D2B3C10E4E}\mpengine.dll
2014-05-19 17:25 . 2014-05-19 17:25 -------- d-----w- c:\programdata\Samsung
2014-05-19 17:13 . 2014-05-19 17:13 -------- d-----w- c:\users\Lukáš\AppData\Roaming\QuickScan
2014-05-19 17:11 . 2014-05-19 17:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-05-19 17:10 . 2014-05-19 17:10 -------- d-----w- c:\users\Lukáš\.android
2014-05-19 17:10 . 2014-05-19 17:10 -------- d-----w- c:\users\Lukáš\AppData\Local\cache
2014-05-19 10:36 . 2014-05-19 10:36 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Macromedia
2014-05-19 10:36 . 2014-05-19 10:36 -------- d-----w- c:\users\Lukáš\AppData\Local\Macromedia
2014-05-19 10:34 . 2014-05-19 10:34 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-19 10:34 . 2014-05-19 10:34 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-19 10:34 . 2014-05-19 10:34 -------- d-----w- c:\windows\SysWow64\Macromed
2014-05-19 10:34 . 2014-05-19 10:34 -------- d-----w- c:\windows\system32\Macromed
2014-05-19 09:47 . 2014-05-19 09:48 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Mozilla
2014-05-19 09:47 . 2014-05-19 09:48 -------- d-----w- c:\users\Lukáš\AppData\Local\Mozilla
2014-05-16 18:41 . 2014-05-16 18:41 -------- d-----w- c:\users\Lukáš\AppData\Roaming\TeamViewer
2014-05-16 18:36 . 2014-05-16 18:36 -------- d-----w- c:\program files (x86)\TeamViewer
2014-05-16 12:59 . 2014-05-16 12:59 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Gyazo
2014-05-16 12:59 . 2014-05-16 14:59 -------- d-----w- c:\program files (x86)\Gyazo
2014-05-08 12:37 . 2014-05-08 12:37 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Mediatronic
2014-05-08 12:37 . 2014-05-08 12:37 -------- d-----w- c:\program files (x86)\MediaCoder
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-01 15:40 . 2014-04-27 15:59 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-05-03 11:46 . 2014-05-03 11:46 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-03 11:46 . 2014-05-03 11:47 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-03 11:46 . 2014-05-03 11:46 191400 ----a-w- c:\windows\system32\javaw.exe
2014-05-03 11:46 . 2014-05-03 11:46 190888 ----a-w- c:\windows\system32\java.exe
2014-04-30 18:29 . 2014-04-27 17:21 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2014-04-27 17:21 1225920 ----a-w- c:\windows\system32\nvspcap64.dll
2014-04-30 14:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-04-30 14:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-04-29 13:05 . 2014-04-29 13:05 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-29 13:05 . 2014-04-29 13:05 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-29 13:05 . 2014-04-29 13:05 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2014-04-29 13:05 . 2014-04-29 13:05 1806848 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-04-29 13:05 . 2014-04-29 13:05 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-29 13:05 . 2014-04-29 13:05 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-29 13:05 . 2014-04-29 13:05 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-29 13:05 . 2014-04-29 13:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-29 13:05 . 2014-04-29 13:05 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-29 13:05 . 2014-04-29 13:05 367104 ----a-w- c:\windows\SysWow64\html.iec
2014-04-29 13:05 . 2014-04-29 13:05 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-04-29 13:05 . 2014-04-29 13:05 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-04-29 13:05 . 2014-04-29 13:05 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-29 13:05 . 2014-04-29 13:05 421376 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-29 13:05 . 2014-04-29 13:05 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-29 13:05 . 2014-04-29 13:05 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-04-29 13:05 . 2014-04-29 13:05 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-04-29 13:05 . 2014-04-29 13:05 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-29 13:05 . 2014-04-29 13:05 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2014-04-29 13:05 . 2014-04-29 13:05 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-29 13:05 . 2014-04-29 13:05 222208 ----a-w- c:\windows\system32\msls31.dll
2014-04-29 13:05 . 2014-04-29 13:05 1347072 ----a-w- c:\windows\system32\urlmon.dll
2014-04-29 13:05 . 2014-04-29 13:05 1392128 ----a-w- c:\windows\system32\wininet.dll
2014-04-29 13:05 . 2014-04-29 13:05 85504 ----a-w- c:\windows\system32\jsproxy.dll
2014-04-29 13:05 . 2014-04-29 13:05 2147840 ----a-w- c:\windows\system32\iertutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 197120 ----a-w- c:\windows\system32\msrating.dll
2014-04-29 13:05 . 2014-04-29 13:05 17848832 ----a-w- c:\windows\system32\mshtml.dll
2014-04-29 13:05 . 2014-04-29 13:05 65024 ----a-w- c:\windows\system32\pngfilt.dll
2014-04-29 13:05 . 2014-04-29 13:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-29 13:05 . 2014-04-29 13:05 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2014-04-29 13:05 . 2014-04-29 13:05 149504 ----a-w- c:\windows\system32\occache.dll
2014-04-29 13:05 . 2014-04-29 13:05 12288 ----a-w- c:\windows\system32\mshta.exe
2014-04-29 13:05 . 2014-04-29 13:05 114176 ----a-w- c:\windows\system32\admparse.dll
2014-04-29 13:05 . 2014-04-29 13:05 267776 ----a-w- c:\windows\system32\ieaksie.dll
2014-04-29 13:05 . 2014-04-29 13:05 2334720 ----a-w- c:\windows\system32\jscript9.dll
2014-04-29 13:05 . 2014-04-29 13:05 163840 ----a-w- c:\windows\system32\ieakui.dll
2014-04-29 13:05 . 2014-04-29 13:05 816640 ----a-w- c:\windows\system32\jscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-29 13:05 . 2014-04-29 13:05 49664 ----a-w- c:\windows\system32\imgutil.dll
2014-04-29 13:05 . 2014-04-29 13:05 145920 ----a-w- c:\windows\system32\iepeers.dll
2014-04-29 13:05 . 2014-04-29 13:05 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-04-29 13:05 . 2014-04-29 13:05 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-29 13:05 . 2014-04-29 13:05 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-29 13:05 . 2014-04-29 13:05 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-29 13:05 . 2014-04-29 13:05 248320 ----a-w- c:\windows\system32\ieui.dll
2014-04-29 13:05 . 2014-04-29 13:05 160256 ----a-w- c:\windows\system32\ieakeng.dll
2014-04-29 13:05 . 2014-04-29 13:05 111616 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-29 13:05 . 2014-04-29 13:05 10926592 ----a-w- c:\windows\system32\ieframe.dll
2014-04-29 13:05 . 2014-04-29 13:05 76800 ----a-w- c:\windows\system32\tdc.ocx
2014-04-29 13:05 . 2014-04-29 13:05 448512 ----a-w- c:\windows\system32\html.iec
2014-04-29 13:05 . 2014-04-29 13:05 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2014-04-29 13:05 . 2014-04-29 13:05 282112 ----a-w- c:\windows\system32\dxtrans.dll
2014-04-29 13:05 . 2014-04-29 13:05 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-29 13:05 . 2014-04-29 13:05 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2014-04-29 13:05 . 2014-04-29 13:05 85504 ----a-w- c:\windows\system32\iesetup.dll
2014-04-29 13:05 . 2014-04-29 13:05 82432 ----a-w- c:\windows\system32\icardie.dll
2014-04-29 13:05 . 2014-04-29 13:05 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2014-04-29 13:05 . 2014-04-29 13:05 39936 ----a-w- c:\windows\system32\iernonce.dll
2014-04-29 13:05 . 2014-04-29 13:05 237056 ----a-w- c:\windows\system32\url.dll
2014-04-29 13:05 . 2014-04-29 13:05 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-29 13:05 . 2014-04-29 13:05 96768 ----a-w- c:\windows\system32\mshtmled.dll
2014-04-29 13:05 . 2014-04-29 13:05 30720 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-29 13:05 . 2014-04-29 13:05 249344 ----a-w- c:\windows\system32\webcheck.dll
2014-04-29 13:05 . 2014-04-29 13:05 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2014-04-29 13:05 . 2014-04-29 13:05 103936 ----a-w- c:\windows\system32\inseng.dll
2014-04-29 13:05 . 2014-04-29 13:05 160256 ----a-w- c:\windows\system32\wextract.exe
2014-04-29 13:05 . 2014-04-29 13:05 729088 ----a-w- c:\windows\system32\msfeeds.dll
2014-04-29 13:05 . 2014-04-29 13:05 599040 ----a-w- c:\windows\system32\vbscript.dll
2014-04-29 13:05 . 2014-04-29 13:05 165888 ----a-w- c:\windows\system32\iexpress.exe
2014-04-28 19:18 . 2014-04-28 19:18 180 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-04-27 17:14 . 2014-04-27 17:14 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-03-31 16:42 . 2014-04-27 17:20 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-03-31 01:51 . 2014-04-29 14:54 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-11 07:52 . 2014-03-11 07:52 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2014-05-08 2993376]
"icq"="c:\users\Lukáš\AppData\Roaming\ICQM\icq.exe" [2014-04-27 33664344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-03-17 224128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" [2014-05-12 54072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 jlxnjgsg;jlxnjgsg;c:\windows\system32\drivers\jlxnjgsg.sys;c:\windows\SYSNATIVE\drivers\jlxnjgsg.sys [x]
R1 nqduxgrc;nqduxgrc;c:\windows\system32\drivers\nqduxgrc.sys;c:\windows\SYSNATIVE\drivers\nqduxgrc.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 ProtectMonitor;Protect Monitor;c:\program files\PCDApp\StartHelp.exe;c:\program files\PCDApp\StartHelp.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 rtcrfilt64;Realtek Turbo Mode Filter Driver;c:\windows\system32\DRIVERS\rtcrfilt64.sys;c:\windows\SYSNATIVE\DRIVERS\rtcrfilt64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-22 08:22 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-19 10:34]
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27 15:57]
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27 15:57]
.
2014-06-04 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 10:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-06-05 13:45:12
ComboFix-quarantined-files.txt 2014-06-05 11:45
ComboFix2.txt 2014-06-04 14:10
ComboFix3.txt 2014-06-03 14:51
ComboFix4.txt 2014-06-02 19:37
ComboFix5.txt 2014-06-05 11:37
.
Před spuštěním: Volných bajtů: 29 412 716 544
Po spuštění: Volných bajtů: 29 250 023 424
.
- - End Of File - - 7F485ACDEDB8E0B3B768C112EB32AA81
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Nemaže to.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[lucAss]

Už není procesor vytížený na 100%, ale sotva 10%! Díky moc, vážně respekt před Váma.
Tady ještě ty logy:

OTL Extras logfile created on: 6.6.2014 16:07:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lukáš\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,90 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 52,81% Memory free
7,81 Gb Paging File | 5,91 Gb Available in Paging File | 75,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 68,26 Gb Total Space | 29,72 Gb Free Space | 43,54% Space Free | Partition Type: NTFS
Drive D: | 397,40 Gb Total Space | 338,74 Gb Free Space | 85,24% Space Free | Partition Type: NTFS

Computer Name: LUKÁŠ-PC | User Name: Lukáš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D557639-1D44-4885-BA8C-97A218DE65AB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{199DFD8D-D7B9-4F56-A66E-49B5329C5415}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{1B739623-D7F5-49DB-A048-78510C53B8E4}" = rport=445 | protocol=6 | dir=out | app=system |
"{1F8C4131-E2F8-4113-B06E-0E053E817F9A}" = lport=139 | protocol=6 | dir=in | app=system |
"{225DB9B7-AFF4-43EA-B530-8E485798FAD0}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{33331195-EB44-474D-8A07-EC363E6A9B0C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{351F8B77-A3D9-45F7-9D3B-7786A653E198}" = lport=138 | protocol=17 | dir=in | app=system |
"{3FA55290-C58F-4ADD-9210-598A64FD506C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D87C9AA-064A-425A-9EAF-2F4C291A244C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57FFBE8E-5B11-4339-A8F2-817316153CED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{589F5D52-A538-4999-A357-26393EE2D04A}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5A3CBB64-0198-4ECC-9692-714386C9443F}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{611DEC40-EBBA-47A3-9C9F-B4E714769FB7}" = rport=138 | protocol=17 | dir=out | app=system |
"{7B420A51-93E4-4D61-B4D0-3ED8176FEB53}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B5657F0-A30A-4A27-ADAB-83FD9D1F7FB2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8CD100D3-BC33-49A9-896D-D0797E77DC5B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{937C9620-2E1D-444C-8642-F79D58A5209E}" = rport=139 | protocol=6 | dir=out | app=system |
"{A465B21A-F320-42A0-94E8-89BD51BA55D8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A75D72EA-ABA0-4C39-B2CC-DCE391723DA4}" = lport=445 | protocol=6 | dir=in | app=system |
"{B2E71F79-6EC2-4A28-B8F4-D34316277593}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C4397D56-8BDC-4E78-8825-C966745233C9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C5D1CE94-471E-485B-8D29-CA832EA3EF6C}" = rport=137 | protocol=17 | dir=out | app=system |
"{CE468E67-4E5B-46A3-981D-8881F67F0E68}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E0C5A279-B37B-4111-A9A2-B57EB034BC59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EC72EBAF-A176-48EA-BEE8-19979B361014}" = lport=137 | protocol=17 | dir=in | app=system |
"{F4A7DEDA-971B-4FF7-89F6-7CD6D55FB952}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F53B075C-9BB1-40BD-9AB0-21B35D38B623}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045ECFF6-6714-44C1-B21B-C07500D36F0F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{093D94C9-62A9-42B3-A538-3F08AD3F7857}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{0C06C2CD-5CCF-42A2-8703-6A8168458A8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{14401EB1-07CE-4097-8170-CB44E3A6B6CF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{18A69497-4001-4275-9330-1133F5231E8C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{20CDCEC8-82D0-427E-8023-F1C6EFA120CF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{22BFA0F4-EF0A-4298-971B-C0A00F4A3E3E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike source\hl2.exe |
"{2DD36370-C7C6-46E8-B27D-979B951E87C1}" = protocol=6 | dir=in | app=c:\program files\pcdapp\dgen.exe |
"{30891AD8-C3DA-4F72-ABEA-BD916AA504B5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\afterfall insanity\binaries\win32\insanity-win32-shipping.exe |
"{375EA0CD-52A4-4634-AA78-3C6239FDF7D4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{38019BAA-D524-460D-9816-3A5AEAF9AFD0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{4216E3A1-CFF0-438A-8A2C-E944AA8428BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D64DADD-9891-49D9-B856-361616413FD4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sam and max episode 4\sammax104.exe |
"{539C83BC-75F3-4067-9B05-E20706912A2A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54BFBC21-DBA2-40A9-916A-1C3FA64F3C96}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5709B57B-6B1A-4000-BF8C-14F4D004EC59}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\afterfall insanity\binaries\win32\insanity-win32-shipping.exe |
"{5A1AC08A-D90A-47B8-AA39-AD1163F2D4B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A89BDF4-320C-4775-BEAF-FC0ADF4D9FA0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{5D163FA8-C30E-4476-AAE3-2E66552AB1E9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike source\hl2.exe |
"{757EB035-4701-4B6C-80FC-E0B64C077BA0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7781EA80-8FFD-4499-A37E-D34103147F22}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sam and max episode 4\sammax104.exe |
"{82F51DA4-4EE5-4B94-B0DD-9798B4DD011D}" = protocol=6 | dir=in | app=c:\users\lukáš\appdata\roaming\bittorrent\bittorrent.exe |
"{8417F712-E2F4-43F4-A5C6-66E5176C49FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D82E4A6-1CD5-4684-B830-2C597396F22B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A37CD71F-2D9B-45A9-B196-9D3702F18998}" = protocol=58 | dir=in | app=system |
"{ABDF5151-6326-4DB5-9073-7E6DCFF7F059}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{AEF53C29-9472-4D44-A4F3-77523F541CB7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFEAD207-AE2E-4A34-A5AE-C2CD8A45FE2E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{B74F55D8-52CC-4716-B738-AD8C27DE1DDD}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |
"{C11D5667-FD3A-4511-9729-28C6B4778834}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{C2D4D651-74CE-4C6B-8CCA-A45834AAA497}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CB5AF653-B623-4D69-815C-4396C3BF16A2}" = protocol=17 | dir=in | app=c:\program files\pcdapp\dgen.exe |
"{CC128279-7609-4900-AB00-539FB3486CDB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFCBDEE8-C87F-47DC-839D-E9231AC8C3A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2539AD7-07B0-4EAE-8938-DA5A2F3F6977}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{DDD2C481-699B-4E30-B616-B8D508A224AF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E4777C0E-5F56-4B4F-8E66-42FF9EF8D13F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |
"{E976F6C0-1701-4E7E-8DA4-3742F5F58327}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC6105EC-C5D1-4066-BB6D-54E4B252BEB7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F5A7D3F7-ED7D-43CD-9050-EE6794D2EA68}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F5E8A6D3-A100-4A88-AAD0-28BB74916D56}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F98E6972-32AF-4F6F-B935-716C2C0AC871}" = protocol=6 | dir=out | app=system |
"{F9AD070A-E1DA-4416-A077-640D35076C7F}" = protocol=17 | dir=in | app=c:\users\lukáš\appdata\roaming\bittorrent\bittorrent.exe |
"{FCB93DA2-B2A4-4529-8E91-092A47319E63}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"TCP Query User{ABB99028-704B-47AB-AEB0-9D3E865E7426}C:\users\lukáš\appdata\roaming\icqm\icq.exe" = protocol=6 | dir=in | app=c:\users\lukáš\appdata\roaming\icqm\icq.exe |
"UDP Query User{856D395C-D764-4BF6-B4C8-4E4B197FC884}C:\users\lukáš\appdata\roaming\icqm\icq.exe" = protocol=17 | dir=in | app=c:\users\lukáš\appdata\roaming\icqm\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86418005FF}" = Java 8 Update 5 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0180050}" = Java SE Development Kit 8 Update 5 (64-bit)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Sublime Text 3_is1" = Sublime Text Build 3059

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 2.1
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{A5457401-D56A-43F2-9524-78E54A7FC07A}" = SlimDrivers
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"BitTorrent" = BitTorrent
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"HeavyLoad_is1" = HeavyLoad V3.2
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"MediaCoder" = MediaCoder 0.8.29.5600
"Steam" = Steam
"Steam App 1840" = Source Filmmaker
"Steam App 224420" = Afterfall InSanity Extended Edition
"Steam App 50130" = Mafia II
"Steam App 63380" = Sniper Elite V2
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 8230" = Sam & Max 104: Abe Lincoln Must Die!
"TeamViewer 9" = TeamViewer 9
"WinRAR archiver" = WinRAR 5.01 (32-bit)
"winscp3_is1" = WinSCP 5.5.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ICQ" = ICQ 8.2 (verze 6901)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.6.2014 10:03:15 | Computer Name = Lukáš-PC | Source = ESENT | ID = 455
Description = Windows (3976) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000B8.log
došlo k chybě -1811.

Error - 6.6.2014 10:03:15 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 6.6.2014 10:03:16 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 6.6.2014 10:03:16 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 6.6.2014 10:03:16 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 6.6.2014 10:03:16 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 6.6.2014 10:03:18 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 6.6.2014 10:03:18 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 6.6.2014 10:03:18 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 6.6.2014 10:03:18 | Computer Name = Lukáš-PC | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 6.6.2014 10:03:33 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 6.6.2014 10:03:33 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 6.6.2014 10:03:33 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 6.6.2014 10:03:33 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 6.6.2014 10:03:34 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 6.6.2014 10:03:34 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 6.6.2014 10:03:34 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 6.6.2014 10:03:34 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 6.6.2014 10:03:40 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 6.6.2014 10:03:40 | Computer Name = Lukáš-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053


< End of report >


OTL logfile created on: 6.6.2014 16:07:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lukáš\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,90 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 52,81% Memory free
7,81 Gb Paging File | 5,91 Gb Available in Paging File | 75,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 68,26 Gb Total Space | 29,72 Gb Free Space | 43,54% Space Free | Partition Type: NTFS
Drive D: | 397,40 Gb Total Space | 338,74 Gb Free Space | 85,24% Space Free | Partition Type: NTFS

Computer Name: LUKÁŠ-PC | User Name: Lukáš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Lukáš\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - D:\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Users\Lukáš\AppData\Roaming\ICQM\icq.exe (ICQ)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - D:\Steam\video.dll ()
MOD - D:\Steam\bin\chromehtml.dll ()
MOD - D:\Steam\SDL2.dll ()
MOD - D:\Steam\bin\libcef.dll ()
MOD - D:\Steam\libavcodec-55.dll ()
MOD - D:\Steam\libavutil-53.dll ()
MOD - D:\Steam\libavformat-55.dll ()
MOD - D:\Steam\libavresample-1.dll ()
MOD - D:\Steam\libswscale-2.dll ()
MOD - C:\Users\Lukáš\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - D:\Steam\bin\avcodec-53.dll ()
MOD - D:\Steam\bin\avformat-53.dll ()
MOD - D:\Steam\bin\avutil-51.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (igfxCUIService1.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\drivers\SWDUMon.sys ()
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (rtcrfilt64) -- C:\Windows\SysNative\drivers\rtcrfilt64.sys (Realtek Semiconductor Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)


[2014.05.19 11:48:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukáš\AppData\Roaming\Mozilla\Extensions
[2014.05.19 11:56:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\df85hwil.default\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Disk Google = C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledávánĂ­ Google = C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Peněženka Google = C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Lounge Companion (Dota 2 & CS:GO) = C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pokidbfaabncipciiigfhncfmgmdjdaj\3.5.5_0\

O1 HOSTS File: ([2014.06.05 13:43:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [icq] C:\Users\Lukáš\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

[lucAss]

O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{990DD070-4077-4E9A-A737-B8636CA4A798}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.06.06 16:05:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lukáš\Desktop\OTL.exe
[2014.06.06 15:50:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.06.06 15:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.06.06 10:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014.06.06 10:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014.06.05 15:27:08 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Local\CrashDumps
[2014.06.05 13:45:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.06.05 13:45:14 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.06.02 16:10:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.06.02 16:10:04 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.06.01 17:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014.06.01 12:39:56 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014.06.01 12:38:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.05.29 17:56:56 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.05.29 17:56:56 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.05.28 12:41:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2014.05.28 12:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014.05.28 12:39:39 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.28 12:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.05.28 12:39:27 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.05.28 12:39:27 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.05.28 12:39:27 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.05.28 12:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.05.28 12:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.05.28 12:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\2992199F9A
[2014.05.19 19:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2014.05.19 19:13:09 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Roaming\QuickScan
[2014.05.19 19:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014.05.19 19:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014.05.19 19:10:47 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\.android
[2014.05.19 19:10:46 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Local\cache
[2014.05.19 12:36:54 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Roaming\Macromedia
[2014.05.19 12:36:54 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Local\Macromedia
[2014.05.19 12:34:49 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.19 12:34:49 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.05.19 12:34:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014.05.19 12:34:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014.05.19 11:47:53 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Roaming\Mozilla
[2014.05.19 11:47:53 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Local\Mozilla
[2014.05.19 11:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.05.16 20:41:42 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Roaming\TeamViewer
[2014.05.16 20:36:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014.05.16 14:59:52 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Roaming\Gyazo
[2014.05.16 14:59:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
[2014.05.16 14:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gyazo
[2014.05.08 14:37:55 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
[2014.05.08 14:37:53 | 000,000,000 | ---D | C] -- C:\Users\Lukáš\AppData\Roaming\Mediatronic
[2014.05.08 14:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaCoder
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.06.06 16:10:44 | 000,000,550 | ---- | M] () -- C:\Users\Lukáš\Desktop\Fraps.lnk
[2014.06.06 16:10:31 | 000,000,666 | ---- | M] () -- C:\Users\Lukáš\Desktop\SA-MP.lnk
[2014.06.06 16:09:41 | 000,000,199 | ---- | M] () -- C:\Users\Lukáš\Desktop\Left 4 Dead 2.url
[2014.06.06 16:09:31 | 000,000,199 | ---- | M] () -- C:\Users\Lukáš\Desktop\Counter-Strike Source.url
[2014.06.06 16:09:28 | 000,000,198 | ---- | M] () -- C:\Users\Lukáš\Desktop\Counter-Strike.url
[2014.06.06 16:09:26 | 000,000,202 | ---- | M] () -- C:\Users\Lukáš\Desktop\Tank Operations European Campaign.url
[2014.06.06 16:09:23 | 000,000,201 | ---- | M] () -- C:\Users\Lukáš\Desktop\Sniper Elite V2.url
[2014.06.06 16:09:21 | 000,000,200 | ---- | M] () -- C:\Users\Lukáš\Desktop\Sam & Max 104 Abe Lincoln Must Die!.url
[2014.06.06 16:09:18 | 000,000,201 | ---- | M] () -- C:\Users\Lukáš\Desktop\Mafia II.url
[2014.06.06 16:09:15 | 000,000,202 | ---- | M] () -- C:\Users\Lukáš\Desktop\Afterfall InSanity Extended Edition.url
[2014.06.06 16:09:11 | 000,000,199 | ---- | M] () -- C:\Users\Lukáš\Desktop\Counter-Strike Global Offensive.url
[2014.06.06 16:07:22 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.06 16:07:22 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.06 16:05:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lukáš\Desktop\OTL.exe
[2014.06.06 16:03:07 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.06.06 16:02:47 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2014.06.06 16:02:30 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2014.06.06 16:02:29 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.06.06 16:02:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.06.06 16:01:54 | 3144,433,664 | -HS- | M] () -- C:\hiberfil.sys
[2014.06.06 15:50:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.06.06 15:48:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.06.05 15:39:53 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.06.05 15:39:53 | 000,666,444 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.06.05 15:39:53 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.06.05 15:39:53 | 000,140,108 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.06.05 15:39:53 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.06.05 13:43:34 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.06.04 21:09:53 | 000,000,600 | ---- | M] () -- C:\Users\Lukáš\AppData\Roaming\winscp.rnd
[2014.06.04 19:26:44 | 000,000,549 | ---- | M] () -- C:\Users\Lukáš\Desktop\BackSVK.sav
[2014.06.02 21:41:56 | 000,000,512 | ---- | M] () -- C:\Users\Lukáš\Desktop\MBR.dat
[2014.06.01 17:44:22 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.06.01 16:30:04 | 000,000,600 | ---- | M] () -- C:\Users\Lukáš\AppData\Local\PUTTY.RND
[2014.06.01 11:51:47 | 000,128,967 | ---- | M] () -- C:\Users\Lukáš\Desktop\IMG_01062014_115147.png
[2014.06.01 10:59:58 | 000,370,872 | ---- | M] () -- C:\Users\Lukáš\Desktop\IMG_01062014_105953.png
[2014.06.01 10:55:03 | 000,274,425 | ---- | M] () -- C:\Users\Lukáš\Desktop\IMG_01062014_105501.png
[2014.05.30 13:20:26 | 000,865,517 | ---- | M] () -- C:\Users\Lukáš\Desktop\IMG_30052014_132009.png
[2014.05.30 12:59:06 | 000,320,941 | ---- | M] () -- C:\Users\Lukáš\Desktop\IMG_30052014_125902.png
[2014.05.30 12:56:20 | 000,356,104 | ---- | M] () -- C:\Users\Lukáš\Desktop\Screen Shot 05-30-14 at 12.56 PM.PNG
[2014.05.30 12:09:54 | 000,528,958 | ---- | M] () -- C:\Users\Lukáš\Desktop\hodiny654123.png
[2014.05.30 12:07:34 | 000,532,797 | ---- | M] () -- C:\Users\Lukáš\Desktop\sa-mp-087.png
[2014.05.28 12:42:03 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014.05.28 12:39:31 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.05.27 20:42:36 | 000,000,008 | ---- | M] () -- C:\Users\Lukáš\Desktop\Wlk je buzerant.reg
[2014.05.26 19:30:03 | 000,000,538 | ---- | M] () -- C:\Users\Lukáš\Desktop\_[M]omo_[S]am_.sav
[2014.05.25 17:01:43 | 000,000,823 | ---- | M] () -- C:\Users\Lukáš\Desktop\Omsi – zástupce.lnk
[2014.05.21 11:17:01 | 000,278,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.05.19 19:24:17 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014.05.19 12:34:49 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.19 12:34:49 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.05.12 20:53:54 | 000,264,534 | ---- | M] () -- C:\Users\Lukáš\Documents\goo.xps
[2014.05.12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.05.12 07:26:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.05.12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.05.09 18:00:20 | 000,007,624 | ---- | M] () -- C:\Users\Lukáš\AppData\Local\Resmon.ResmonCfg
[2014.05.08 16:41:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.06.06 16:09:41 | 000,000,199 | ---- | C] () -- C:\Users\Lukáš\Desktop\Left 4 Dead 2.url
[2014.06.06 16:09:31 | 000,000,199 | ---- | C] () -- C:\Users\Lukáš\Desktop\Counter-Strike Source.url
[2014.06.06 16:09:28 | 000,000,198 | ---- | C] () -- C:\Users\Lukáš\Desktop\Counter-Strike.url
[2014.06.06 16:09:26 | 000,000,202 | ---- | C] () -- C:\Users\Lukáš\Desktop\Tank Operations European Campaign.url
[2014.06.06 16:09:23 | 000,000,201 | ---- | C] () -- C:\Users\Lukáš\Desktop\Sniper Elite V2.url
[2014.06.06 16:09:21 | 000,000,200 | ---- | C] () -- C:\Users\Lukáš\Desktop\Sam & Max 104 Abe Lincoln Must Die!.url
[2014.06.06 16:09:18 | 000,000,201 | ---- | C] () -- C:\Users\Lukáš\Desktop\Mafia II.url
[2014.06.06 16:09:15 | 000,000,202 | ---- | C] () -- C:\Users\Lukáš\Desktop\Afterfall InSanity Extended Edition.url
[2014.06.06 16:09:11 | 000,000,199 | ---- | C] () -- C:\Users\Lukáš\Desktop\Counter-Strike Global Offensive.url
[2014.06.06 15:50:46 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.06.04 19:26:44 | 000,000,549 | ---- | C] () -- C:\Users\Lukáš\Desktop\BackSVK.sav
[2014.06.02 21:41:56 | 000,000,512 | ---- | C] () -- C:\Users\Lukáš\Desktop\MBR.dat
[2014.06.01 11:51:46 | 000,128,967 | ---- | C] () -- C:\Users\Lukáš\Desktop\IMG_01062014_115147.png
[2014.06.01 10:59:57 | 000,370,872 | ---- | C] () -- C:\Users\Lukáš\Desktop\IMG_01062014_105953.png
[2014.06.01 10:55:01 | 000,274,425 | ---- | C] () -- C:\Users\Lukáš\Desktop\IMG_01062014_105501.png
[2014.05.30 13:22:24 | 000,000,600 | ---- | C] () -- C:\Users\Lukáš\AppData\Local\PUTTY.RND
[2014.05.30 13:20:24 | 000,865,517 | ---- | C] () -- C:\Users\Lukáš\Desktop\IMG_30052014_132009.png
[2014.05.30 12:59:04 | 000,320,941 | ---- | C] () -- C:\Users\Lukáš\Desktop\IMG_30052014_125902.png
[2014.05.30 12:56:09 | 000,356,104 | ---- | C] () -- C:\Users\Lukáš\Desktop\Screen Shot 05-30-14 at 12.56 PM.PNG
[2014.05.30 12:04:54 | 000,528,958 | ---- | C] () -- C:\Users\Lukáš\Desktop\hodiny654123.png
[2014.05.30 12:04:49 | 000,532,797 | ---- | C] () -- C:\Users\Lukáš\Desktop\sa-mp-087.png
[2014.05.28 12:42:03 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014.05.28 12:41:20 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014.05.28 12:39:31 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.05.27 20:42:36 | 000,000,008 | ---- | C] () -- C:\Users\Lukáš\Desktop\Wlk je buzerant.reg
[2014.05.26 19:30:03 | 000,000,538 | ---- | C] () -- C:\Users\Lukáš\Desktop\_[M]omo_[S]am_.sav
[2014.05.25 17:01:32 | 000,000,823 | ---- | C] () -- C:\Users\Lukáš\Desktop\Omsi – zástupce.lnk
[2014.05.25 14:22:28 | 000,839,824 | ---- | C] () -- C:\Users\Lukáš\Desktop\manual_cz README.pdf
[2014.05.19 19:24:17 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014.05.19 12:34:50 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.16 20:36:42 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014.05.12 20:53:52 | 000,264,534 | ---- | C] () -- C:\Users\Lukáš\Documents\goo.xps
[2014.05.09 18:00:20 | 000,007,624 | ---- | C] () -- C:\Users\Lukáš\AppData\Local\Resmon.ResmonCfg
[2014.05.08 16:41:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.05.03 14:38:28 | 000,000,469 | ---- | C] () -- C:\Users\Lukáš\newhtml.html
[2014.04.27 20:05:07 | 000,027,015 | ---- | C] () -- C:\Users\Lukáš\AppData\Roaming\phpdesigner.xml
[2014.04.27 19:06:51 | 001,555,048 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.04.27 18:25:02 | 000,068,608 | ---- | C] () -- C:\Windows\SysWow64\igfxexps32.dll
[2014.04.27 18:24:59 | 000,344,480 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014.04.27 18:24:58 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014.04.27 18:24:58 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014.04.27 17:52:56 | 000,000,600 | ---- | C] () -- C:\Users\Lukáš\AppData\Roaming\winscp.rnd
[2013.08.27 14:00:08 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.06.06 15:53:58 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\BitTorrent
[2014.05.16 14:59:52 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\Gyazo
[2014.04.27 20:03:18 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\ICQ-Profile
[2014.04.27 20:01:17 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\ICQM
[2014.04.28 21:37:16 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\JAM Software
[2014.05.04 14:06:57 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\Mael
[2014.05.08 14:37:53 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\Mediatronic
[2014.05.03 15:14:14 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\NetBeans
[2014.05.04 13:38:04 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\Notepad++
[2014.04.27 20:05:06 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\phpDesigner
[2014.05.19 19:13:09 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\QuickScan
[2014.05.04 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\Sublime Text 3
[2014.05.16 20:41:42 | 000,000,000 | ---D | M] -- C:\Users\Lukáš\AppData\Roaming\TeamViewer

========== Purity Check ==========



< End of report >