Svchost.exe

[MiranDAA]

Ahoj, už nevím jak dlouho, asi dva měsíce, mě zlobí známý problém svchost.exe...

dva měsíce proto, že jsem si toho všiml teprve nedavno.

Hledal jsem na webu, jak tenhle problém odstranit, ale nenašel jsem zde ani jinde nějaké účinné řešení, které by mi pomohlo.
Prosím někoho, aby mi pomohl (log dám, když řeknete, z jakého programu )

[Rudy]

Zdravím!
Zkusíme tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[MiranDAA]

Okey, vše hotovo podle postupu...
posílám log z FRST.txt :

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by PC (administrator) on MATEJPC on 03-08-2014 19:06:42
Running from C:\Users\PC\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicyUsers\S-1-5-21-341577661-741223618-1790885257-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {8EA3A062-53D5-4390-B932-7A4556CE439F} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {8EA3A062-53D5-4390-B932-7A4556CE439F} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.1.0\\npsitesafety.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: https://mysearch.avg.com?cid={4EAA0327- ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=hp
CHR StartupUrls: "https://mysearch.avg.com?cid={4EAA0327- ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=hp"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchURL: https://mysearch.avg.com/search?cid={4E ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-22]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-22]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-22]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-22]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-29]
CHR Extension: (Thassos island - Pefkari - Greece.) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg [2014-07-23]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-22]
CHR Extension: (My Chrome Theme) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-07-23]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S4 vToolbarUpdater3.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [1814040 2014-08-02] (AVG Secure Search)
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
S4 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S4 MBAMService; "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-08-02] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-18] (Disc Soft Ltd)
S3 L6UX2; C:\Windows\System32\Drivers\L6UX264.sys [772864 2013-07-11] (Line 6)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-02-23] (Duplex Secure Ltd.)
R4 AVGIDSHA; system32\DRIVERS\avgidsha.sys [X]
R4 Avgrkx64; system32\DRIVERS\avgrkx64.sys [X]
R4 Avgtdia; system32\DRIVERS\avgtdia.sys [X]
S3 clwvd6; system32\DRIVERS\clwvd6.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 19:06 - 2014-08-03 19:07 - 00012041 _____ () C:\Users\PC\Desktop\FRST.txt
2014-08-03 19:06 - 2014-08-03 19:06 - 00000000 ____D () C:\FRST
2014-08-03 19:03 - 2014-08-03 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2014-08-03 19:02 - 2014-08-03 19:02 - 02094080 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-08-03 17:47 - 2014-08-03 17:47 - 00000000 ____D () C:\Users\PC\Music\Documents\Blbosti
2014-08-03 17:46 - 2014-08-03 17:46 - 00003082 _____ () C:\Windows\System32\Tasks\{08CB14AB-B72E-4322-9061-8FB44C3F3652}
2014-08-02 18:37 - 2014-08-03 17:19 - 00006258 _____ () C:\Windows\PFRO.log
2014-08-02 18:37 - 2014-08-03 17:19 - 00000392 _____ () C:\Windows\setupact.log
2014-08-02 18:37 - 2014-08-02 18:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-02 18:36 - 2014-08-02 18:36 - 00000000 ____H () C:\asc_rdflag
2014-08-02 18:04 - 2014-03-06 23:53 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Users\PC\Downloads\procexp.exe
2014-08-02 18:04 - 2012-10-15 13:23 - 00072154 _____ () C:\Users\PC\Downloads\procexp.chm
2014-08-02 18:04 - 2006-07-28 08:32 - 00007005 _____ () C:\Users\PC\Desktop\Eula.txt
2014-08-02 17:24 - 2014-08-02 17:25 - 00000000 ____D () C:\Users\PC\AppData\Local\AVG Web TuneUp
2014-08-02 17:23 - 2014-08-03 17:42 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-08-02 17:23 - 2014-08-02 17:23 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-08-02 17:23 - 2014-08-02 17:23 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-02 17:08 - 2014-08-02 17:08 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-02 13:44 - 2014-08-02 13:44 - 00000000 ____D () C:\ProgramData\Age of Empires 3
2014-08-02 13:06 - 2014-08-02 13:06 - 00000000 ____D () C:\Users\PC\Music\Documents\My Games
2014-08-02 13:05 - 2014-08-02 13:05 - 00003028 _____ () C:\Windows\System32\Tasks\{D03235B8-FAB2-419C-9AEE-E5F6ECEA4115}
2014-08-02 12:58 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 12:58 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 12:58 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 12:58 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 12:58 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 12:58 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 12:58 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 12:58 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 12:58 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 12:58 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 12:58 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 12:58 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 12:58 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 12:58 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 19:34 - 2014-08-02 18:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 19:33 - 2014-08-01 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-01 19:33 - 2014-08-01 19:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 19:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 19:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 19:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 16:51 - 2014-08-01 16:51 - 00003254 _____ () C:\Windows\System32\Tasks\{A1647981-14A3-49A0-A8A7-6F0F9D4B15DE}
2014-08-01 16:39 - 2014-08-01 16:39 - 00003258 _____ () C:\Windows\System32\Tasks\{21FA602F-96C1-4752-9A60-C5ADB2FBF99C}
2014-07-31 10:43 - 2014-07-31 10:43 - 00002998 _____ () C:\Windows\System32\Tasks\{A91B8260-C1D8-441D-BD68-70E950A510D0}
2014-07-31 10:43 - 2014-07-31 10:43 - 00002998 _____ () C:\Windows\System32\Tasks\{4B6727E1-0E06-4036-8ADF-AC396861F7FF}
2014-07-31 10:40 - 2014-07-31 10:40 - 00002966 _____ () C:\Windows\System32\Tasks\{D0F9E4A6-7BE3-4D1C-B08D-B1B13CDC9290}
2014-07-31 10:40 - 2014-07-31 10:40 - 00002966 _____ () C:\Windows\System32\Tasks\{0BCAC6D1-2C06-48E2-8D32-ADE9604C4990}
2014-07-31 10:39 - 2014-07-31 10:39 - 00002966 _____ () C:\Windows\System32\Tasks\{E8658480-B8C5-4C6D-9FE3-A3489C14EA46}
2014-07-31 10:25 - 2014-07-31 10:25 - 00000000 ____D () C:\Users\PC\Music\Documents\FIFA 11
2014-07-31 10:21 - 2014-08-03 18:41 - 00299083 _____ () C:\Windows\WindowsUpdate.log
2014-07-30 22:16 - 2014-07-30 22:18 - 00000632 _____ () C:\Windows\system32\avgrep.txt
2014-07-29 21:15 - 2014-07-29 21:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\iSafe
2014-07-29 16:47 - 2014-07-29 16:47 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-07-28 19:17 - 2014-07-28 19:17 - 00000000 ____D () C:\Users\PC\Music\Documents\j_data
2014-07-24 15:09 - 2014-07-29 17:17 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Audacity
2014-07-24 15:09 - 2014-07-29 17:17 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-07-24 12:00 - 2014-07-24 12:00 - 00114696 _____ () C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-23 18:10 - 2014-07-23 18:10 - 00000000 ____D () C:\Users\PC\AppData\Roaming\AVG2014
2014-07-23 18:09 - 2014-08-03 17:44 - 00000000 ___HD () C:\$AVG
2014-07-23 18:09 - 2014-08-03 17:44 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-23 18:09 - 2014-07-23 18:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-07-23 18:06 - 2014-08-03 17:44 - 00000000 ____D () C:\Users\PC\AppData\Local\Avg2014
2014-07-22 21:42 - 2014-07-22 21:42 - 00715038 _____ () C:\Windows\unins000.exe
2014-07-22 21:42 - 2014-07-22 21:42 - 00001938 _____ () C:\Windows\unins000.dat
2014-07-22 21:42 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-07-22 20:29 - 2014-08-03 18:34 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 20:29 - 2014-08-03 17:28 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 20:29 - 2014-07-22 20:29 - 00003940 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-22 20:29 - 2014-07-22 20:29 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-22 20:29 - 2014-07-22 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-22 20:15 - 2014-07-22 20:19 - 00000000 ____D () C:\Users\PC\AppData\Local\Apple Computer
2014-07-22 20:14 - 2014-07-22 20:14 - 00000000 ____D () C:\Users\PC\AppData\Local\Apple
2014-07-22 20:14 - 2014-07-22 20:14 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-22 20:14 - 2014-07-22 20:14 - 00000000 ____D () C:\ProgramData\Apple
2014-07-22 18:53 - 2014-07-22 18:52 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-22 18:52 - 2014-07-22 18:52 - 00000000 ____D () C:\Program Files\Java
2014-07-22 16:50 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-22 16:50 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-21 09:55 - 2014-08-03 17:58 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.minecraft
2014-07-14 16:06 - 2014-07-14 16:06 - 00434864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 15:18 - 2014-08-03 17:45 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-14 11:02 - 2010-08-30 07:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-14 09:41 - 2014-07-14 09:41 - 00000557 _____ () C:\Windows\Tasks\RegCure Pro_sch_3EC5BF0F-0B2A-11E4-A55A-8AFB2337FAED.job
2014-07-14 09:41 - 2014-07-14 09:41 - 00000436 _____ () C:\Windows\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-07-13 19:22 - 2014-07-13 19:22 - 00000000 ____D () C:\Windows\system32\log
2014-07-13 19:22 - 2014-06-27 11:54 - 00044544 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-07-13 16:57 - 2014-07-13 16:57 - 00000000 _____ () C:\autoexec.bat
2014-07-13 16:56 - 2014-07-13 16:56 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-13 16:55 - 2014-07-13 18:40 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-07-13 16:35 - 2014-07-13 16:35 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-07-13 16:35 - 2014-07-13 16:35 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2014-07-13 16:35 - 2014-07-13 16:35 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2014-07-12 08:22 - 2014-08-03 17:45 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB2717C2-5405-41F5-B97C-0B6E9AACC562}
2014-07-12 06:51 - 2014-07-29 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2014-07-12 06:51 - 2014-07-29 17:18 - 00000000 ____D () C:\Program Files (x86)\RocketDock
2014-07-10 06:16 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 06:16 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 07:16 - 2014-07-09 07:16 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 07:16 - 2014-07-09 07:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 07:16 - 2014-07-09 07:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 07:15 - 2014-07-09 07:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 07:15 - 2014-07-09 07:15 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 07:15 - 2014-07-09 07:15 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 07:15 - 2014-07-09 07:15 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 07:14 - 2014-07-09 07:14 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 07:13 - 2014-07-09 07:13 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 07:13 - 2014-07-09 07:13 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 07:13 - 2014-07-09 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 07:11 - 2014-07-09 07:11 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 07:11 - 2014-07-09 07:11 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-06 07:59 - 2014-07-16 15:29 - 576734448 __RHC () C:\RAMDisk.img
2014-07-06 07:59 - 2014-07-16 14:15 - 576734448 __RHC () C:\RAMDisk.img.bak
2014-07-05 16:33 - 2014-07-22 22:08 - 00000000 ____D () C:\Program Files (x86)\RAMDisk
2014-07-05 16:33 - 2014-07-05 20:10 - 00000000 ____D () C:\Users\PC\AppData\Local\Dataram_Corporation

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 19:07 - 2014-08-03 19:06 - 00012041 _____ () C:\Users\PC\Desktop\FRST.txt
2014-08-03 19:06 - 2014-08-03 19:06 - 00000000 ____D () C:\FRST
2014-08-03 19:03 - 2014-08-03 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2014-08-03 19:02 - 2014-08-03 19:02 - 02094080 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-08-03 18:41 - 2014-07-31 10:21 - 00299083 _____ () C:\Windows\WindowsUpdate.log
2014-08-03 18:34 - 2014-07-22 20:29 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-03 18:13 - 2014-04-05 10:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-03 17:58 - 2014-07-21 09:55 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.minecraft
2014-08-03 17:57 - 2014-04-25 13:16 - 00007626 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2014-08-03 17:47 - 2014-08-03 17:47 - 00000000 ____D () C:\Users\PC\Music\Documents\Blbosti
2014-08-03 17:46 - 2014-08-03 17:46 - 00003082 _____ () C:\Windows\System32\Tasks\{08CB14AB-B72E-4322-9061-8FB44C3F3652}
2014-08-03 17:45 - 2014-07-14 15:18 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-08-03 17:45 - 2014-07-12 08:22 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB2717C2-5405-41F5-B97C-0B6E9AACC562}
2014-08-03 17:44 - 2014-07-23 18:09 - 00000000 ___HD () C:\$AVG
2014-08-03 17:44 - 2014-07-23 18:09 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-03 17:44 - 2014-07-23 18:06 - 00000000 ____D () C:\Users\PC\AppData\Local\Avg2014
2014-08-03 17:44 - 2014-02-13 16:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-03 17:42 - 2014-08-02 17:23 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-08-03 17:28 - 2014-07-22 20:29 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-03 17:26 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-03 17:26 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-03 17:19 - 2014-08-02 18:37 - 00006258 _____ () C:\Windows\PFRO.log
2014-08-03 17:19 - 2014-08-02 18:37 - 00000392 _____ () C:\Windows\setupact.log
2014-08-03 17:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-03 11:36 - 2014-02-20 20:22 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2014-08-03 10:59 - 2014-02-23 11:29 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Media Player Classic
2014-08-03 10:58 - 2014-03-03 17:07 - 00000000 ____D () C:\Dxtory
2014-08-02 19:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-02 18:39 - 2014-08-01 19:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-02 18:37 - 2014-08-02 18:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-02 18:36 - 2014-08-02 18:36 - 00000000 ____H () C:\asc_rdflag
2014-08-02 18:36 - 2014-02-13 18:40 - 69648384 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-08-02 18:36 - 2014-02-13 18:40 - 00278528 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-08-02 18:36 - 2014-02-13 18:40 - 00098304 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-08-02 18:36 - 2014-02-13 18:40 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-08-02 18:36 - 2014-02-11 11:07 - 00000000 ____D () C:\Users\PC
2014-08-02 17:40 - 2014-04-13 18:25 - 00000000 ___RD () C:\Users\PC\Hry
2014-08-02 17:39 - 2010-11-21 11:27 - 00668406 _____ () C:\Windows\system32\perfh005.dat
2014-08-02 17:39 - 2010-11-21 11:27 - 00141034 _____ () C:\Windows\system32\perfc005.dat
2014-08-02 17:39 - 2009-07-14 07:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-02 17:25 - 2014-08-02 17:24 - 00000000 ____D () C:\Users\PC\AppData\Local\AVG Web TuneUp
2014-08-02 17:23 - 2014-08-02 17:23 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-08-02 17:23 - 2014-08-02 17:23 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-02 17:23 - 2014-02-13 16:10 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-08-02 17:08 - 2014-08-02 17:08 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-02 13:44 - 2014-08-02 13:44 - 00000000 ____D () C:\ProgramData\Age of Empires 3
2014-08-02 13:41 - 2014-02-23 16:29 - 00000000 ____D () C:\Users\PC\Music\Documents\StudioDeltaLP
2014-08-02 13:37 - 2014-02-11 20:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-02 13:37 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-02 13:06 - 2014-08-02 13:06 - 00000000 ____D () C:\Users\PC\Music\Documents\My Games
2014-08-02 13:05 - 2014-08-02 13:05 - 00003028 _____ () C:\Windows\System32\Tasks\{D03235B8-FAB2-419C-9AEE-E5F6ECEA4115}
2014-08-02 13:05 - 2014-03-01 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-08-02 13:01 - 2014-03-01 11:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-08-02 12:56 - 2014-02-23 00:23 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2014-08-01 19:33 - 2014-08-01 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-01 19:33 - 2014-08-01 19:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 19:09 - 2014-02-11 21:42 - 00000000 ____D () C:\Users\Šimon
2014-08-01 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-01 16:51 - 2014-08-01 16:51 - 00003254 _____ () C:\Windows\System32\Tasks\{A1647981-14A3-49A0-A8A7-6F0F9D4B15DE}
2014-08-01 16:39 - 2014-08-01 16:39 - 00003258 _____ () C:\Windows\System32\Tasks\{21FA602F-96C1-4752-9A60-C5ADB2FBF99C}
2014-07-31 17:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-31 10:43 - 2014-07-31 10:43 - 00002998 _____ () C:\Windows\System32\Tasks\{A91B8260-C1D8-441D-BD68-70E950A510D0}
2014-07-31 10:43 - 2014-07-31 10:43 - 00002998 _____ () C:\Windows\System32\Tasks\{4B6727E1-0E06-4036-8ADF-AC396861F7FF}
2014-07-31 10:40 - 2014-07-31 10:40 - 00002966 _____ () C:\Windows\System32\Tasks\{D0F9E4A6-7BE3-4D1C-B08D-B1B13CDC9290}
2014-07-31 10:40 - 2014-07-31 10:40 - 00002966 _____ () C:\Windows\System32\Tasks\{0BCAC6D1-2C06-48E2-8D32-ADE9604C4990}
2014-07-31 10:39 - 2014-07-31 10:39 - 00002966 _____ () C:\Windows\System32\Tasks\{E8658480-B8C5-4C6D-9FE3-A3489C14EA46}
2014-07-31 10:25 - 2014-07-31 10:25 - 00000000 ____D () C:\Users\PC\Music\Documents\FIFA 11
2014-07-30 22:32 - 2014-02-20 20:35 - 00000000 ____D () C:\Users\PC\Music\Documents\Bandicam
2014-07-30 22:18 - 2014-07-30 22:16 - 00000632 _____ () C:\Windows\system32\avgrep.txt
2014-07-29 21:37 - 2014-07-12 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2014-07-29 21:37 - 2014-06-27 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-29 21:37 - 2014-06-20 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-29 21:15 - 2014-07-29 21:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\iSafe
2014-07-29 21:11 - 2014-02-11 20:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-29 18:03 - 2014-02-23 13:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-29 18:03 - 2014-02-23 13:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-29 17:30 - 2014-02-23 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-29 17:23 - 2014-02-23 11:33 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Winamp
2014-07-29 17:18 - 2014-07-12 06:51 - 00000000 ____D () C:\Program Files (x86)\RocketDock
2014-07-29 17:18 - 2014-03-09 20:36 - 00000000 ____D () C:\Users\PC\AppData\Local\Unity
2014-07-29 17:18 - 2014-02-28 18:18 - 00000000 ____D () C:\ProgramData\Line 6
2014-07-29 17:18 - 2014-02-20 20:35 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BANDISOFT
2014-07-29 17:18 - 2014-02-13 16:24 - 00000000 ____D () C:\Users\PC\AppData\Roaming\IObit
2014-07-29 17:18 - 2014-02-13 16:24 - 00000000 ____D () C:\ProgramData\IObit
2014-07-29 17:18 - 2014-02-11 20:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-29 17:18 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-29 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\IME
2014-07-29 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-29 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\IME
2014-07-29 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-07-29 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-29 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-07-29 17:17 - 2014-07-24 15:09 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Audacity
2014-07-29 17:17 - 2014-07-24 15:09 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-07-29 17:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Web
2014-07-29 17:08 - 2014-02-23 12:24 - 00000000 __RHD () C:\MSOCache
2014-07-29 16:47 - 2014-07-29 16:47 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-07-29 15:53 - 2014-02-13 20:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-28 19:17 - 2014-07-28 19:17 - 00000000 ____D () C:\Users\PC\Music\Documents\j_data
2014-07-24 12:00 - 2014-07-24 12:00 - 00114696 _____ () C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-23 18:10 - 2014-07-23 18:10 - 00000000 ____D () C:\Users\PC\AppData\Roaming\AVG2014
2014-07-23 18:09 - 2014-07-23 18:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-07-22 22:08 - 2014-07-05 16:33 - 00000000 ____D () C:\Program Files (x86)\RAMDisk
2014-07-22 21:42 - 2014-07-22 21:42 - 00715038 _____ () C:\Windows\unins000.exe
2014-07-22 21:42 - 2014-07-22 21:42 - 00001938 _____ () C:\Windows\unins000.dat
2014-07-22 20:29 - 2014-07-22 20:29 - 00003940 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-22 20:29 - 2014-07-22 20:29 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-22 20:29 - 2014-07-22 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-22 20:29 - 2014-02-13 15:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-22 20:29 - 2014-02-13 15:39 - 00000000 ____D () C:\Users\PC\AppData\Local\Deployment
2014-07-22 20:19 - 2014-07-22 20:15 - 00000000 ____D () C:\Users\PC\AppData\Local\Apple Computer
2014-07-22 20:14 - 2014-07-22 20:14 - 00000000 ____D () C:\Users\PC\AppData\Local\Apple
2014-07-22 20:14 - 2014-07-22 20:14 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-22 20:14 - 2014-07-22 20:14 - 00000000 ____D () C:\ProgramData\Apple
2014-07-22 18:52 - 2014-07-22 18:53 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-22 18:52 - 2014-07-22 18:52 - 00000000 ____D () C:\Program Files\Java
2014-07-17 10:21 - 2014-04-21 11:13 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-07-16 20:42 - 2014-02-23 12:06 - 00000000 ___RD () C:\Users\PC\Aplikace
2014-07-16 15:29 - 2014-07-06 07:59 - 576734448 __RHC () C:\RAMDisk.img
2014-07-16 14:15 - 2014-07-06 07:59 - 576734448 __RHC () C:\RAMDisk.img.bak
2014-07-16 12:20 - 2014-02-10 19:39 - 00000000 ____D () C:\Záloha
2014-07-14 21:26 - 2014-02-11 19:15 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-14 16:06 - 2014-07-14 16:06 - 00434864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 15:30 - 2014-06-11 15:49 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-14 15:20 - 2014-02-13 16:25 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-14 14:10 - 2014-06-28 21:14 - 00000000 ____D () C:\Users\PC\KRÉTA
2014-07-14 10:23 - 2014-06-06 17:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-14 10:23 - 2014-05-18 14:21 - 00000000 ____D () C:\Users\PC\AppData\Local\LogMeIn Hamachi
2014-07-14 10:23 - 2014-03-08 19:01 - 00000000 ____D () C:\Program Files (x86)\VIETCONG
2014-07-14 10:23 - 2014-02-23 11:28 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-07-14 10:23 - 2014-02-11 19:12 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-14 09:41 - 2014-07-14 09:41 - 00000557 _____ () C:\Windows\Tasks\RegCure Pro_sch_3EC5BF0F-0B2A-11E4-A55A-8AFB2337FAED.job
2014-07-14 09:41 - 2014-07-14 09:41 - 00000436 _____ () C:\Windows\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-07-13 19:38 - 2014-06-11 20:10 - 00000000 ____D () C:\Users\PC\AppData\Local\Razer
2014-07-13 19:38 - 2014-06-11 20:09 - 00000000 ____D () C:\ProgramData\Razer
2014-07-13 19:38 - 2014-06-11 20:09 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-07-13 19:22 - 2014-07-13 19:22 - 00000000 ____D () C:\Windows\system32\log
2014-07-13 19:03 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-07-13 18:47 - 2014-05-16 18:17 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-07-13 18:40 - 2014-07-13 16:55 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-07-13 16:57 - 2014-07-13 16:57 - 00000000 _____ () C:\autoexec.bat
2014-07-13 16:56 - 2014-07-13 16:56 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-13 16:35 - 2014-07-13 16:35 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-07-13 16:35 - 2014-07-13 16:35 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2014-07-13 16:35 - 2014-07-13 16:35 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2014-07-11 18:34 - 2010-11-21 11:38 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-07-10 06:30 - 2014-02-11 22:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 06:29 - 2014-04-23 17:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 06:28 - 2014-02-11 19:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 06:27 - 2014-04-05 10:01 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 06:27 - 2014-04-05 10:00 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 06:27 - 2014-04-05 10:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 06:25 - 2014-02-11 19:42 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 07:18 - 2010-11-21 11:38 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 07:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 07:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 07:16 - 2014-07-09 07:16 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 07:16 - 2014-07-09 07:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 07:16 - 2014-07-09 07:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 07:15 - 2014-07-09 07:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 07:15 - 2014-07-09 07:15 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 07:15 - 2014-07-09 07:15 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 07:15 - 2014-07-09 07:15 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 07:15 - 2014-07-09 07:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 07:15 - 2014-07-09 07:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 07:14 - 2014-07-09 07:14 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 07:13 - 2014-07-09 07:13 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 07:13 - 2014-07-09 07:13 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 07:13 - 2014-07-09 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 07:12 - 2014-07-09 07:12 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 07:11 - 2014-07-09 07:11 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 07:11 - 2014-07-09 07:11 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-05 20:10 - 2014-07-05 16:33 - 00000000 ____D () C:\Users\PC\AppData\Local\Dataram_Corporation
2014-07-04 09:17 - 2014-06-14 17:43 - 00007630 _____ () C:\Windows\system32\--traceoff
2014-07-04 09:17 - 2014-02-23 11:55 - 00000000 ____D () C:\ProgramData\Sony
2014-07-04 09:17 - 2014-02-23 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-30 17:10




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (DISK) (Fixed) (Total:421.81 GB) (Free:270.74 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.5 GB) NTFS

Available physical RAM: 2932.68 MB
Total physical RAM: 3958.85 MB
Percentage of memory in use: 25%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 31ACA89D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=422 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro_sch_3EC5BF0F-0B2A-11E4-A55A-8AFB2337FAED.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:AEBFFE08

==================== Security Center ==================

AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PC\Desktop" je 2 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
"C:\Users\PC\AppData\Local\Akamai\netsession_win.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnergyUtility
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Minecraft Tweaker Updater
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemProc
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Service6
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CPU.vbe
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPU.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ram.vbe
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ram.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RamCleaner.VBS
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RamCleaner.VBS [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicyUsers\S-1-5-21-341577661-741223618-1790885257-1001\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: https://mysearch.avg.com?cid={4EAA0327- ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=hp
CHR StartupUrls: "https://mysearch.avg.com?cid={4EAA0327- ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=hp"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchURL: https://mysearch.avg.com/search?cid={4E ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR Extension: (Thassos island - Pefkari - Greece.) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg [2014-07-23]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
AlternateDataStreams: C:\ProgramData\TEMP:AEBFFE08
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[MiranDAA]

Zdravím,
dobře, fix hotov, jen se chci zeptat, jestli je v pořádku, že se mi přitom restartoval komp ?

Vlog posílám... a taky se chci zeptat, jestli ještě nejsou nějaké způsoby, jak by se mohl můj komp pročistit či zrychlit ?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-08-2014
Ran by PC at 2014-08-03 20:03:49 Run:1
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-341577661-741223618-1790885257-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicyUsers\S-1-5-21-341577661-741223618-1790885257-1001\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: https://mysearch.avg.com?cid={4EAA0327- ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=hp
CHR StartupUrls: "https://mysearch.avg.com?cid={4EAA0327- ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=hp"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchURL: https://mysearch.avg.com/search?cid={4E ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR Extension: (Thassos island - Pefkari - Greece.) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg [2014-07-23]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
AlternateDataStreams: C:\ProgramData\TEMP:AEBFFE08
End
*****************

HKU\S-1-5-21-341577661-741223618-1790885257-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value deleted successfully.
HKU\S-1-5-21-341577661-741223618-1790885257-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value deleted successfully.
HKU\S-1-5-21-341577661-741223618-1790885257-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-341577661-741223618-1790885257-1001\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
CHR HomePage: https://mysearch.avg.com?cid={4EAA0327- ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=hp ==> The Chrome "Settings" can be used to fix the entry.
CHR StartupUrls: "https://mysearch.avg.com?cid={4EAA0327- ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=hp" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchKeyword: mysearch.avg.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: https://mysearch.avg.com/search?cid={4E ... 2014-08-02 17:23:50&v=3.1.0.6&pid=wtu&sg=&sap=dsp&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.

"C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg" directory move:

Could not move "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\Cached Theme.pak" => Scheduled to move on reboot.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\manifest.json => Moved successfully.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\_locales\sk\messages.json => Moved successfully.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\_locales\en\messages.json => Moved successfully.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\_locales\cs\messages.json => Moved successfully.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\images\theme_frame.png => Moved successfully.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\images\theme_ntp_background.png => Moved successfully.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\images\theme_tab_background.png => Moved successfully.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\images\theme_toolbar.png => Moved successfully.
Could not move "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg" directory. => Scheduled to move on reboot.

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP => Moved successfully.
C:\ProgramData\TEMP => ":AEBFFE08" ADS removed successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-08-03 20:05:59)<=

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg\1.6_0\Cached Theme.pak => Is moved successfully.
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbpajccondhkaknoobjilecepjkdkdg => Is moved successfully.

==== End of Fixlog ====

[Rudy]

Smazáno. Nastala nějaká změna?

[MiranDAA]

Mno nevím, ono to vždycky přeskakuje... teď je to jakž takž na normálu... napíšu zítra... je v logu ještě něco co bych měl zlikvidovat či upravit (mám slabší procák a chci hrát hry bez laggů, proto se ptám) ?

[Rudy]

Všechno, co bylo v logu a bylo zbytečné, či to byl AdWare, jsme odstranili. Jestli chcete hloubkový sken, dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[MiranDAA]

Momentálně nemůžu provést hloubkový sken... asi tak za čtrnáct dní se zase ozvu

[Rudy]

OK.

[MiranDAA]

Oukej, jsem zpět doma...

Jdu na ten ComboFix

[MiranDAA]

Hotovo, log posílám

ComboFix 14-08-15.01 - PC 17.08.2014 9:55.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.2789 [GMT 2:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-17 do 2014-08-17 )))))))))))))))))))))))))))))))
.
.
2014-08-15 09:47 . 2014-08-15 09:47 -------- d-----w- c:\users\PC\AppData\Local\Gameforge4d
2014-08-15 09:47 . 2014-08-15 11:49 -------- d-----w- c:\program files (x86)\GameforgeLive
2014-08-13 16:55 . 2014-08-13 16:55 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-13 16:55 . 2014-08-13 16:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-13 16:55 . 2014-08-13 16:55 -------- d-----w- c:\program files (x86)\Java
2014-08-13 16:55 . 2014-08-13 16:55 0 ----a-w- c:\windows\SysWow64\REN65B1.tmp
2014-08-13 16:55 . 2014-08-13 16:55 0 ----a-w- c:\windows\SysWow64\REN65A1.tmp
2014-08-11 13:08 . 2014-08-11 13:13 -------- d-----w- c:\program files (x86)\ChessBase
2014-08-09 12:48 . 2014-08-09 12:50 -------- d-----w- c:\users\PC\AppData\Roaming\Dropbox
2014-08-09 12:38 . 2014-08-09 12:38 -------- d-----w- c:\users\PC\AppData\Roaming\AVAST Software
2014-08-09 12:37 . 2014-08-09 12:36 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-09 12:37 . 2014-08-09 12:36 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-09 12:37 . 2014-08-09 12:38 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-09 12:37 . 2014-08-09 12:36 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-09 12:37 . 2014-08-09 12:36 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-09 12:37 . 2014-08-09 12:36 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-09 12:37 . 2014-08-09 12:36 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-09 12:37 . 2014-08-09 12:36 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-09 12:37 . 2014-08-09 12:36 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-09 12:36 . 2014-08-09 12:36 43152 ----a-w- c:\windows\avastSS.scr
2014-08-09 12:34 . 2014-08-09 12:34 -------- d-----w- c:\program files\AVAST Software
2014-08-08 12:47 . 2014-08-08 12:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-08-04 09:47 . 2014-08-04 09:47 -------- d-----w- c:\windows\cs
2014-08-04 09:46 . 2014-07-14 02:12 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{83CAD027-F6B9-4E5D-85B1-C07928FB6FA7}\mpengine.dll
2014-08-04 09:44 . 2014-08-04 09:46 -------- d-----w- c:\program files (x86)\Windows Live
2014-08-04 09:39 . 2014-08-14 06:52 -------- d-----w- c:\users\PC\AppData\Local\Windows Live
2014-08-04 09:39 . 2014-08-04 09:39 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2014-08-03 17:06 . 2014-08-03 18:05 -------- d-----w- C:\FRST
2014-08-02 15:24 . 2014-08-02 15:25 -------- d-----w- c:\users\PC\AppData\Local\AVG Web TuneUp
2014-08-02 15:23 . 2014-08-03 15:42 -------- d-----w- c:\programdata\AVG Security Toolbar
2014-08-02 15:23 . 2014-08-02 15:23 -------- d-----w- c:\programdata\AVG Secure Search
2014-08-02 15:23 . 2014-08-02 15:23 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2014-08-02 15:23 . 2014-08-02 15:23 -------- d-----w- c:\programdata\AVG Web TuneUp
2014-08-02 15:08 . 2014-08-02 15:08 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-08-02 11:44 . 2014-08-02 11:44 -------- d-----w- c:\programdata\Age of Empires 3
2014-08-02 11:37 . 2006-11-22 05:48 203576 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
2014-08-02 11:34 . 2014-08-02 11:37 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
2014-08-02 11:34 . 2008-02-16 01:39 33792 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\SetupENU2.dll
2014-08-02 10:58 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-01 17:34 . 2014-08-02 16:39 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-01 17:33 . 2014-08-01 17:33 -------- d-----w- c:\programdata\Malwarebytes
2014-08-01 17:33 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-01 17:33 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-01 17:33 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-29 19:15 . 2014-07-29 19:15 -------- d-----w- c:\users\PC\AppData\Roaming\iSafe
2014-07-29 14:47 . 2014-07-29 14:47 -------- d-----w- c:\programdata\IsolatedStorage
2014-07-27 20:03 . 2014-07-31 14:56 -------- d-----w- c:\users\PC\AppData\Local\ElevatedDiagnostics
2014-07-24 13:09 . 2014-08-14 13:42 -------- d-----w- c:\users\PC\AppData\Roaming\Audacity
2014-07-24 13:09 . 2014-08-14 13:37 -------- d-----w- c:\program files (x86)\Audacity
2014-07-22 19:42 . 2014-07-22 19:42 715038 ----a-w- c:\windows\unins000.exe
2014-07-22 19:42 . 2011-12-07 17:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2014-07-22 18:15 . 2014-07-22 18:19 -------- d-----w- c:\users\PC\AppData\Local\Apple Computer
2014-07-22 18:14 . 2014-07-22 18:14 -------- d-----w- c:\programdata\Apple Computer
2014-07-22 18:14 . 2014-07-22 18:14 -------- d-----w- c:\users\PC\AppData\Local\Apple
2014-07-22 18:14 . 2014-07-22 18:14 -------- d-----w- c:\programdata\Apple
2014-07-22 16:53 . 2014-07-22 16:52 319912 ----a-w- c:\windows\system32\javaws.exe
2014-07-22 16:52 . 2014-07-22 16:52 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-07-22 16:52 . 2014-07-22 16:52 189352 ----a-w- c:\windows\system32\javaw.exe
2014-07-22 16:52 . 2014-07-22 16:52 189352 ----a-w- c:\windows\system32\java.exe
2014-07-22 16:52 . 2014-07-22 16:52 -------- d-----w- c:\program files\Java
2014-07-22 14:50 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-07-22 14:50 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-07-21 07:55 . 2014-08-13 16:53 -------- d-----w- c:\users\PC\AppData\Roaming\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-17 08:04 . 2012-07-17 12:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-02 15:23 . 2014-02-13 14:10 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-07-23 08:52 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-13 14:35 . 2014-07-13 14:35 2 --shatr- c:\windows\winstart.bat
2014-07-10 04:27 . 2014-04-05 08:00 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 04:27 . 2014-04-05 08:00 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 04:25 . 2014-02-11 17:42 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 05:16 . 2014-07-09 05:16 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 05:16 . 2014-07-09 05:16 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 05:16 . 2014-07-09 05:16 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 05:15 . 2014-07-09 05:15 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-07-09 05:15 . 2014-07-09 05:15 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-07-09 05:15 . 2014-07-09 05:15 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-07-09 05:15 . 2014-07-09 05:15 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-07-09 05:15 . 2014-07-09 05:15 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-07-09 05:15 . 2014-07-09 05:15 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-07-09 05:15 . 2014-07-09 05:15 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-07-09 05:15 . 2014-07-09 05:15 62464 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-07-09 05:15 . 2014-07-09 05:15 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-07-09 05:15 . 2014-07-09 05:15 608768 ----a-w- c:\windows\system32\ie4uinit.exe
2014-07-09 05:15 . 2014-07-09 05:15 598016 ----a-w- c:\windows\system32\ieui.dll
2014-07-09 05:15 . 2014-07-09 05:15 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-07-09 05:15 . 2014-07-09 05:15 5721088 ----a-w- c:\windows\system32\jscript9.dll
2014-07-09 05:15 . 2014-07-09 05:15 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-07-09 05:15 . 2014-07-09 05:15 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-07-09 05:15 . 2014-07-09 05:15 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-07-09 05:15 . 2014-07-09 05:15 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-07-09 05:15 . 2014-07-09 05:15 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-07-09 05:15 . 2014-07-09 05:15 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2014-07-09 05:15 . 2014-07-09 05:15 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-07-09 05:15 . 2014-07-09 05:15 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-07-09 05:15 . 2014-07-09 05:15 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 05:15 . 2014-07-09 05:15 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-07-09 05:15 . 2014-07-09 05:15 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-09 05:15 . 2014-07-09 05:15 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-07-09 05:15 . 2014-07-09 05:15 2768384 ----a-w- c:\windows\system32\iertutil.dll
2014-07-09 05:15 . 2014-07-09 05:15 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-07-09 05:15 . 2014-07-09 05:15 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-07-09 05:15 . 2014-07-09 05:15 266424 ----a-w- c:\windows\system32\iedkcs32.dll
2014-07-09 05:15 . 2014-07-09 05:15 23464448 ----a-w- c:\windows\system32\mshtml.dll
2014-07-09 05:15 . 2014-07-09 05:15 2266112 ----a-w- c:\windows\system32\wininet.dll
2014-07-09 05:15 . 2014-07-09 05:15 2040832 ----a-w- c:\windows\system32\inetcpl.cpl
2014-07-09 05:15 . 2014-07-09 05:15 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-07-09 05:15 . 2014-07-09 05:15 195584 ----a-w- c:\windows\system32\msrating.dll
2014-07-09 05:15 . 2014-07-09 05:15 1791488 ----a-w- c:\windows\SysWow64\wininet.dll
2014-07-09 05:15 . 2014-07-09 05:15 1393664 ----a-w- c:\windows\system32\urlmon.dll
2014-07-09 05:15 . 2014-07-09 05:15 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-07-09 05:15 . 2014-07-09 05:15 13527040 ----a-w- c:\windows\system32\ieframe.dll
2014-07-09 05:15 . 2014-07-09 05:15 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-07-09 05:15 . 2014-07-09 05:15 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-07-09 05:15 . 2014-07-09 05:15 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-07-09 05:15 . 2014-07-09 05:15 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-07-09 05:14 . 2014-07-09 05:14 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 05:13 . 2014-07-09 05:13 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-09 05:13 . 2014-07-09 05:13 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 05:13 . 2014-07-09 05:13 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 05:12 . 2014-07-09 05:12 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-09 05:12 . 2014-07-09 05:12 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-07-09 05:12 . 2014-07-09 05:12 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-07-09 05:12 . 2014-07-09 05:12 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-07-09 05:12 . 2014-07-09 05:12 340992 ----a-w- c:\windows\system32\schannel.dll
2014-07-09 05:12 . 2014-07-09 05:12 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-09 05:12 . 2014-07-09 05:12 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-09 05:12 . 2014-07-09 05:12 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-07-09 05:12 . 2014-07-09 05:12 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-07-09 05:12 . 2014-07-09 05:12 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-07-09 05:12 . 2014-07-09 05:12 22016 ----a-w- c:\windows\system32\credssp.dll
2014-07-09 05:12 . 2014-07-09 05:12 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-07-09 05:12 . 2014-07-09 05:12 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-07-09 05:12 . 2014-07-09 05:12 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-07-09 05:11 . 2014-07-09 05:11 624128 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 05:11 . 2014-07-09 05:11 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-30 02:09 . 2014-07-10 04:16 519168 ----a-w- c:\windows\system32\aepdu.dll
2014-06-30 02:04 . 2014-07-10 04:16 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-27 19:25 . 2014-06-27 19:25 939224 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-06-27 19:25 . 2014-06-27 19:25 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-06-27 19:25 . 2011-06-10 05:34 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-06-27 19:14 . 2014-06-27 19:14 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-06-27 19:14 . 2014-06-27 19:14 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-06-27 19:14 . 2014-06-27 19:14 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2014-06-27 19:14 . 2014-06-27 19:14 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2014-06-27 19:14 . 2010-10-23 12:19 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-06-27 19:14 . 2014-06-27 19:14 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2014-06-27 19:14 . 2014-06-27 19:14 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-06-27 19:14 . 2014-06-27 19:14 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-06-27 19:14 . 2014-06-27 19:14 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-06-27 19:14 . 2014-06-27 19:14 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2014-06-27 19:14 . 2014-06-27 19:14 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-06-27 19:14 . 2014-06-27 19:14 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-06-27 19:14 . 2014-06-27 19:14 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
2014-06-27 19:14 . 2014-06-27 19:14 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-06-27 19:14 . 2014-06-27 19:14 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-06-27 19:14 . 2014-06-27 19:14 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-06-27 19:14 . 2014-06-27 19:14 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2014-06-27 19:14 . 2014-06-27 19:14 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-06-27 19:14 . 2014-06-27 19:14 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-06-27 19:14 . 2014-06-27 19:14 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-06-27 19:14 . 2014-06-27 19:14 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2014-06-27 19:14 . 2014-06-27 19:14 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-06-27 19:14 . 2014-06-27 19:14 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-09 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-06-16 224128]
"4StoryPrePatch"="c:\program files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe" [2014-04-24 327680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 clwvd6;CyberLink WebCam Virtual Driver 6.0 Service;c:\windows\system32\DRIVERS\clwvd6.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd6.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 vToolbarUpdater3.1.0;vToolbarUpdater3.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L6UX2;Service - Line 6 UX2;c:\windows\system32\Drivers\L6UX264.sys;c:\windows\SYSNATIVE\Drivers\L6UX264.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-16 06:43 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-05 04:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-09 12:36 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
Toolbar-10 - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:5d,7c,95,1d,e9,28,cf,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,cd,bb,a3,b0,cf,30,4b,85,0c,f5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,cd,bb,a3,b0,cf,30,4b,85,0c,f5,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2014-08-17 10:10:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-17 08:10
.
Před spuštěním: Volných bajtů: 281 261 498 368
Po spuštění: Volných bajtů: 282 716 278 784
.
- - End Of File - - D380CF97250A241B371DE26DC5001F79
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\SysWow64\REN65B1.tmp
c:\windows\SysWow64\REN65A1.tmp

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nyd ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[MiranDAA]

Okey, sken dokončen. Posílám log a chci se zeptat, jestli je problém, že jsem ten předešlý combofix omylem smazal, stáhl znovu a otevřel? Mělo by to být v pořádku, vše proběhlo správně

ComboFix 14-08-06.01 - PC 20.08.2014 21:22:47.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.2535 [GMT 2:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWow64\REN65A1.tmp"
"c:\windows\SysWow64\REN65B1.tmp"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-20 do 2014-08-20 )))))))))))))))))))))))))))))))
.
.
2014-08-20 19:30 . 2014-08-20 19:30 -------- d-----w- c:\users\Šimon\AppData\Local\temp
2014-08-20 19:30 . 2014-08-20 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-20 18:54 . 2014-08-07 08:59 11319200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BC7677B-9A3F-4B40-A4C2-1F33296624A8}\mpengine.dll
2014-08-17 11:02 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-17 11:02 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-17 11:02 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-17 11:02 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-17 11:02 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-17 11:02 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-17 11:01 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-17 11:01 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-17 08:22 . 2014-06-25 02:05 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-08-17 08:20 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-17 08:20 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-17 08:20 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-17 08:20 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-15 09:47 . 2014-08-15 09:47 -------- d-----w- c:\users\PC\AppData\Local\Gameforge4d
2014-08-15 09:47 . 2014-08-15 11:49 -------- d-----w- c:\program files (x86)\GameforgeLive
2014-08-13 16:55 . 2014-08-13 16:55 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-13 16:55 . 2014-08-13 16:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-13 16:55 . 2014-08-13 16:55 -------- d-----w- c:\program files (x86)\Java
2014-08-13 16:55 . 2014-08-13 16:55 0 ----a-w- c:\windows\SysWow64\REN65B1.tmp
2014-08-13 16:55 . 2014-08-13 16:55 0 ----a-w- c:\windows\SysWow64\REN65A1.tmp
2014-08-11 13:08 . 2014-08-11 13:13 -------- d-----w- c:\program files (x86)\ChessBase
2014-08-09 12:48 . 2014-08-09 12:50 -------- d-----w- c:\users\PC\AppData\Roaming\Dropbox
2014-08-09 12:38 . 2014-08-09 12:38 -------- d-----w- c:\users\PC\AppData\Roaming\AVAST Software
2014-08-09 12:37 . 2014-08-09 12:36 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-09 12:37 . 2014-08-09 12:36 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-09 12:37 . 2014-08-09 12:38 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-09 12:37 . 2014-08-09 12:36 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-09 12:37 . 2014-08-09 12:36 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-09 12:37 . 2014-08-09 12:36 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-09 12:37 . 2014-08-09 12:36 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-09 12:37 . 2014-08-09 12:36 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-09 12:37 . 2014-08-09 12:36 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-09 12:36 . 2014-08-09 12:36 43152 ----a-w- c:\windows\avastSS.scr
2014-08-09 12:34 . 2014-08-09 12:34 -------- d-----w- c:\program files\AVAST Software
2014-08-08 12:47 . 2014-08-08 12:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-08-04 09:47 . 2014-08-04 09:47 -------- d-----w- c:\windows\cs
2014-08-04 09:44 . 2014-08-04 09:46 -------- d-----w- c:\program files (x86)\Windows Live
2014-08-04 09:39 . 2014-08-14 06:52 -------- d-----w- c:\users\PC\AppData\Local\Windows Live
2014-08-04 09:39 . 2014-08-04 09:39 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2014-08-03 17:06 . 2014-08-03 18:05 -------- d-----w- C:\FRST
2014-08-02 15:24 . 2014-08-02 15:25 -------- d-----w- c:\users\PC\AppData\Local\AVG Web TuneUp
2014-08-02 15:23 . 2014-08-03 15:42 -------- d-----w- c:\programdata\AVG Security Toolbar
2014-08-02 15:23 . 2014-08-02 15:23 -------- d-----w- c:\programdata\AVG Secure Search
2014-08-02 15:23 . 2014-08-02 15:23 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2014-08-02 15:23 . 2014-08-02 15:23 -------- d-----w- c:\programdata\AVG Web TuneUp
2014-08-02 15:08 . 2014-08-02 15:08 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-08-02 11:44 . 2014-08-02 11:44 -------- d-----w- c:\programdata\Age of Empires 3
2014-08-02 11:37 . 2006-11-22 05:48 203576 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
2014-08-02 11:34 . 2014-08-02 11:37 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
2014-08-02 11:34 . 2008-02-16 01:39 33792 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\SetupENU2.dll
2014-08-02 10:58 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-01 17:34 . 2014-08-02 16:39 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-01 17:33 . 2014-08-01 17:33 -------- d-----w- c:\programdata\Malwarebytes
2014-08-01 17:33 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-01 17:33 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-01 17:33 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-29 19:15 . 2014-07-29 19:15 -------- d-----w- c:\users\PC\AppData\Roaming\iSafe
2014-07-29 14:47 . 2014-07-29 14:47 -------- d-----w- c:\programdata\IsolatedStorage
2014-07-27 20:03 . 2014-07-31 14:56 -------- d-----w- c:\users\PC\AppData\Local\ElevatedDiagnostics
2014-07-24 13:09 . 2014-08-14 13:42 -------- d-----w- c:\users\PC\AppData\Roaming\Audacity
2014-07-24 13:09 . 2014-08-14 13:37 -------- d-----w- c:\program files (x86)\Audacity
2014-07-22 19:42 . 2014-07-22 19:42 715038 ----a-w- c:\windows\unins000.exe
2014-07-22 19:42 . 2011-12-07 17:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2014-07-22 18:15 . 2014-07-22 18:19 -------- d-----w- c:\users\PC\AppData\Local\Apple Computer
2014-07-22 18:14 . 2014-07-22 18:14 -------- d-----w- c:\programdata\Apple Computer
2014-07-22 18:14 . 2014-07-22 18:14 -------- d-----w- c:\users\PC\AppData\Local\Apple
2014-07-22 18:14 . 2014-07-22 18:14 -------- d-----w- c:\programdata\Apple
2014-07-22 16:53 . 2014-07-22 16:52 319912 ----a-w- c:\windows\system32\javaws.exe
2014-07-22 16:52 . 2014-07-22 16:52 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-07-22 16:52 . 2014-07-22 16:52 189352 ----a-w- c:\windows\system32\javaw.exe
2014-07-22 16:52 . 2014-07-22 16:52 189352 ----a-w- c:\windows\system32\java.exe
2014-07-22 16:52 . 2014-07-22 16:52 -------- d-----w- c:\program files\Java
2014-07-22 14:50 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-07-22 14:50 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-17 08:04 . 2012-07-17 12:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-08-02 15:23 . 2014-02-13 14:10 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-07-13 14:35 . 2014-07-13 14:35 2 --shatr- c:\windows\winstart.bat
2014-07-10 04:27 . 2014-04-05 08:00 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 04:27 . 2014-04-05 08:00 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 04:25 . 2014-02-11 17:42 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 05:16 . 2014-07-09 05:16 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 05:16 . 2014-07-09 05:16 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 05:16 . 2014-07-09 05:16 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 05:14 . 2014-07-09 05:14 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 05:13 . 2014-07-09 05:13 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-09 05:13 . 2014-07-09 05:13 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 05:13 . 2014-07-09 05:13 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 05:12 . 2014-07-09 05:12 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-09 05:12 . 2014-07-09 05:12 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-07-09 05:12 . 2014-07-09 05:12 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-07-09 05:12 . 2014-07-09 05:12 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-07-09 05:12 . 2014-07-09 05:12 340992 ----a-w- c:\windows\system32\schannel.dll
2014-07-09 05:12 . 2014-07-09 05:12 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-09 05:12 . 2014-07-09 05:12 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-09 05:12 . 2014-07-09 05:12 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-07-09 05:12 . 2014-07-09 05:12 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-07-09 05:12 . 2014-07-09 05:12 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-07-09 05:12 . 2014-07-09 05:12 22016 ----a-w- c:\windows\system32\credssp.dll
2014-07-09 05:12 . 2014-07-09 05:12 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-07-09 05:12 . 2014-07-09 05:12 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-07-09 05:12 . 2014-07-09 05:12 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-07-09 05:11 . 2014-07-09 05:11 624128 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 05:11 . 2014-07-09 05:11 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-27 19:25 . 2014-06-27 19:25 939224 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-06-27 19:25 . 2014-06-27 19:25 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-06-27 19:25 . 2011-06-10 05:34 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-06-27 19:14 . 2014-06-27 19:14 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-06-27 19:14 . 2014-06-27 19:14 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-06-27 19:14 . 2014-06-27 19:14 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2014-06-27 19:14 . 2014-06-27 19:14 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2014-06-27 19:14 . 2010-10-23 12:19 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-06-27 19:14 . 2014-06-27 19:14 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2014-06-27 19:14 . 2014-06-27 19:14 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-06-27 19:14 . 2014-06-27 19:14 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-06-27 19:14 . 2014-06-27 19:14 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-06-27 19:14 . 2014-06-27 19:14 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2014-06-27 19:14 . 2014-06-27 19:14 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-06-27 19:14 . 2014-06-27 19:14 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-06-27 19:14 . 2014-06-27 19:14 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
2014-06-27 19:14 . 2014-06-27 19:14 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-06-27 19:14 . 2014-06-27 19:14 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-06-27 19:14 . 2014-06-27 19:14 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-06-27 19:14 . 2014-06-27 19:14 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2014-06-27 19:14 . 2014-06-27 19:14 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-06-27 19:14 . 2014-06-27 19:14 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-06-27 19:14 . 2014-06-27 19:14 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-06-27 19:14 . 2014-06-27 19:14 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2014-06-27 19:14 . 2014-06-27 19:14 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-06-27 19:14 . 2014-06-27 19:14 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-06-27 19:14 . 2014-06-27 19:14 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-06-27 19:14 . 2014-03-28 12:45 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-06-27 09:54 . 2014-07-13 17:22 44544 ----a-w- c:\windows\system32\drivers\iSafeKrnlBoot.sys
2014-06-18 17:46 . 2014-06-18 17:46 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-06-06 10:47 . 2014-06-06 10:47 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-06-04 13:17 . 2014-02-13 17:51 128288 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-09 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 clwvd6;CyberLink WebCam Virtual Driver 6.0 Service;c:\windows\system32\DRIVERS\clwvd6.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd6.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 L6UX2;Service - Line 6 UX2;c:\windows\system32\Drivers\L6UX264.sys;c:\windows\SYSNATIVE\Drivers\L6UX264.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 vToolbarUpdater3.1.0;vToolbarUpdater3.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-16 06:43 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-05 04:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-09 12:36 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2014-08-20 21:37:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-20 19:37
ComboFix2.txt 2014-08-17 08:10
.
Před spuštěním: Volných bajtů: 282 338 996 224
Po spuštění: Volných bajtů: 282 277 933 056
.
- - End Of File - - 9966538210B3D2BAD5A1A72CAB96353E
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Smazáno. Nastala nějaká změna?