Logfile of random's system information tool 1.10 (written by random/random)
Run by jointsmouka at 2015-02-24 15:38:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 36 GB (23%) free of 154 GB
Total RAM: 4094 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:39:36, on 24.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe
C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe
C:\Windows\SysWOW64\WScript.exe
C:\Windows\SysWOW64\WScript.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\inf\mnccdgjd\mnccdgjd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\jointsmouka.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\jointsmouka\AppData\Roaming\Microsoft\Network\inet32f.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 94.242.254.156 www.google-analytics.com.
O1 - Hosts: 94.242.254.156 google-analytics.com.
O1 - Hosts: 94.242.254.156 connect.facebook.net.
O1 - Hosts: 85.25.107.101 www.google-analytics.com.
O1 - Hosts: 85.25.107.101 google-analytics.com.
O1 - Hosts: 85.25.107.101 connect.facebook.net.
O1 - Hosts: 85.25.79.99 www.google-analytics.com.
O1 - Hosts: 85.25.79.99 google-analytics.com.
O1 - Hosts: 85.25.79.99 connect.facebook.net.
O2 - BHO: shoppia - {70ba1ce1-4478-4bf6-8028-a91b017bd1c2} - C:\ProgramData\shoppia\8KCVB5cQdItgNM.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mnccdgjdSrv] C:\Windows\inf\mnccdgjd.vbe
O4 - HKLM\..\Run: [msphtovSrv] "C:\Windows\system32\msphtov.vbe" mskpko msstnj
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Ciidifamo] C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CloudSystemBooster] "D:\INSTALL\CSB\Cloud System Booster\CloudSystemBooster.exe" /hide /autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Ujgbmedia] C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe
O4 - HKCU\..\Run: [Ciidifamo] C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
O4 - HKCU\..\Run: [Ezevlefehov] "C:\Users\jointsmouka\AppData\Roaming\Utadxou\vuyqb.exe"
O4 - HKCU\..\Run: [Hiwunimyy] "C:\Users\jointsmouka\AppData\Roaming\Uzqece\yhebl.exe"
O4 - HKCU\..\Run: [Oglinabuqunorie] "C:\Users\jointsmouka\AppData\Roaming\Etnapaw\uxarpie.exe"
O4 - HKCU\..\Run: [Laekes] "C:\Users\jointsmouka\AppData\Roaming\Ixvait\haleehr.exe"
O4 - HKCU\..\Run: [Welayfavneas] "C:\Users\jointsmouka\AppData\Roaming\Myagudi\aduseso.exe"
O4 - HKCU\..\Run: [Zolaazcawe] "C:\Users\jointsmouka\AppData\Roaming\Hoodid\ukneas.exe"
O4 - HKCU\..\Run: [Ityxxiemhiylom] "C:\Users\jointsmouka\AppData\Roaming\Awithim\ibqeyz.exe"
O4 - HKCU\..\Run: [Vesisoby] "C:\Users\jointsmouka\AppData\Roaming\Itohqi\vovaoqa.exe"
O4 - HKCU\..\Run: [Wuuzviakuvha] "C:\Users\jointsmouka\AppData\Roaming\Ampony\nyepcue.exe"
O4 - HKCU\..\Run: [Zigyrahe] "C:\Users\jointsmouka\AppData\Roaming\Dasaquut\ipodsa.exe"
O4 - HKCU\..\Run: [Cycyohnazuex] "C:\Users\jointsmouka\AppData\Roaming\Qoafesk\yxdaw.exe"
O4 - HKCU\..\Run: [Coivr] "C:\Users\jointsmouka\AppData\Roaming\Otyzxoa\ygcyygv.exe"
O4 - HKCU\..\Run: [Oxxavoacufy] "C:\Users\jointsmouka\AppData\Roaming\Yhiwaked\etryib.exe"
O4 - HKCU\..\Run: [Yfcuoqdyysewyx] "C:\Users\jointsmouka\AppData\Roaming\Lumiut\zuyza.exe"
O4 - HKCU\..\Run: [Ashaulgoe] "C:\Users\jointsmouka\AppData\Roaming\Awaskem\evovdie.exe"
O4 - HKCU\..\Run: [Anpworks] C:\Windows\SysWOW64\regsvr32.exe C:\Users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.dll
O4 - HKCU\..\Run: [Omkics] regsvr32.exe C:\Users\jointsmouka\AppData\Local\Omkics\loader_u.dll
O4 - HKCU\..\RunOnce: [Application Restart #4] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --extensions-on-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\app\37.1329.6.12" --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: winupdt32f.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{878EC04A-E66B-447C-BB01-A651764F78C1}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) - Anvisoft - D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Security Center Server - 3595630534 (SecurityCenterServer3595630534) - Eraem Corniratu - C:\Windows\SysWOW64\ebmunem.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14980 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {B903E62D-F41B-4433-87D3-6698D0045ECF}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe"
"C:\Windows\SysWOW64\regsvr32.exe" C:\Users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.dll
"C:\Windows\System32\regsvr32.exe" C:\Users\jointsmouka\AppData\Local\Omkics\loader_u.dll
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Users\jointsmouka\AppData\Local\Omkics\loader_u.dll
"D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
"C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe"
szndesktop.exe default start
"C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "6655416801293719889-1987998681873703496-11269568075079076021761443178725308502
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe
"C:\Windows\System32\WScript.exe" "C:\Windows\inf\mnccdgjd.vbe"
"C:\Windows\System32\WScript.exe" "C:\Windows\System32\msphtov.vbe" mskpko msstnj
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
\??\C:\Windows\system32\conhost.exe "-1690417169956602342-686170679282840477536870901420692325-129274885896599006
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe"
"C:\Windows\SysWOW64\ebmunem.exe" -service "C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 9656890a-0eb1-4d54-95d8-c4d281de9889 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "985405736-741527832-489258371162775702882568365-1472529436-319105090-238108218
\??\C:\Windows\system32\conhost.exe "-191035990-16951130469553021535383193401208321580-20953757651355730397-1208120681
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/MatchComplete/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="3120.2.1053930475\66035445" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/MatchComplete/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --enable-gpu-rasterization --disable-gpu-compositing --channel="3120.4.642899631\1283083011" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/MatchComplete/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --enable-gpu-rasterization --disable-gpu-compositing --channel="3120.5.2119136035\950334484" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/MatchComplete/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --enable-gpu-rasterization --disable-gpu-compositing --channel="3120.6.1118669217\1418832866" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/MatchComplete/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --enable-gpu-rasterization --disable-gpu-compositing --channel="3120.7.1925626281\1535354225" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3120.11.1572476254\998548877" --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=1,17,38 --gpu-vendor-id=0x0000 --gpu-device-id=0x0000 --gpu-driver-vendor --gpu-driver-version --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\inf\mnccdgjd\mnccdgjd.exe"
\??\C:\Windows\system32\conhost.exe "-149043812129052210717374592701944022597-10960272581986920602164412974-1050209803
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding -noframemerging -private
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7032 CREDAT:275457 /prefetch:2
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"c:\program files (x86)\teamviewer\TeamViewer_Desktop.exe" --IPCport 5939
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/MatchComplete/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --enable-gpu-rasterization --disable-gpu-compositing --channel="3120.20.764035676\262652888" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3120.22.672063886\242874361" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\jointsmouka\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding -noframemerging -private
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6032 CREDAT:275457 /prefetch:2
"C:\Users\jointsmouka\AppData\Roaming\Microsoft\Network\inet32f.exe" -u 47VDBRxaNbE5EEDuWjJuWeUtjYb31NPMQTpA3Nt9Dn1YWS12JARgtGyL2wBYSv8pxiGS58nSbUNXCU9q7j7unTGf7Mrhu2u -p x -o stratum+tcp://mine.moneropool.com:3333
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Daily).job - C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001Core.job - C:\Users\jointsmouka\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001UA.job - C:\Users\jointsmouka\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Security Center Update - 3595630534.job - C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70ba1ce1-4478-4bf6-8028-a91b017bd1c2}]
shoppia - C:\ProgramData\shoppia\8KCVB5cQdItgNM.x64.dll [2015-01-09 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70ba1ce1-4478-4bf6-8028-a91b017bd1c2}]
shoppia - C:\ProgramData\shoppia\8KCVB5cQdItgNM.dll [2015-01-09 566272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2012-11-29 57928]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2462536]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-10-04 2800296]
"AutoKMS"=C:\Windows\AutoKMS.exe [2015-01-06 615936]
"Ciidifamo"=C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [2014-03-08 504512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"=C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2015-02-19 2874048]
"cz.seznam.software.autoupdate"=C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"CloudSystemBooster"=D:\INSTALL\CSB\Cloud System Booster\CloudSystemBooster.exe [2014-05-29 527544]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Ujgbmedia"=C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe [2014-12-21 139332]
"Ciidifamo"=C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [2014-03-08 504512]
"Ezevlefehov"=C:\Users\jointsmouka\AppData\Roaming\Utadxou\vuyqb.exe []
"Hiwunimyy"=C:\Users\jointsmouka\AppData\Roaming\Uzqece\yhebl.exe []
"Oglinabuqunorie"=C:\Users\jointsmouka\AppData\Roaming\Etnapaw\uxarpie.exe []
"Laekes"=C:\Users\jointsmouka\AppData\Roaming\Ixvait\haleehr.exe []
"Welayfavneas"=C:\Users\jointsmouka\AppData\Roaming\Myagudi\aduseso.exe []
"Zolaazcawe"=C:\Users\jointsmouka\AppData\Roaming\Hoodid\ukneas.exe []
"Ityxxiemhiylom"=C:\Users\jointsmouka\AppData\Roaming\Awithim\ibqeyz.exe []
"Vesisoby"=C:\Users\jointsmouka\AppData\Roaming\Itohqi\vovaoqa.exe []
"Wuuzviakuvha"=C:\Users\jointsmouka\AppData\Roaming\Ampony\nyepcue.exe []
"Zigyrahe"=C:\Users\jointsmouka\AppData\Roaming\Dasaquut\ipodsa.exe []
"Cycyohnazuex"=C:\Users\jointsmouka\AppData\Roaming\Qoafesk\yxdaw.exe []
"Coivr"=C:\Users\jointsmouka\AppData\Roaming\Otyzxoa\ygcyygv.exe []
"Oxxavoacufy"=C:\Users\jointsmouka\AppData\Roaming\Yhiwaked\etryib.exe []
"Yfcuoqdyysewyx"=C:\Users\jointsmouka\AppData\Roaming\Lumiut\zuyza.exe []
"Ashaulgoe"=C:\Users\jointsmouka\AppData\Roaming\Awaskem\evovdie.exe []
"Anpworks"=C:\Windows\SysWOW64\regsvr32.exe [2009-07-14 14848]
"Omkics"=regsvr32.exe C:\Users\jointsmouka\AppData\Local\Omkics\loader_u.dll []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #4"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-12-06 856904]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"MSStp"=C:\Windows\system32\msstp.vbe []
"mnccdgjdSrv"=C:\Windows\inf\mnccdgjd.vbe [2014-01-13 1338]
"msphtovSrv"=C:\Windows\system32\msphtov.vbe mskpko msstnj []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Ad-Watch"=C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe [2009-01-18 506712]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"Ciidifamo"=C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [2014-03-08 504512]
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Hiwunimyy"=C:\Users\jointsmouka\AppData\Roaming\Uzqece\yhebl.exe []
"Oglinabuqunorie"=C:\Users\jointsmouka\AppData\Roaming\Etnapaw\uxarpie.exe []
"Laekes"=C:\Users\jointsmouka\AppData\Roaming\Ixvait\haleehr.exe []
"Ezevlefehov"=C:\Users\jointsmouka\AppData\Roaming\Utadxou\vuyqb.exe []
"Yfcuoqdyysewyx"=C:\Users\jointsmouka\AppData\Roaming\Lumiut\zuyza.exe []
"Welayfavneas"=C:\Users\jointsmouka\AppData\Roaming\Myagudi\aduseso.exe []
"Oxxavoacufy"=C:\Users\jointsmouka\AppData\Roaming\Yhiwaked\etryib.exe []
"Zigyrahe"=C:\Users\jointsmouka\AppData\Roaming\Dasaquut\ipodsa.exe []
"Cycyohnazuex"=C:\Users\jointsmouka\AppData\Roaming\Qoafesk\yxdaw.exe []
"Zolaazcawe"=C:\Users\jointsmouka\AppData\Roaming\Hoodid\ukneas.exe []
"Ciidifamo"=C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [2014-03-08 504512]
"Vesisoby"=C:\Users\jointsmouka\AppData\Roaming\Itohqi\vovaoqa.exe []
"Wuuzviakuvha"=C:\Users\jointsmouka\AppData\Roaming\Ampony\nyepcue.exe []
"Ashaulgoe"=C:\Users\jointsmouka\AppData\Roaming\Awaskem\evovdie.exe []
"Coivr"=C:\Users\jointsmouka\AppData\Roaming\Otyzxoa\ygcyygv.exe []
"Ityxxiemhiylom"=C:\Users\jointsmouka\AppData\Roaming\Awithim\ibqeyz.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe
winupdt32f.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~3\NETWOR~1\NETWOR~2.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-24 15:38:13 ----D---- C:\Program Files\trend micro
2015-02-24 15:16:17 ----D---- C:\Users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-12 14:10:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 14:10:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 14:10:08 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 14:10:08 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 14:35:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:35:29 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 14:35:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 14:35:26 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 14:35:26 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 14:35:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 14:35:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 14:35:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 14:35:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 14:35:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 14:35:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 14:35:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 14:35:25 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 14:35:25 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 14:35:25 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 14:35:25 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 14:35:25 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 14:35:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 14:35:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 14:35:25 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 14:35:19 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-11 14:35:19 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-02-11 14:35:19 ----A---- C:\Windows\system32\mstscax.dll
2015-02-11 14:34:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:34:57 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 14:34:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 14:34:53 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 14:34:53 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 14:34:52 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 14:34:52 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 14:34:34 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 14:34:34 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 14:34:34 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 14:34:33 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 14:34:33 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 14:34:33 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 14:34:33 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 14:34:33 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 14:34:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 14:34:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 14:34:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 14:34:27 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 14:34:27 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 14:34:27 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 14:34:27 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 14:34:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 14:34:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 14:34:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 14:34:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 14:34:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 14:34:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 14:34:25 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 14:34:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 14:34:13 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 14:34:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 14:34:13 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 14:34:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:34:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:34:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 14:34:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 14:34:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 14:34:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:34:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 14:34:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 14:34:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:34:12 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 14:34:12 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 14:34:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 14:34:10 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 14:34:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 14:34:10 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 14:34:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:34:10 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 14:34:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 14:34:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 14:34:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 14:34:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 14:34:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 14:34:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:34:09 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 14:34:09 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 14:34:08 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 14:34:08 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 14:34:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 14:34:06 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 14:34:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 14:34:05 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 14:34:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 14:34:05 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 14:34:05 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 14:34:04 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 14:34:04 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 14:34:04 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 14:34:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:34:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 14:34:02 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 14:34:02 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 14:34:01 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 14:34:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:34:00 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 14:30:23 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 14:30:23 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 14:29:34 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 14:29:34 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 14:28:59 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 14:28:59 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 14:28:04 ----A---- C:\Windows\system32\win32k.sys
2015-02-05 00:39:01 ----D---- C:\ProgramData\BlockIt Ad remover
2015-02-05 00:36:16 ----D---- C:\ProgramData\8022386465577498893UL
======List of files/folders modified in the last 1 month======
2015-02-24 15:39:17 ----D---- C:\Windows\Prefetch
2015-02-24 15:38:46 ----D---- C:\Windows\Temp
2015-02-24 15:38:13 ----RD---- C:\Program Files
2015-02-24 15:34:41 ----D---- C:\Program Files (x86)\Steam
2015-02-24 15:33:55 ----D---- C:\Users\jointsmouka\AppData\Roaming\Skype
2015-02-24 15:16:49 ----D---- C:\Program Files (x86)\TeamViewer
2015-02-24 15:16:47 ----D---- C:\Windows\system32\Tasks
2015-02-24 15:16:18 ----RSD---- C:\Windows\Fonts
2015-02-24 15:15:45 ----D---- C:\Windows\system32\config
2015-02-24 15:01:51 ----D---- C:\Users\jointsmouka\AppData\Roaming\Seznam.cz
2015-02-24 15:00:44 ----D---- C:\Users\jointsmouka\AppData\Roaming\Dropbox
2015-02-24 15:00:27 ----D---- C:\Windows
2015-02-24 14:57:58 ----D---- C:\Windows\System32
2015-02-24 14:56:03 ----D---- C:\ProgramData\NVIDIA
2015-02-24 10:27:43 ----D---- C:\Windows\Minidump
2015-02-24 10:08:49 ----D---- C:\Windows\inf
2015-02-24 10:08:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-24 09:06:20 ----SHD---- C:\Windows\Installer
2015-02-24 09:06:19 ----D---- C:\ProgramData\Skype
2015-02-24 09:05:00 ----RD---- C:\Program Files (x86)\Skype
2015-02-24 09:02:24 ----D---- C:\ProgramData\LogMeIn
2015-02-23 04:03:44 ----SHD---- C:\System Volume Information
2015-02-23 02:48:19 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-23 02:48:19 ----D---- C:\Windows\SysWOW64
2015-02-23 02:41:45 ----D---- C:\Windows\system32\en-US
2015-02-23 02:39:37 ----D---- C:\Windows\Tasks
2015-02-23 02:39:37 ----D---- C:\Windows\system32\wfp
2015-02-23 02:39:37 ----D---- C:\Windows\system32\wbem
2015-02-23 02:39:37 ----D---- C:\Windows\system32\DriverStore
2015-02-23 02:39:36 ----D---- C:\Windows\system32\drivers
2015-02-23 02:39:36 ----D---- C:\Windows\system32\CodeIntegrity
2015-02-23 02:39:35 ----D---- C:\Windows\system32\catroot2
2015-02-23 02:39:33 ----D---- C:\Users\jointsmouka\AppData\Roaming\vlc
2015-02-23 02:39:30 ----D---- C:\ProgramData\McAfee Security Scan
2015-02-23 02:39:26 ----D---- C:\Windows\registration
2015-02-23 02:39:15 ----SD---- C:\Users\jointsmouka\AppData\Roaming\Microsoft
2015-02-23 02:38:58 ----D---- C:\Program Files (x86)\LogMeIn
2015-02-22 18:54:58 ----HD---- C:\ProgramData
2015-02-16 17:59:02 ----D---- C:\Windows\system32\drivers\etc
2015-02-14 02:30:32 ----D---- C:\ProgramData\shoppia
2015-02-13 13:14:52 ----D---- C:\Windows\Microsoft.NET
2015-02-13 12:55:12 ----RSD---- C:\Windows\assembly
2015-02-13 08:09:17 ----D---- C:\Windows\rescache
2015-02-13 01:15:28 ----D---- C:\Windows\winsxs
2015-02-12 14:21:02 ----D---- C:\Windows\system32\MRT
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Yhiwaked
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Qoafesk
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Otyzxoa
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Myagudi
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Lumiut
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Itohqi
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Ikycwe
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Hoodid
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Dasaquut
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Awithim
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Awaskem
2015-02-12 04:21:41 ----D---- C:\Users\jointsmouka\AppData\Roaming\Ampony
2015-02-12 04:18:09 ----SD---- C:\Windows\system32\CompatTel
2015-02-12 04:18:08 ----D---- C:\Windows\system32\appraiser
2015-02-12 04:18:08 ----D---- C:\Program Files\Internet Explorer
2015-02-12 04:18:06 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 04:18:00 ----D---- C:\Windows\PolicyDefinitions
2015-02-12 03:56:00 ----D---- C:\ProgramData\Microsoft Help
2015-02-12 03:45:08 ----A---- C:\Windows\win.ini
2015-02-12 03:10:00 ----A---- C:\Windows\system32\MRT.exe
2015-02-08 22:33:48 ----D---- C:\Users\jointsmouka\AppData\Roaming\BitTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64; C:\Windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [2014-04-24 61120]
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64; C:\Windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [2014-06-25 61112]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-17 283064]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2012-11-29 72216]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2012-11-29 11552]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech HD Webcam C525(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2013-06-02 16056]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 cpuz134;cpuz134; \??\C:\Users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AnviCsbSvc;Anvi Cloud System Booster Speed Service; D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe []
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 1148744]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2015-01-16 377704]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 19439944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14 7410024]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 2384af53;Network Acceleration; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 107912]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 921936]
S2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2015-01-16 226152]
S2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-11-29 407424]
S2 SecurityCenterServer3595630534;Security Center Server - 3595630534; C:\Windows\SysWOW64\ebmunem.exe [2014-03-08 504512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-06 543656]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-26 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu, pocitac je v hroznem stavu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
jointsmouka
- Návštěvník
- Příspěvky: 19
- Registrován: 24 úno 2015 15:44
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Zdravim 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Jeste nez zacnem mazat, poprosim o logy FRST.txt a Addition.txt http://forum.viry.cz/viewtopic.php?f=13&t=133100
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Jeste nez zacnem mazat, poprosim o logy FRST.txt a Addition.txt http://forum.viry.cz/viewtopic.php?f=13&t=133100Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
jointsmouka
- Návštěvník
- Příspěvky: 19
- Registrován: 24 úno 2015 15:44
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2015
Ran by jointsmouka (administrator) on JOINTSMOUKA-PC on 24-02-2015 16:21:02
Running from C:\Users\jointsmouka\Desktop
Loaded Profiles: jointsmouka (Available profiles: jointsmouka & LogMeInRemoteUser)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Eraem Corniratu) C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Anvisoft) D:\INSTALL\CSB\Cloud System Booster\CSBSvc.exe
() C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe
() C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
( ) C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Eraem Corniratu) C:\Windows\SysWOW64\ebmunem.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Windows\inf\mnccdgjd\mnccdgjd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\jointsmouka\AppData\Roaming\Microsoft\Network\inet32f.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(forum.viry.cz) C:\Users\jointsmouka\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2012-11-29] (LogMeIn, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2015-01-06] ()
HKLM\...\Run: [Ciidifamo] => C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [504512 2014-03-08] (Eraem Corniratu)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1418 2014-01-13] ()
HKLM-x32\...\Run: [mnccdgjdSrv] => C:\Windows\inf\mnccdgjd.vbe [1338 2014-01-13] ()
HKLM-x32\...\Run: [msphtovSrv] => C:\Windows\SysWOW64\msphtov.vbe [583 2013-12-10] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Ad-Watch] => C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe [506712 2009-01-18] (Lavasoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Ciidifamo] => C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [504512 2014-03-08] (Eraem Corniratu)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [CloudSystemBooster] => D:\INSTALL\CSB\Cloud System Booster\CloudSystemBooster.exe [527544 2014-05-29] (Anvisoft)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ujgbmedia] => C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe [139332 2014-12-21] ( )
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ciidifamo] => C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [504512 2014-03-08] (Eraem Corniratu)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ezevlefehov] => "C:\Users\jointsmouka\AppData\Roaming\Utadxou\vuyqb.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Hiwunimyy] => "C:\Users\jointsmouka\AppData\Roaming\Uzqece\yhebl.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Oglinabuqunorie] => "C:\Users\jointsmouka\AppData\Roaming\Etnapaw\uxarpie.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Laekes] => "C:\Users\jointsmouka\AppData\Roaming\Ixvait\haleehr.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Welayfavneas] => "C:\Users\jointsmouka\AppData\Roaming\Myagudi\aduseso.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Zolaazcawe] => "C:\Users\jointsmouka\AppData\Roaming\Hoodid\ukneas.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ityxxiemhiylom] => "C:\Users\jointsmouka\AppData\Roaming\Awithim\ibqeyz.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Vesisoby] => "C:\Users\jointsmouka\AppData\Roaming\Itohqi\vovaoqa.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Wuuzviakuvha] => "C:\Users\jointsmouka\AppData\Roaming\Ampony\nyepcue.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Zigyrahe] => "C:\Users\jointsmouka\AppData\Roaming\Dasaquut\ipodsa.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Cycyohnazuex] => "C:\Users\jointsmouka\AppData\Roaming\Qoafesk\yxdaw.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Coivr] => "C:\Users\jointsmouka\AppData\Roaming\Otyzxoa\ygcyygv.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Oxxavoacufy] => "C:\Users\jointsmouka\AppData\Roaming\Yhiwaked\etryib.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Yfcuoqdyysewyx] => "C:\Users\jointsmouka\AppData\Roaming\Lumiut\zuyza.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ashaulgoe] => "C:\Users\jointsmouka\AppData\Roaming\Awaskem\evovdie.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Anpworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.dll
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Omkics] => regsvr32.exe C:\Users\jointsmouka\AppData\Local\Omkics\loader_u.dll <===== ATTENTION
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\MountPoints2: {58509590-7246-11e3-9202-001d7d003c8a} - F:\Autorun.exe
AppInit_DLLs: C:\PROGRA~3\NETWOR~1\NETWOR~2.DLL => C:\ProgramData\Network Acceleration\NetworkAcceleration_x64.dll [4167680 2013-12-26] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * lsdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0C146C8E-EEDF-4F83-99DC-023737234A7B} URL = http://searchab.com/?aff=7&uid=a0d38fd7 ... earchTerms}
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5177
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {25E02ED1-55EC-431E-AA13-3CDCD4905DA8} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3D8E7549-0E8C-4C33-86AD-EA7D285BA95B} URL = http://websearch.ask.com/redirect?clien ... E8FD89B7A3
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3E2089FE-2ADC-4CAE-8075-3DF7E0EB94A9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {4B19489D-19AE-45E6-818C-8790AF04D326} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {5CFBF9BA-1414-41E8-9504-7013CE7AB719} URL = http://search.seznam.cz/?q={searchTerms ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {784BFE96-5543-48BF-8957-FAEA4892296D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {8DCD0D1F-A810-4415-AF4E-1C587E48AA82} URL = http://www.novinky.cz/hledej?w={searchT ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {98198D75-3B7D-45D6-89D0-6B51552E7F5C} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AE830ECE-6621-4BAA-811F-0E68295E9A22} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {BE0E22DF-7D17-4686-B73C-6DC95375082B} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {C04B0473-4653-4FCA-8B5D-4B44A4B15F00} URL = http://www.mapy.cz/?query={searchTerms} ... arch_14875
BHO: shoppia -> {70ba1ce1-4478-4bf6-8028-a91b017bd1c2} -> C:\ProgramData\shoppia\8KCVB5cQdItgNM.x64.dll ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: shoppia -> {70ba1ce1-4478-4bf6-8028-a91b017bd1c2} -> C:\ProgramData\shoppia\8KCVB5cQdItgNM.dll ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{878EC04A-E66B-447C-BB01-A651764F78C1}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_269.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_269.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-883375831-3728679416-1811525376-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jointsmouka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-883375831-3728679416-1811525376-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jointsmouka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha1735.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ff
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-21]
CHR Extension: (Acrobat Search) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-02-13]
CHR Extension: (Google Docs) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-21]
CHR Extension: (Google Drive) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-21]
CHR Extension: (YouTube) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-21]
CHR Extension: (Google Search) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-21]
CHR Extension: (Google Sheets) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-21]
CHR Extension: (TubeAdBlockEro) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda [2015-01-05]
CHR Extension: (Skype Click to Call) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-31]
CHR Extension: (Humble New Tab Page) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj [2015-01-09]
CHR Extension: (Google Wallet) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-21]
CHR Extension: (takeorleavoe) - C:\ProgramData\adbfmeoekdapkmmcbgijgecldoedmcdo\ [2014-12-21]
CHR HKLM-x32\...\Chrome\Extension: [anddllmcjgahdhkagampieimglafnnjm] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home388\ch\MediaWatchV1home388.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iahifhhljhdbokokheinmhdkamjgfmbn] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ch\TrustMediaViewerV1alpha1735.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kepdddahaedaffgedefcdanefbfnpakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1435\ch\MediaBuzzV1mode1435.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kjajonjcpidbhenkljlpmjpmijlnkdoc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6277\ch\MediaViewV1alpha6277.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AnviCsbSvc; D:\INSTALL\CSB\Cloud System Booster\CSBSvc.exe [42680 2014-05-29] (Anvisoft)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
S2 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [921936 2009-01-18] (Lavasoft)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [377704 2015-01-16] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2015-01-16] (LogMeIn, Inc.)
S2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-11-29] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 SecurityCenterServer3595630534; C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [504512 2014-03-08] (Eraem Corniratu) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 2384af53; "C:\Windows\system32\rundll32.exe" "c:\progra~3\networ~1\NetworkAccelerationSvc.dll",service
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-17] (Disc Soft Ltd)
S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-02] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R1 {01531192-f7ef-415f-a549-cfdb11836731}w64; C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [61120 2014-04-24] (StdLib)
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64; C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [61112 2014-06-25] (StdLib)
S3 cpuz134; \??\C:\Users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 16:21 - 2015-02-24 16:21 - 00028899 _____ () C:\Users\jointsmouka\Desktop\FRST.txt
2015-02-24 16:20 - 2015-02-24 16:21 - 00000000 ____D () C:\FRST
2015-02-24 16:19 - 2015-02-24 16:19 - 00112640 _____ (forum.viry.cz) C:\Users\jointsmouka\Desktop\FRSTLauncher.exe
2015-02-24 16:18 - 2015-02-24 16:18 - 00112640 _____ (forum.viry.cz) C:\Users\jointsmouka\Downloads\Nepotvrzeno 226326.crdownload
2015-02-24 16:17 - 2015-02-24 16:17 - 02087424 _____ (Farbar) C:\Users\jointsmouka\Desktop\FRST64.exe
2015-02-24 15:38 - 2015-02-24 15:39 - 00000000 ____D () C:\Program Files\trend micro
2015-02-24 15:37 - 2015-02-24 15:37 - 01222144 _____ () C:\Users\jointsmouka\Downloads\RSITx64.exe
2015-02-24 15:16 - 2015-02-24 15:16 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-24 15:16 - 2015-02-24 15:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-24 15:15 - 2015-02-24 15:15 - 07826296 _____ (TeamViewer GmbH) C:\Users\jointsmouka\Downloads\TeamViewer_Setup_cs-iuu.exe
2015-02-24 10:27 - 2015-02-24 10:27 - 00284464 _____ () C:\Windows\Minidump\022415-28345-01.dmp
2015-02-24 10:25 - 2015-02-24 10:25 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Steam
2015-02-24 10:11 - 2015-02-24 10:11 - 00290632 _____ () C:\Windows\Minidump\022415-22542-01.dmp
2015-02-24 09:01 - 2015-02-24 09:01 - 00427960 _____ () C:\Windows\Minidump\022415-19609-01.dmp
2015-02-24 08:59 - 2015-02-24 09:00 - 00290648 _____ () C:\Windows\Minidump\022415-25740-01.dmp
2015-02-23 22:30 - 2015-02-23 22:30 - 00000165 ____H () C:\Users\jointsmouka\Downloads\~$využití-radionuklidu.pptx
2015-02-23 22:29 - 2015-02-23 22:29 - 00088372 _____ () C:\Users\jointsmouka\Downloads\využití-radionuklidu.pptx
2015-02-23 15:41 - 2015-02-23 15:41 - 00004631 _____ () C:\Users\jointsmouka\Desktop\BRUŠTÍK DAVID.p12
2015-02-22 17:51 - 2015-02-24 10:27 - 474818582 _____ () C:\Windows\MEMORY.DMP
2015-02-22 17:51 - 2015-02-22 17:51 - 00446688 _____ () C:\Windows\Minidump\022215-28470-01.dmp
2015-02-21 17:08 - 2015-02-21 19:30 - 1276074610 _____ () C:\Users\jointsmouka\Downloads\Padesát-odstínů-šedi---Fifty-Shades-of-Grey-2015-[CAM.XviD]-tit.CZ-v-obraze.avi
2015-02-21 12:16 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\New folder
2015-02-20 22:24 - 2015-02-20 22:25 - 288097593 _____ () C:\Users\jointsmouka\Desktop\MVI_0035.MOV
2015-02-20 21:40 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\hovna
2015-02-20 21:38 - 2015-02-20 21:38 - 00696556 _____ () C:\Users\jointsmouka\Downloads\Vzorník (1).pptx
2015-02-15 15:33 - 2015-02-15 15:33 - 00230094 _____ () C:\Users\jointsmouka\Downloads\tam1.bmp
2015-02-12 14:10 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 14:10 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 14:10 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 14:10 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:35 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:35 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:35 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:35 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:35 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:35 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:35 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:35 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:35 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:35 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:35 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:35 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:35 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:35 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:35 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:35 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:35 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:35 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 14:35 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:35 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:34 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:34 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:34 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:34 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:34 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:34 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:34 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:34 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:34 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:34 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:34 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:34 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:34 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:34 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:34 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:34 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:34 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:34 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:34 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:34 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:34 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:34 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:34 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:34 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:34 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:34 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:34 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:34 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:34 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:34 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:34 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:34 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:34 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:34 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:34 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:34 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:34 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:34 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:34 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:34 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:34 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:34 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:34 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:34 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:34 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:34 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:34 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:34 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:34 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:34 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:34 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:34 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:34 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:34 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:34 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:30 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:30 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:29 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:29 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:28 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:28 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:28 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 21:10 - 2015-02-10 21:10 - 00792942 _____ () C:\Users\jointsmouka\Downloads\Vzorník2.pptx
2015-02-09 14:06 - 2015-02-09 14:07 - 00014776 _____ () C:\Users\jointsmouka\Downloads\kalkulačka-Brusta.xlsm
2015-02-05 22:59 - 2015-02-05 23:00 - 00764401 _____ () C:\Users\jointsmouka\Downloads\Vzorník.pptx
2015-02-05 00:39 - 2015-02-05 00:39 - 00000000 ____D () C:\ProgramData\BlockIt Ad remover
2015-02-05 00:36 - 2015-02-05 00:36 - 00000000 ____D () C:\ProgramData\8022386465577498893UL
2015-02-03 19:48 - 2015-02-03 19:48 - 00764401 _____ () C:\Users\jointsmouka\Desktop\Vzorník.pptx
2015-02-03 19:32 - 2015-02-03 19:32 - 00031720 _____ () C:\Users\jointsmouka\Downloads\2 Vzorce matematika.xlsx
2015-02-03 19:32 - 2015-02-03 19:32 - 00028672 _____ () C:\Users\jointsmouka\Downloads\1 A vzorce.xls
2015-02-03 19:32 - 2015-02-03 19:32 - 00019456 _____ () C:\Users\jointsmouka\Downloads\3 Funkce a grafy.xls
2015-02-03 19:32 - 2015-02-03 19:32 - 00014848 _____ () C:\Users\jointsmouka\Downloads\5 Data byty.xls
2015-02-03 19:31 - 2015-02-03 19:32 - 00026848 _____ () C:\Users\jointsmouka\Downloads\opakování.xlsm
2015-02-02 19:46 - 2015-02-02 19:46 - 00036559 _____ () C:\Users\jointsmouka\Downloads\The.Big.Bang.Theory.S08E13.720p.HDTV.X264-DIMENSION.torrent
2015-02-01 20:59 - 2015-02-02 13:28 - 00000000 ____D () C:\Users\jointsmouka\Desktop\maturitak
2015-02-01 13:17 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\Facebook_files
2015-01-30 02:49 - 2015-01-30 02:50 - 00040395 _____ () C:\Users\jointsmouka\Downloads\The.Hobbit.2014.Battle.Of.The.Five.Armies.DVDScr.XVID.AC3.HQ.Hive-CM8.torrent
2015-01-27 22:28 - 2015-01-27 22:28 - 00063953 _____ () C:\Users\jointsmouka\Downloads\The.Big.Bang.Theory.S03.HDTV.XviD-TL.torrent
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 16:07 - 2014-12-21 17:02 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-24 16:00 - 2015-01-12 12:40 - 00000838 _____ () C:\Windows\Tasks\Security Center Update - 3595630534.job
2015-02-24 15:58 - 2014-08-30 09:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-24 15:48 - 2013-01-26 10:12 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001UA.job
2015-02-24 15:34 - 2014-08-03 11:21 - 00000000 ___RD () C:\Users\jointsmouka\Dropbox
2015-02-24 15:34 - 2013-06-11 19:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 15:34 - 2013-01-26 09:39 - 01359584 _____ () C:\Windows\WindowsUpdate.log
2015-02-24 15:33 - 2013-01-26 18:13 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Skype
2015-02-24 15:07 - 2009-07-14 05:45 - 00035312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 15:07 - 2009-07-14 05:45 - 00035312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 15:01 - 2014-01-01 14:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Seznam.cz
2015-02-24 15:00 - 2014-08-03 11:20 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dropbox
2015-02-24 14:59 - 2014-07-18 04:33 - 00050591 _____ () C:\Users\jointsmouka\rgmnr
2015-02-24 14:58 - 2014-01-28 12:42 - 00001010 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-02-24 14:58 - 2014-01-28 12:42 - 00000994 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-02-24 14:57 - 2014-12-29 07:00 - 00005004 _____ () C:\Windows\setupact.log
2015-02-24 14:56 - 2014-12-21 17:02 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 14:56 - 2014-06-07 15:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-24 14:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-24 14:55 - 2015-01-10 07:00 - 00004924 _____ () C:\aaw7boot.log
2015-02-24 10:27 - 2013-01-26 18:49 - 00000000 ____D () C:\Windows\Minidump
2015-02-24 10:08 - 2009-07-14 06:13 - 00806776 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-24 09:06 - 2013-01-26 18:13 - 00000000 ____D () C:\ProgramData\Skype
2015-02-24 09:05 - 2013-01-26 18:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-24 09:02 - 2013-01-26 10:33 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-02-23 12:01 - 2014-08-04 11:02 - 00000496 _____ () C:\Windows\Tasks\Ad-Aware Update (Daily).job
2015-02-23 10:48 - 2013-01-26 10:12 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001Core.job
2015-02-23 02:39 - 2014-10-12 15:50 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-02-23 02:39 - 2013-01-26 18:12 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\vlc
2015-02-23 02:39 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-02-23 02:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-23 02:38 - 2013-01-26 10:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-02-22 18:54 - 2014-01-30 23:58 - 00003406 __RSH () C:\ProgramData\ntuser.pol
2015-02-22 18:52 - 2015-01-21 18:00 - 00000020 _____ () C:\Users\jointsmouka\AppData\Roaming\appdataFr3.bin
2015-02-22 18:01 - 2014-08-03 11:21 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 17:52 - 2013-01-26 10:02 - 00000000 ____D () C:\Users\jointsmouka
2015-02-20 21:41 - 2014-11-10 17:00 - 00000000 ____D () C:\Users\jointsmouka\Desktop\cestina
2015-02-17 23:11 - 2015-01-07 20:44 - 00006671 _____ () C:\Windows\system32\ScanResults.xml
2015-02-17 23:08 - 2015-01-07 20:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-02-16 17:59 - 2014-12-20 09:59 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-02-14 02:30 - 2015-01-09 15:32 - 00000000 ____D () C:\ProgramData\shoppia
2015-02-13 18:45 - 2014-12-21 13:51 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Omkics
2015-02-13 08:09 - 2014-04-10 02:55 - 00000000 ____D () C:\Windows\rescache
2015-02-13 07:01 - 2014-12-29 07:00 - 00008458 _____ () C:\Windows\PFRO.log
2015-02-12 14:21 - 2013-08-15 11:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 04:25 - 2014-12-21 10:50 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Ujgbmedia
2015-02-12 04:23 - 2009-07-14 05:45 - 00417304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 04:21 - 2015-01-24 13:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awithim
2015-02-12 04:21 - 2015-01-22 13:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Otyzxoa
2015-02-12 04:21 - 2015-01-18 13:08 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awaskem
2015-02-12 04:21 - 2015-01-16 13:00 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ampony
2015-02-12 04:21 - 2015-01-14 12:47 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Itohqi
2015-02-12 04:21 - 2015-01-10 12:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Hoodid
2015-02-12 04:21 - 2015-01-08 12:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Qoafesk
2015-02-12 04:21 - 2015-01-06 12:23 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dasaquut
2015-02-12 04:21 - 2015-01-04 12:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Yhiwaked
2015-02-12 04:21 - 2015-01-02 12:01 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Myagudi
2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Lumiut
2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ikycwe
2015-02-12 04:18 - 2014-12-11 13:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 04:18 - 2014-05-06 23:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 04:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-12 03:56 - 2013-03-13 20:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 03:45 - 2009-07-14 03:34 - 00000678 _____ () C:\Windows\win.ini
2015-02-12 03:10 - 2013-01-26 10:58 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 14:26 - 2014-09-14 16:26 - 00000000 ____D () C:\Users\jointsmouka\Desktop\programovani
2015-02-08 22:33 - 2013-02-11 11:41 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\BitTorrent
==================== Files in the root of some directories =======
2015-01-21 18:00 - 2015-02-22 18:52 - 0000020 _____ () C:\Users\jointsmouka\AppData\Roaming\appdataFr3.bin
2014-07-22 12:15 - 2014-07-22 12:15 - 0007644 _____ () C:\Users\jointsmouka\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\jointsmouka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcgk9hi.dll
C:\Users\jointsmouka\AppData\Local\Temp\ReimagePackage.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_115e2b35.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_1646c8f5.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_570db785.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_682638f4.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_694eaade.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_6c45a2ba.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_847d0832.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_93def093.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_942c57e4.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_9faf84ca.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_b9279954.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_d5de7f39.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_d731f275.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_dc93338b.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_df767b42.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_e5df7f13.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 00:18
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (system) (Fixed) (Total:150 GB) (Free:34.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:295.76 GB) (Free:10.42 GB) NTFS
Available physical RAM: 1834.14 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 55%
==================== MBR and Partition Table ==================
TreeSize Professional V6.0.3 (64 bit) (HKLM\...\TreeSize Professional_is1) (Version: 6.0.3 - JAM Software)
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 95BB83A1)
Partition 2: (Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=295.8 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Ad-Aware Update (Daily).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001Core.job => C:\Users\jointsmouka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001UA.job => C:\Users\jointsmouka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Security Center Update - 3595630534.job => C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Security Center ==================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\jointsmouka\Desktop" je 4248 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by jointsmouka (administrator) on JOINTSMOUKA-PC on 24-02-2015 16:21:02
Running from C:\Users\jointsmouka\Desktop
Loaded Profiles: jointsmouka (Available profiles: jointsmouka & LogMeInRemoteUser)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Eraem Corniratu) C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Anvisoft) D:\INSTALL\CSB\Cloud System Booster\CSBSvc.exe
() C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe
() C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
( ) C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Eraem Corniratu) C:\Windows\SysWOW64\ebmunem.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Windows\inf\mnccdgjd\mnccdgjd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\jointsmouka\AppData\Roaming\Microsoft\Network\inet32f.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(forum.viry.cz) C:\Users\jointsmouka\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2012-11-29] (LogMeIn, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2015-01-06] ()
HKLM\...\Run: [Ciidifamo] => C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [504512 2014-03-08] (Eraem Corniratu)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1418 2014-01-13] ()
HKLM-x32\...\Run: [mnccdgjdSrv] => C:\Windows\inf\mnccdgjd.vbe [1338 2014-01-13] ()
HKLM-x32\...\Run: [msphtovSrv] => C:\Windows\SysWOW64\msphtov.vbe [583 2013-12-10] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Ad-Watch] => C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe [506712 2009-01-18] (Lavasoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Ciidifamo] => C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [504512 2014-03-08] (Eraem Corniratu)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jointsmouka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [CloudSystemBooster] => D:\INSTALL\CSB\Cloud System Booster\CloudSystemBooster.exe [527544 2014-05-29] (Anvisoft)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ujgbmedia] => C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe [139332 2014-12-21] ( )
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ciidifamo] => C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [504512 2014-03-08] (Eraem Corniratu)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ezevlefehov] => "C:\Users\jointsmouka\AppData\Roaming\Utadxou\vuyqb.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Hiwunimyy] => "C:\Users\jointsmouka\AppData\Roaming\Uzqece\yhebl.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Oglinabuqunorie] => "C:\Users\jointsmouka\AppData\Roaming\Etnapaw\uxarpie.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Laekes] => "C:\Users\jointsmouka\AppData\Roaming\Ixvait\haleehr.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Welayfavneas] => "C:\Users\jointsmouka\AppData\Roaming\Myagudi\aduseso.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Zolaazcawe] => "C:\Users\jointsmouka\AppData\Roaming\Hoodid\ukneas.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ityxxiemhiylom] => "C:\Users\jointsmouka\AppData\Roaming\Awithim\ibqeyz.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Vesisoby] => "C:\Users\jointsmouka\AppData\Roaming\Itohqi\vovaoqa.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Wuuzviakuvha] => "C:\Users\jointsmouka\AppData\Roaming\Ampony\nyepcue.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Zigyrahe] => "C:\Users\jointsmouka\AppData\Roaming\Dasaquut\ipodsa.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Cycyohnazuex] => "C:\Users\jointsmouka\AppData\Roaming\Qoafesk\yxdaw.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Coivr] => "C:\Users\jointsmouka\AppData\Roaming\Otyzxoa\ygcyygv.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Oxxavoacufy] => "C:\Users\jointsmouka\AppData\Roaming\Yhiwaked\etryib.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Yfcuoqdyysewyx] => "C:\Users\jointsmouka\AppData\Roaming\Lumiut\zuyza.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Ashaulgoe] => "C:\Users\jointsmouka\AppData\Roaming\Awaskem\evovdie.exe"
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Anpworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.dll
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Omkics] => regsvr32.exe C:\Users\jointsmouka\AppData\Local\Omkics\loader_u.dll <===== ATTENTION
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\MountPoints2: {58509590-7246-11e3-9202-001d7d003c8a} - F:\Autorun.exe
AppInit_DLLs: C:\PROGRA~3\NETWOR~1\NETWOR~2.DLL => C:\ProgramData\Network Acceleration\NetworkAcceleration_x64.dll [4167680 2013-12-26] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * lsdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0C146C8E-EEDF-4F83-99DC-023737234A7B} URL = http://searchab.com/?aff=7&uid=a0d38fd7 ... earchTerms}
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5177
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {25E02ED1-55EC-431E-AA13-3CDCD4905DA8} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3D8E7549-0E8C-4C33-86AD-EA7D285BA95B} URL = http://websearch.ask.com/redirect?clien ... E8FD89B7A3
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3E2089FE-2ADC-4CAE-8075-3DF7E0EB94A9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {4B19489D-19AE-45E6-818C-8790AF04D326} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {5CFBF9BA-1414-41E8-9504-7013CE7AB719} URL = http://search.seznam.cz/?q={searchTerms ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {784BFE96-5543-48BF-8957-FAEA4892296D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {8DCD0D1F-A810-4415-AF4E-1C587E48AA82} URL = http://www.novinky.cz/hledej?w={searchT ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {98198D75-3B7D-45D6-89D0-6B51552E7F5C} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AE830ECE-6621-4BAA-811F-0E68295E9A22} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {BE0E22DF-7D17-4686-B73C-6DC95375082B} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {C04B0473-4653-4FCA-8B5D-4B44A4B15F00} URL = http://www.mapy.cz/?query={searchTerms} ... arch_14875
BHO: shoppia -> {70ba1ce1-4478-4bf6-8028-a91b017bd1c2} -> C:\ProgramData\shoppia\8KCVB5cQdItgNM.x64.dll ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: shoppia -> {70ba1ce1-4478-4bf6-8028-a91b017bd1c2} -> C:\ProgramData\shoppia\8KCVB5cQdItgNM.dll ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{878EC04A-E66B-447C-BB01-A651764F78C1}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_269.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_269.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-883375831-3728679416-1811525376-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jointsmouka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-883375831-3728679416-1811525376-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jointsmouka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha1735.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ff
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-21]
CHR Extension: (Acrobat Search) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-02-13]
CHR Extension: (Google Docs) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-21]
CHR Extension: (Google Drive) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-21]
CHR Extension: (YouTube) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-21]
CHR Extension: (Google Search) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-21]
CHR Extension: (Google Sheets) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-21]
CHR Extension: (TubeAdBlockEro) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda [2015-01-05]
CHR Extension: (Skype Click to Call) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-31]
CHR Extension: (Humble New Tab Page) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj [2015-01-09]
CHR Extension: (Google Wallet) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-21]
CHR Extension: (takeorleavoe) - C:\ProgramData\adbfmeoekdapkmmcbgijgecldoedmcdo\ [2014-12-21]
CHR HKLM-x32\...\Chrome\Extension: [anddllmcjgahdhkagampieimglafnnjm] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home388\ch\MediaWatchV1home388.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iahifhhljhdbokokheinmhdkamjgfmbn] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ch\TrustMediaViewerV1alpha1735.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kepdddahaedaffgedefcdanefbfnpakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1435\ch\MediaBuzzV1mode1435.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kjajonjcpidbhenkljlpmjpmijlnkdoc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6277\ch\MediaViewV1alpha6277.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AnviCsbSvc; D:\INSTALL\CSB\Cloud System Booster\CSBSvc.exe [42680 2014-05-29] (Anvisoft)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
S2 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [921936 2009-01-18] (Lavasoft)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [377704 2015-01-16] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2015-01-16] (LogMeIn, Inc.)
S2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-11-29] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 SecurityCenterServer3595630534; C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe [504512 2014-03-08] (Eraem Corniratu) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 2384af53; "C:\Windows\system32\rundll32.exe" "c:\progra~3\networ~1\NetworkAccelerationSvc.dll",service
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-17] (Disc Soft Ltd)
S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-02] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R1 {01531192-f7ef-415f-a549-cfdb11836731}w64; C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [61120 2014-04-24] (StdLib)
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64; C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [61112 2014-06-25] (StdLib)
S3 cpuz134; \??\C:\Users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 16:21 - 2015-02-24 16:21 - 00028899 _____ () C:\Users\jointsmouka\Desktop\FRST.txt
2015-02-24 16:20 - 2015-02-24 16:21 - 00000000 ____D () C:\FRST
2015-02-24 16:19 - 2015-02-24 16:19 - 00112640 _____ (forum.viry.cz) C:\Users\jointsmouka\Desktop\FRSTLauncher.exe
2015-02-24 16:18 - 2015-02-24 16:18 - 00112640 _____ (forum.viry.cz) C:\Users\jointsmouka\Downloads\Nepotvrzeno 226326.crdownload
2015-02-24 16:17 - 2015-02-24 16:17 - 02087424 _____ (Farbar) C:\Users\jointsmouka\Desktop\FRST64.exe
2015-02-24 15:38 - 2015-02-24 15:39 - 00000000 ____D () C:\Program Files\trend micro
2015-02-24 15:37 - 2015-02-24 15:37 - 01222144 _____ () C:\Users\jointsmouka\Downloads\RSITx64.exe
2015-02-24 15:16 - 2015-02-24 15:16 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-24 15:16 - 2015-02-24 15:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-24 15:15 - 2015-02-24 15:15 - 07826296 _____ (TeamViewer GmbH) C:\Users\jointsmouka\Downloads\TeamViewer_Setup_cs-iuu.exe
2015-02-24 10:27 - 2015-02-24 10:27 - 00284464 _____ () C:\Windows\Minidump\022415-28345-01.dmp
2015-02-24 10:25 - 2015-02-24 10:25 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Steam
2015-02-24 10:11 - 2015-02-24 10:11 - 00290632 _____ () C:\Windows\Minidump\022415-22542-01.dmp
2015-02-24 09:01 - 2015-02-24 09:01 - 00427960 _____ () C:\Windows\Minidump\022415-19609-01.dmp
2015-02-24 08:59 - 2015-02-24 09:00 - 00290648 _____ () C:\Windows\Minidump\022415-25740-01.dmp
2015-02-23 22:30 - 2015-02-23 22:30 - 00000165 ____H () C:\Users\jointsmouka\Downloads\~$využití-radionuklidu.pptx
2015-02-23 22:29 - 2015-02-23 22:29 - 00088372 _____ () C:\Users\jointsmouka\Downloads\využití-radionuklidu.pptx
2015-02-23 15:41 - 2015-02-23 15:41 - 00004631 _____ () C:\Users\jointsmouka\Desktop\BRUŠTÍK DAVID.p12
2015-02-22 17:51 - 2015-02-24 10:27 - 474818582 _____ () C:\Windows\MEMORY.DMP
2015-02-22 17:51 - 2015-02-22 17:51 - 00446688 _____ () C:\Windows\Minidump\022215-28470-01.dmp
2015-02-21 17:08 - 2015-02-21 19:30 - 1276074610 _____ () C:\Users\jointsmouka\Downloads\Padesát-odstínů-šedi---Fifty-Shades-of-Grey-2015-[CAM.XviD]-tit.CZ-v-obraze.avi
2015-02-21 12:16 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\New folder
2015-02-20 22:24 - 2015-02-20 22:25 - 288097593 _____ () C:\Users\jointsmouka\Desktop\MVI_0035.MOV
2015-02-20 21:40 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\hovna
2015-02-20 21:38 - 2015-02-20 21:38 - 00696556 _____ () C:\Users\jointsmouka\Downloads\Vzorník (1).pptx
2015-02-15 15:33 - 2015-02-15 15:33 - 00230094 _____ () C:\Users\jointsmouka\Downloads\tam1.bmp
2015-02-12 14:10 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 14:10 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 14:10 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 14:10 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:35 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:35 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:35 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:35 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:35 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:35 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:35 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:35 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:35 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:35 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:35 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:35 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:35 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:35 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:35 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:35 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:35 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:35 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 14:35 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:35 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:34 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:34 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:34 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:34 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:34 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:34 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:34 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:34 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:34 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:34 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:34 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:34 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:34 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:34 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:34 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:34 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:34 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:34 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:34 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:34 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:34 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:34 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:34 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:34 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:34 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:34 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:34 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:34 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:34 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:34 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:34 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:34 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:34 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:34 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:34 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:34 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:34 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:34 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:34 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:34 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:34 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:34 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:34 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:34 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:34 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:34 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:34 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:34 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:34 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:34 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:34 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:34 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:34 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:34 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:34 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:30 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:30 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:29 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:29 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:28 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:28 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:28 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 21:10 - 2015-02-10 21:10 - 00792942 _____ () C:\Users\jointsmouka\Downloads\Vzorník2.pptx
2015-02-09 14:06 - 2015-02-09 14:07 - 00014776 _____ () C:\Users\jointsmouka\Downloads\kalkulačka-Brusta.xlsm
2015-02-05 22:59 - 2015-02-05 23:00 - 00764401 _____ () C:\Users\jointsmouka\Downloads\Vzorník.pptx
2015-02-05 00:39 - 2015-02-05 00:39 - 00000000 ____D () C:\ProgramData\BlockIt Ad remover
2015-02-05 00:36 - 2015-02-05 00:36 - 00000000 ____D () C:\ProgramData\8022386465577498893UL
2015-02-03 19:48 - 2015-02-03 19:48 - 00764401 _____ () C:\Users\jointsmouka\Desktop\Vzorník.pptx
2015-02-03 19:32 - 2015-02-03 19:32 - 00031720 _____ () C:\Users\jointsmouka\Downloads\2 Vzorce matematika.xlsx
2015-02-03 19:32 - 2015-02-03 19:32 - 00028672 _____ () C:\Users\jointsmouka\Downloads\1 A vzorce.xls
2015-02-03 19:32 - 2015-02-03 19:32 - 00019456 _____ () C:\Users\jointsmouka\Downloads\3 Funkce a grafy.xls
2015-02-03 19:32 - 2015-02-03 19:32 - 00014848 _____ () C:\Users\jointsmouka\Downloads\5 Data byty.xls
2015-02-03 19:31 - 2015-02-03 19:32 - 00026848 _____ () C:\Users\jointsmouka\Downloads\opakování.xlsm
2015-02-02 19:46 - 2015-02-02 19:46 - 00036559 _____ () C:\Users\jointsmouka\Downloads\The.Big.Bang.Theory.S08E13.720p.HDTV.X264-DIMENSION.torrent
2015-02-01 20:59 - 2015-02-02 13:28 - 00000000 ____D () C:\Users\jointsmouka\Desktop\maturitak
2015-02-01 13:17 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\Facebook_files
2015-01-30 02:49 - 2015-01-30 02:50 - 00040395 _____ () C:\Users\jointsmouka\Downloads\The.Hobbit.2014.Battle.Of.The.Five.Armies.DVDScr.XVID.AC3.HQ.Hive-CM8.torrent
2015-01-27 22:28 - 2015-01-27 22:28 - 00063953 _____ () C:\Users\jointsmouka\Downloads\The.Big.Bang.Theory.S03.HDTV.XviD-TL.torrent
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 16:07 - 2014-12-21 17:02 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-24 16:00 - 2015-01-12 12:40 - 00000838 _____ () C:\Windows\Tasks\Security Center Update - 3595630534.job
2015-02-24 15:58 - 2014-08-30 09:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-24 15:48 - 2013-01-26 10:12 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001UA.job
2015-02-24 15:34 - 2014-08-03 11:21 - 00000000 ___RD () C:\Users\jointsmouka\Dropbox
2015-02-24 15:34 - 2013-06-11 19:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 15:34 - 2013-01-26 09:39 - 01359584 _____ () C:\Windows\WindowsUpdate.log
2015-02-24 15:33 - 2013-01-26 18:13 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Skype
2015-02-24 15:07 - 2009-07-14 05:45 - 00035312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 15:07 - 2009-07-14 05:45 - 00035312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 15:01 - 2014-01-01 14:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Seznam.cz
2015-02-24 15:00 - 2014-08-03 11:20 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dropbox
2015-02-24 14:59 - 2014-07-18 04:33 - 00050591 _____ () C:\Users\jointsmouka\rgmnr
2015-02-24 14:58 - 2014-01-28 12:42 - 00001010 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-02-24 14:58 - 2014-01-28 12:42 - 00000994 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-02-24 14:57 - 2014-12-29 07:00 - 00005004 _____ () C:\Windows\setupact.log
2015-02-24 14:56 - 2014-12-21 17:02 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 14:56 - 2014-06-07 15:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-24 14:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-24 14:55 - 2015-01-10 07:00 - 00004924 _____ () C:\aaw7boot.log
2015-02-24 10:27 - 2013-01-26 18:49 - 00000000 ____D () C:\Windows\Minidump
2015-02-24 10:08 - 2009-07-14 06:13 - 00806776 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-24 09:06 - 2013-01-26 18:13 - 00000000 ____D () C:\ProgramData\Skype
2015-02-24 09:05 - 2013-01-26 18:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-24 09:02 - 2013-01-26 10:33 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-02-23 12:01 - 2014-08-04 11:02 - 00000496 _____ () C:\Windows\Tasks\Ad-Aware Update (Daily).job
2015-02-23 10:48 - 2013-01-26 10:12 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001Core.job
2015-02-23 02:39 - 2014-10-12 15:50 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-02-23 02:39 - 2013-01-26 18:12 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\vlc
2015-02-23 02:39 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-02-23 02:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-23 02:38 - 2013-01-26 10:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-02-22 18:54 - 2014-01-30 23:58 - 00003406 __RSH () C:\ProgramData\ntuser.pol
2015-02-22 18:52 - 2015-01-21 18:00 - 00000020 _____ () C:\Users\jointsmouka\AppData\Roaming\appdataFr3.bin
2015-02-22 18:01 - 2014-08-03 11:21 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 17:52 - 2013-01-26 10:02 - 00000000 ____D () C:\Users\jointsmouka
2015-02-20 21:41 - 2014-11-10 17:00 - 00000000 ____D () C:\Users\jointsmouka\Desktop\cestina
2015-02-17 23:11 - 2015-01-07 20:44 - 00006671 _____ () C:\Windows\system32\ScanResults.xml
2015-02-17 23:08 - 2015-01-07 20:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-02-16 17:59 - 2014-12-20 09:59 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-02-14 02:30 - 2015-01-09 15:32 - 00000000 ____D () C:\ProgramData\shoppia
2015-02-13 18:45 - 2014-12-21 13:51 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Omkics
2015-02-13 08:09 - 2014-04-10 02:55 - 00000000 ____D () C:\Windows\rescache
2015-02-13 07:01 - 2014-12-29 07:00 - 00008458 _____ () C:\Windows\PFRO.log
2015-02-12 14:21 - 2013-08-15 11:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 04:25 - 2014-12-21 10:50 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Ujgbmedia
2015-02-12 04:23 - 2009-07-14 05:45 - 00417304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 04:21 - 2015-01-24 13:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awithim
2015-02-12 04:21 - 2015-01-22 13:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Otyzxoa
2015-02-12 04:21 - 2015-01-18 13:08 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awaskem
2015-02-12 04:21 - 2015-01-16 13:00 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ampony
2015-02-12 04:21 - 2015-01-14 12:47 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Itohqi
2015-02-12 04:21 - 2015-01-10 12:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Hoodid
2015-02-12 04:21 - 2015-01-08 12:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Qoafesk
2015-02-12 04:21 - 2015-01-06 12:23 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dasaquut
2015-02-12 04:21 - 2015-01-04 12:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Yhiwaked
2015-02-12 04:21 - 2015-01-02 12:01 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Myagudi
2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Lumiut
2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ikycwe
2015-02-12 04:18 - 2014-12-11 13:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 04:18 - 2014-05-06 23:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 04:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-12 03:56 - 2013-03-13 20:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 03:45 - 2009-07-14 03:34 - 00000678 _____ () C:\Windows\win.ini
2015-02-12 03:10 - 2013-01-26 10:58 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 14:26 - 2014-09-14 16:26 - 00000000 ____D () C:\Users\jointsmouka\Desktop\programovani
2015-02-08 22:33 - 2013-02-11 11:41 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\BitTorrent
==================== Files in the root of some directories =======
2015-01-21 18:00 - 2015-02-22 18:52 - 0000020 _____ () C:\Users\jointsmouka\AppData\Roaming\appdataFr3.bin
2014-07-22 12:15 - 2014-07-22 12:15 - 0007644 _____ () C:\Users\jointsmouka\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\jointsmouka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcgk9hi.dll
C:\Users\jointsmouka\AppData\Local\Temp\ReimagePackage.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_115e2b35.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_1646c8f5.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_570db785.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_682638f4.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_694eaade.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_6c45a2ba.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_847d0832.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_93def093.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_942c57e4.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_9faf84ca.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_b9279954.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_d5de7f39.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_d731f275.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_dc93338b.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_df767b42.exe
C:\Users\jointsmouka\AppData\Local\Temp\UpdateFlashPlayer_e5df7f13.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 00:18
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (system) (Fixed) (Total:150 GB) (Free:34.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:295.76 GB) (Free:10.42 GB) NTFS
Available physical RAM: 1834.14 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 55%
==================== MBR and Partition Table ==================
TreeSize Professional V6.0.3 (64 bit) (HKLM\...\TreeSize Professional_is1) (Version: 6.0.3 - JAM Software)
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 95BB83A1)
Partition 2: (Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=295.8 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Ad-Aware Update (Daily).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001Core.job => C:\Users\jointsmouka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-883375831-3728679416-1811525376-1001UA.job => C:\Users\jointsmouka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Security Center Update - 3595630534.job => C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Security Center ==================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\jointsmouka\Desktop" je 4248 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (7.68 KiB) Staženo 39 x
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Pocitac je velice napaden, takze zazalohujte vsechna data (lepe, pokud uz se tak stalo). Ulozte na plochu rkill.exe, ukoncete vsechny aplikace a spustte - kdyby ho havet blokovala, pouzijte alternativni odkaz
- http://download.bleepingcomputer.com/grinler/rkill.exe
- http://download.bleepingcomputer.com/grinler/rkill.com
- obsah logu vytvoreneho take na plose (rkill.txt) zaslete v pristi odpovedi
- nerestartujte ted pocitac jinak prijdete o ucinek rkillu
Ulozte na plochu ComboFix.exe - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete antiviry a vsechny real-time ochrany
- spustte ComboFix jako spravce (lepe pod uctem s administratorskym opravnenim)
- s licencnimi podminkami souhlaste - Ano
- pokud je nabidnuta instalace konzoly pro zotaveni, souhlaste
- v prubehu skenovani nechte PC v klidu - nic nespoustejte a do okna CombFixu neklikejte
- vysledek skenu naleznete v C:\ComboFix.txt, jehoz obsah mi zkopirujte do pristi odpovedi.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
jointsmouka
- Návštěvník
- Příspěvky: 19
- Registrován: 24 úno 2015 15:44
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 02/24/2015 04:37:43 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe (PID: 2148) [UP-HEUR]
* C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe (PID: 2316) [UP-HEUR]
* C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe (PID: 2472) [UP-HEUR]
* C:\Windows\SysWOW64\ebmunem.exe (PID: 2280) [WD-HEUR]
* C:\Windows\inf\mnccdgjd\mnccdgjd.exe (PID: 5032) [WD-HEUR]
* C:\Users\jointsmouka\AppData\Roaming\Microsoft\Network\inet32f.exe (PID: 6852) [UP-HEUR]
6 proccesses terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
::1 localhost
94.242.254.156 www.google-analytics.com.
94.242.254.156 google-analytics.com.
94.242.254.156 connect.facebook.net.
85.25.107.101 www.google-analytics.com.
85.25.107.101 google-analytics.com.
85.25.107.101 connect.facebook.net.
85.25.79.99 www.google-analytics.com.
85.25.79.99 google-analytics.com.
85.25.79.99 connect.facebook.net.
Program finished at: 02/24/2015 04:39:06 PM
Execution time: 0 hours(s), 1 minute(s), and 22 seconds(s)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 02/24/2015 04:37:43 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe (PID: 2148) [UP-HEUR]
* C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe (PID: 2316) [UP-HEUR]
* C:\Users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe (PID: 2472) [UP-HEUR]
* C:\Windows\SysWOW64\ebmunem.exe (PID: 2280) [WD-HEUR]
* C:\Windows\inf\mnccdgjd\mnccdgjd.exe (PID: 5032) [WD-HEUR]
* C:\Users\jointsmouka\AppData\Roaming\Microsoft\Network\inet32f.exe (PID: 6852) [UP-HEUR]
6 proccesses terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
::1 localhost
94.242.254.156 www.google-analytics.com.
94.242.254.156 google-analytics.com.
94.242.254.156 connect.facebook.net.
85.25.107.101 www.google-analytics.com.
85.25.107.101 google-analytics.com.
85.25.107.101 connect.facebook.net.
85.25.79.99 www.google-analytics.com.
85.25.79.99 google-analytics.com.
85.25.79.99 connect.facebook.net.
Program finished at: 02/24/2015 04:39:06 PM
Execution time: 0 hours(s), 1 minute(s), and 22 seconds(s)
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Pokracujte ComboFixem. Jdu ted na cca 3 hodiny pryc, kolem 8. se na to vrhnem poradne.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
jointsmouka
- Návštěvník
- Příspěvky: 19
- Registrován: 24 úno 2015 15:44
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Co to je Combofix? Mate odkaz zde na foru, prosim?
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Kolega promine můj vstup 
Stáhni si zde
a ulož ho na plochu.
návod na použití: http://www.bleepingcomputer.com/combofi ... t-combofix
Ukonči všechna aktivní okna,vypni Antispy a Antivir a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna a nic nespouštěj
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
-
jointsmouka
- Návštěvník
- Příspěvky: 19
- Registrován: 24 úno 2015 15:44
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
ComboFix 15-02-16.01 - jointsmouka 24.02.2015 16:56:31.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1033.18.4094.2442 [GMT 1:00]
Spuštěný z: c:\users\jointsmouka\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\8022386465577498893UL
c:\programdata\8022386465577498893UL\4ff6e7b3db4d05d49eed799c8278ae2b.ini
c:\programdata\RegualarDeiaLas
c:\programdata\RegualarDeiaLas\FJmuvQFwWOfZid.dat
c:\programdata\RegualarDeiaLas\FJmuvQFwWOfZid.tlb
c:\programdata\SavErExtenSion
c:\programdata\SavErExtenSion\nF0ldDzHowKuSv.dat
c:\programdata\SavErExtenSion\nF0ldDzHowKuSv.tlb
c:\programdata\shoppia
c:\programdata\shoppia\8KCVB5cQdItgNM.dat
c:\programdata\shoppia\8KCVB5cQdItgNM.dll
c:\programdata\shoppia\8KCVB5cQdItgNM.tlb
c:\programdata\shoppia\8KCVB5cQdItgNM.x64.dll
c:\programdata\Tbccint
c:\programdata\Tbccint\Multi\CT3329621\configutaion.json
c:\programdata\Tbccint\Multi\CT3329621\SetupIcon.ico
c:\programdata\Tbccint\Multi\CT3329621\UninstallerUI.exe
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\background.html
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\content.js
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\lsdb.js
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\manifest.json
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\y63In4.js
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\000003.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\MANIFEST-000002
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\000005.ldb
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\000036.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\LOG.old
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\MANIFEST-000035
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\000005.ldb
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\000036.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\LOG.old
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\MANIFEST-000035
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\000003.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\MANIFEST-000002
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\000003.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\MANIFEST-000002
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_abnidikemhjiiahmggkngjddoononoal_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_abnidikemhjiiahmggkngjddoononoal_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bpimjanmknifnoiajikmhmhmlihdccbd_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bpimjanmknifnoiajikmhmhmlihdccbd_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cbnfmnfimplhagfgeecjneakmfbepndm_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cbnfmnfimplhagfgeecjneakmfbepndm_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ckcbfnpodigdcbjjmhmolhkhlfbepnca_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ckcbfnpodigdcbjjmhmolhkhlfbepnca_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ddiblodcpaaieoopolanaoecbhicgjfo_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ddiblodcpaaieoopolanaoecbhicgjfo_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dkabllihfiejmheckbgnmafgnackfeom_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dkabllihfiejmheckbgnmafgnackfeom_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlggapfljcnbmajohkhhapaoajopbncm_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlggapfljcnbmajohkhhapaoajopbncm_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehloibeiaffhibffchiobihgcainmcep_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehloibeiaffhibffchiobihgcainmcep_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fkahopbinblfeaeepjpbjlpabgpbfkkn_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fkahopbinblfeaeepjpbjlpabgpbfkkn_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmbihhfpccaimjeinjpfgoflnaebfeda_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmbihhfpccaimjeinjpfgoflnaebfeda_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_geklbcigmpeljogplgbgnakkbajkkmbb_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_geklbcigmpeljogplgbgnakkbajkkmbb_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ginepjojjbmfbfiibfdebddmbkjmgfle_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ginepjojjbmfbfiibfdebddmbkjmgfle_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ibgbdgngjflpkahkoabmiijlaggkinaj_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ibgbdgngjflpkahkoabmiijlaggkinaj_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_impaepofmnammebeenafgmllpnjaiime_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_impaepofmnammebeenafgmllpnjaiime_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipikiaejjblmdopojhpejjmbedhlibno_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipikiaejjblmdopojhpejjmbedhlibno_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgdhgbjlokeheknpnmiidkbdliimhapm_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgdhgbjlokeheknpnmiidkbdliimhapm_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mmebmmnpohfhoknnlpohjaembcipocaa_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mmebmmnpohfhoknnlpohjaembcipocaa_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ngicopfkgbodejbbfalbmobdpjebhhmb_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ngicopfkgbodejbbfalbmobdpjebhhmb_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\jointsmouka\AppData\Local\Tbccint
c:\users\jointsmouka\AppData\Local\Tbccint\Community Alerts\Alert.dll
c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
c:\users\jointsmouka\AppData\Roaming\Microsoft\Network\inet32f.exe
c:\users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe
c:\users\jointsmouka\AppData\Roaming\poclbm
c:\users\jointsmouka\AppData\Roaming\poclbm\poclbm.ini
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\background.html
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\content.js
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\lsdb.js
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\manifest.json
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\y63In4.js
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmbihhfpccaimjeinjpfgoflnaebfeda_0.localstorage-journal
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmbihhfpccaimjeinjpfgoflnaebfeda_0.localstorage
c:\windows\Tasks\Security Center Update - 3595630534.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
-------\Service_SecurityCenterServer3595630534
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-24 do 2015-02-24 )))))))))))))))))))))))))))))))
.
.
2015-02-24 15:20 . 2015-02-24 15:22 -------- d-----w- C:\FRST
2015-02-24 14:38 . 2015-02-24 14:39 -------- d-----w- c:\program files\trend micro
2015-02-24 14:16 . 2015-02-24 14:16 -------- d-----w- c:\users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-24 09:25 . 2015-02-24 09:25 -------- d-----w- c:\users\jointsmouka\AppData\Local\Steam
2015-02-17 18:06 . 2015-02-17 18:06 164352 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpCE6B.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fe2370204997c61229b94a73ea1ee9ad\Hugo x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ff9c59e42ed0618bf71d4c55126940f3\Lite x264 Codec Pack.exe
2015-02-16 00:29 . 2015-02-16 00:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ffa75b00250cdd63a815cce7bb008e0d\Express Scribe Pro.exe
2015-02-15 17:57 . 2015-02-15 17:57 268568 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpF23F.exe
2015-02-13 17:43 . 2015-02-13 17:43 272664 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpF0FF.exe
2015-02-12 13:10 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-12 13:10 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-12 13:10 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-12 13:10 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-11 17:36 . 2015-02-11 17:36 256280 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpDF0A.exe
2015-02-11 13:34 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 13:33 . 2015-01-12 02:59 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-02-11 13:30 . 2014-12-12 05:31 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-11 13:30 . 2014-12-12 05:07 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-11 13:29 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-11 13:28 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 13:28 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-09 17:33 . 2015-02-09 17:33 421888 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp110A.exe
2015-02-07 17:31 . 2015-02-07 17:31 417792 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp5CE0.exe
2015-02-05 17:16 . 2015-02-05 17:16 139264 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp7872.exe
2015-02-04 23:39 . 2015-02-04 23:39 -------- d-----w- c:\programdata\BlockIt Ad remover
2015-02-03 17:03 . 2015-02-03 17:03 253848 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp4AE5.exe
2015-02-01 16:51 . 2015-02-01 16:51 194680 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpD83D.exe
2015-01-30 16:41 . 2015-01-30 16:41 442368 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpABF7.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-22 17:52 . 2015-01-21 17:00 20 ----a-w- c:\users\jointsmouka\AppData\Roaming\appdataFr3.bin
2015-02-16 03:21 . 2015-02-24 14:03 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E33A4BA3-BF60-443F-8655-33340BE058BB}\mpengine.dll
2015-02-16 00:29 . 2015-02-16 00:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\284bb8a9eec3df4c206dab6a04702aa6\Uniblue DriverScanner.exe
2015-02-12 02:10 . 2013-01-26 09:58 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-01-20 12:04 . 2015-01-20 12:04 117760 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpA5B9.exe
2015-01-18 15:53 . 2015-01-18 15:53 196384 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpECF1.exe
2015-01-16 15:46 . 2015-01-16 15:46 139264 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpA5EA.exe
2015-01-16 06:26 . 2013-01-26 09:33 35688 ----a-w- c:\windows\system32\LMIport.dll
2015-01-16 06:26 . 2013-01-26 09:33 107392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2015-01-16 06:26 . 2013-01-26 09:33 92520 ----a-w- c:\windows\system32\LMIinit.dll
2015-01-15 07:42 . 2015-02-11 13:35 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-01-15 07:41 . 2015-02-11 13:35 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-01-14 15:34 . 2015-01-14 15:34 134920 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp1E7D.exe
2015-01-14 05:44 . 2015-02-11 13:34 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-01-14 05:44 . 2015-02-11 13:34 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-01-14 05:41 . 2015-02-11 13:34 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-01-13 02:49 . 2015-02-11 13:35 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-01-12 15:23 . 2015-01-12 15:23 159744 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp3C49.exe
2015-01-12 02:08 . 2015-02-11 13:34 503296 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-01-12 01:00 . 2015-02-11 13:34 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2015-01-10 15:20 . 2015-01-10 15:20 135168 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpF0FE.exe
2015-01-10 06:27 . 2015-02-11 13:34 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-01-10 06:27 . 2015-02-11 13:34 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-01-10 06:27 . 2015-02-11 13:34 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-01-10 06:27 . 2015-02-11 13:34 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-01-10 06:27 . 2015-02-11 13:34 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-01-08 15:08 . 2015-01-08 15:08 183296 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp664F.exe
2015-01-06 17:07 . 2015-01-06 17:07 615936 ----a-w- c:\windows\AutoKMS.exe
2015-01-06 14:54 . 2015-01-06 14:54 176128 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp1443.exe
2015-01-04 14:48 . 2015-01-04 14:48 129728 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpFA43.exe
2015-01-02 14:45 . 2015-01-02 14:45 318464 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp7B1C.exe
2014-12-31 14:42 . 2014-12-31 14:42 310272 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpE4F5.exe
2014-12-29 14:40 . 2014-12-29 14:40 251024 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp3D58.exe
2014-12-27 14:30 . 2014-12-27 14:30 310272 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp2C34.exe
2014-12-25 14:26 . 2014-12-25 14:26 281088 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp67AB.exe
2014-12-24 18:51 . 2014-12-24 18:51 189952 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp6044.exe
2014-12-23 10:36 . 2014-12-23 10:36 251304 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpA2D2.exe
2014-12-22 23:41 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-21 09:50 . 2014-12-21 09:50 139332 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp2889.exe
2014-12-20 08:59 . 2014-12-20 08:59 2242560 ----a-w- c:\programdata\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-12-19 03:06 . 2015-01-14 06:14 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 06:14 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 06:14 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-08 02:46 . 2015-02-11 13:28 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2014-12-06 04:17 . 2015-01-14 06:14 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 06:14 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 06:14 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"cz.seznam.software.autoupdate"="c:\users\jointsmouka\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\jointsmouka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"CloudSystemBooster"="d:\install\CSB\Cloud System Booster\CloudSystemBooster.exe" [2014-05-29 527544]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-01-23 31087200]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Ujgbmedia"="c:\users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe" [2014-12-21 139332]
"Anpworks"="c:\users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.dll" [2015-02-12 11776]
"Omkics"="c:\users\jointsmouka\AppData\Local\Omkics\loader_u.dll" [2015-02-13 12800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"MSStp"="c:\windows\system32\msstp.vbe" [2014-01-13 1418]
"mnccdgjdSrv"="c:\windows\inf\mnccdgjd.vbe" [2014-01-13 1338]
"msphtovSrv"="c:\windows\system32\msphtov.vbe" [2013-12-10 583]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"Ad-Watch"="c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
c:\users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-2-11 42555824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 2384af53;Network Acceleration;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz134;cpuz134;c:\users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64;c:\windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys;c:\windows\SYSNATIVE\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [x]
S1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;c:\windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys;c:\windows\SYSNATIVE\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AnviCsbSvc;Anvi Cloud System Booster Speed Service;D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe;D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 ReimageRealTimeProtector;Reimage Real Time Protector;c:\program files\Reimage\Reimage Protector\ReiGuard.exe;c:\program files\Reimage\Reimage Protector\ReiGuard.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C525(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-21 16:03 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-23 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34]
.
2015-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 16:02]
.
2015-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 16:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1SecureIconsProvider]
@="{FC9D8189-520A-4417-AED7-9EAC810C6FBA}"
[HKEY_CLASSES_ROOT\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}]
2014-12-20 08:59 2733056 ----a-w- c:\programdata\Microsoft\Secure\Icons\SecureIconsProvider.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-11-29 57928]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2462536]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296]
"AutoKMS"="c:\windows\AutoKMS.exe" [2015-01-06 615936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.gboxapp.com/
mStart Page = hxxp://search.gboxapp.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{878EC04A-E66B-447C-BB01-A651764F78C1}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{70ba1ce1-4478-4bf6-8028-a91b017bd1c2} - c:\programdata\shoppia\8KCVB5cQdItgNM.dll
Wow6432Node-HKCU-Run-Ciidifamo - c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
Wow6432Node-HKCU-Run-Ezevlefehov - c:\users\jointsmouka\AppData\Roaming\Utadxou\vuyqb.exe
Wow6432Node-HKCU-Run-Hiwunimyy - c:\users\jointsmouka\AppData\Roaming\Uzqece\yhebl.exe
Wow6432Node-HKCU-Run-Oglinabuqunorie - c:\users\jointsmouka\AppData\Roaming\Etnapaw\uxarpie.exe
Wow6432Node-HKCU-Run-Laekes - c:\users\jointsmouka\AppData\Roaming\Ixvait\haleehr.exe
Wow6432Node-HKCU-Run-Welayfavneas - c:\users\jointsmouka\AppData\Roaming\Myagudi\aduseso.exe
Wow6432Node-HKCU-Run-Zolaazcawe - c:\users\jointsmouka\AppData\Roaming\Hoodid\ukneas.exe
Wow6432Node-HKCU-Run-Ityxxiemhiylom - c:\users\jointsmouka\AppData\Roaming\Awithim\ibqeyz.exe
Wow6432Node-HKCU-Run-Vesisoby - c:\users\jointsmouka\AppData\Roaming\Itohqi\vovaoqa.exe
Wow6432Node-HKCU-Run-Wuuzviakuvha - c:\users\jointsmouka\AppData\Roaming\Ampony\nyepcue.exe
Wow6432Node-HKCU-Run-Zigyrahe - c:\users\jointsmouka\AppData\Roaming\Dasaquut\ipodsa.exe
Wow6432Node-HKCU-Run-Cycyohnazuex - c:\users\jointsmouka\AppData\Roaming\Qoafesk\yxdaw.exe
Wow6432Node-HKCU-Run-Coivr - c:\users\jointsmouka\AppData\Roaming\Otyzxoa\ygcyygv.exe
Wow6432Node-HKCU-Run-Oxxavoacufy - c:\users\jointsmouka\AppData\Roaming\Yhiwaked\etryib.exe
Wow6432Node-HKCU-Run-Yfcuoqdyysewyx - c:\users\jointsmouka\AppData\Roaming\Lumiut\zuyza.exe
Wow6432Node-HKCU-Run-Ashaulgoe - c:\users\jointsmouka\AppData\Roaming\Awaskem\evovdie.exe
Wow6432Node-HKLM-Run-Ciidifamo - c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{70ba1ce1-4478-4bf6-8028-a91b017bd1c2} - c:\programdata\shoppia\8KCVB5cQdItgNM.x64.dll
HKLM-Run-Ciidifamo - c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
AddRemove-{274E3C5C-178E-EAE2-A52F-2863C0EECD46} - c:\programdata\SavErExtenSion\nF0ldDzHowKuSv.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{2384af53} - c:\progra~3\NETWOR~1\NETWOR~1.DLL
AddRemove-{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4} - c:\programdata\RegualarDeiaLas\FJmuvQFwWOfZid.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AnviCsbSvc]
"ImagePath"="D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AnviCsbSvc]
"ImagePath"="D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\install\CSB\Cloud System Booster\CSBSvc.exe
c:\windows\SysWOW64\regsvr32.exe
c:\users\jointsmouka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
c:\windows\SysWOW64\regsvr32.exe
c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\windows\SysWOW64\WScript.exe
c:\windows\SysWOW64\WScript.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\inf\mnccdgjd\mnccdgjd.exe
c:\program files (x86)\Internet Explorer\IEXPLORE.EXE
c:\program files (x86)\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Celkový čas: 2015-02-24 17:16:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-24 16:15
.
Před spuštěním: 37 196 234 752 bytes free
Po spuštění: 36 814 004 224 bytes free
.
- - End Of File - - CC8C2FF0715E49C0A826AB7C8E269242
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1033.18.4094.2442 [GMT 1:00]
Spuštěný z: c:\users\jointsmouka\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\8022386465577498893UL
c:\programdata\8022386465577498893UL\4ff6e7b3db4d05d49eed799c8278ae2b.ini
c:\programdata\RegualarDeiaLas
c:\programdata\RegualarDeiaLas\FJmuvQFwWOfZid.dat
c:\programdata\RegualarDeiaLas\FJmuvQFwWOfZid.tlb
c:\programdata\SavErExtenSion
c:\programdata\SavErExtenSion\nF0ldDzHowKuSv.dat
c:\programdata\SavErExtenSion\nF0ldDzHowKuSv.tlb
c:\programdata\shoppia
c:\programdata\shoppia\8KCVB5cQdItgNM.dat
c:\programdata\shoppia\8KCVB5cQdItgNM.dll
c:\programdata\shoppia\8KCVB5cQdItgNM.tlb
c:\programdata\shoppia\8KCVB5cQdItgNM.x64.dll
c:\programdata\Tbccint
c:\programdata\Tbccint\Multi\CT3329621\configutaion.json
c:\programdata\Tbccint\Multi\CT3329621\SetupIcon.ico
c:\programdata\Tbccint\Multi\CT3329621\UninstallerUI.exe
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\jointsmouka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\background.html
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\content.js
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\lsdb.js
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\manifest.json
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\y63In4.js
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\000003.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bpimjanmknifnoiajikmhmhmlihdccbd\MANIFEST-000002
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\000005.ldb
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\000036.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\LOG.old
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnfmnfimplhagfgeecjneakmfbepndm\MANIFEST-000035
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\000005.ldb
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\000036.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\LOG.old
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ckcbfnpodigdcbjjmhmolhkhlfbepnca\MANIFEST-000035
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\000003.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlggapfljcnbmajohkhhapaoajopbncm\MANIFEST-000002
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\000003.log
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\CURRENT
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\LOCK
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\LOG
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\geklbcigmpeljogplgbgnakkbajkkmbb\MANIFEST-000002
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_abnidikemhjiiahmggkngjddoononoal_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_abnidikemhjiiahmggkngjddoononoal_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bpimjanmknifnoiajikmhmhmlihdccbd_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bpimjanmknifnoiajikmhmhmlihdccbd_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cbnfmnfimplhagfgeecjneakmfbepndm_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cbnfmnfimplhagfgeecjneakmfbepndm_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ckcbfnpodigdcbjjmhmolhkhlfbepnca_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ckcbfnpodigdcbjjmhmolhkhlfbepnca_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ddiblodcpaaieoopolanaoecbhicgjfo_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ddiblodcpaaieoopolanaoecbhicgjfo_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dkabllihfiejmheckbgnmafgnackfeom_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dkabllihfiejmheckbgnmafgnackfeom_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlggapfljcnbmajohkhhapaoajopbncm_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlggapfljcnbmajohkhhapaoajopbncm_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehloibeiaffhibffchiobihgcainmcep_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehloibeiaffhibffchiobihgcainmcep_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fkahopbinblfeaeepjpbjlpabgpbfkkn_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fkahopbinblfeaeepjpbjlpabgpbfkkn_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmbihhfpccaimjeinjpfgoflnaebfeda_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmbihhfpccaimjeinjpfgoflnaebfeda_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_geklbcigmpeljogplgbgnakkbajkkmbb_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_geklbcigmpeljogplgbgnakkbajkkmbb_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ginepjojjbmfbfiibfdebddmbkjmgfle_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ginepjojjbmfbfiibfdebddmbkjmgfle_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ibgbdgngjflpkahkoabmiijlaggkinaj_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ibgbdgngjflpkahkoabmiijlaggkinaj_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_impaepofmnammebeenafgmllpnjaiime_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_impaepofmnammebeenafgmllpnjaiime_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipikiaejjblmdopojhpejjmbedhlibno_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipikiaejjblmdopojhpejjmbedhlibno_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgdhgbjlokeheknpnmiidkbdliimhapm_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mgdhgbjlokeheknpnmiidkbdliimhapm_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mmebmmnpohfhoknnlpohjaembcipocaa_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mmebmmnpohfhoknnlpohjaembcipocaa_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ngicopfkgbodejbbfalbmobdpjebhhmb_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ngicopfkgbodejbbfalbmobdpjebhhmb_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
c:\users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\jointsmouka\AppData\Local\Tbccint
c:\users\jointsmouka\AppData\Local\Tbccint\Community Alerts\Alert.dll
c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
c:\users\jointsmouka\AppData\Roaming\Microsoft\Network\inet32f.exe
c:\users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupdt32f.exe
c:\users\jointsmouka\AppData\Roaming\poclbm
c:\users\jointsmouka\AppData\Roaming\poclbm\poclbm.ini
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\background.html
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\content.js
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\lsdb.js
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\manifest.json
c:\users\LogMeInRemoteUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bcggelcbnajpnibadpfnbinflakbnlim\2.2\pEyDXsTBa0.js
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\background.html
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\content.js
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\lsdb.js
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\manifest.json
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmbihhfpccaimjeinjpfgoflnaebfeda\1.0_0\y63In4.js
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmbihhfpccaimjeinjpfgoflnaebfeda_0.localstorage-journal
c:\windows\SysWow64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmbihhfpccaimjeinjpfgoflnaebfeda_0.localstorage
c:\windows\Tasks\Security Center Update - 3595630534.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
-------\Service_SecurityCenterServer3595630534
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-24 do 2015-02-24 )))))))))))))))))))))))))))))))
.
.
2015-02-24 15:20 . 2015-02-24 15:22 -------- d-----w- C:\FRST
2015-02-24 14:38 . 2015-02-24 14:39 -------- d-----w- c:\program files\trend micro
2015-02-24 14:16 . 2015-02-24 14:16 -------- d-----w- c:\users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-24 09:25 . 2015-02-24 09:25 -------- d-----w- c:\users\jointsmouka\AppData\Local\Steam
2015-02-17 18:06 . 2015-02-17 18:06 164352 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpCE6B.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fe2370204997c61229b94a73ea1ee9ad\Hugo x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ff9c59e42ed0618bf71d4c55126940f3\Lite x264 Codec Pack.exe
2015-02-16 00:29 . 2015-02-16 00:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ffa75b00250cdd63a815cce7bb008e0d\Express Scribe Pro.exe
2015-02-15 17:57 . 2015-02-15 17:57 268568 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpF23F.exe
2015-02-13 17:43 . 2015-02-13 17:43 272664 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpF0FF.exe
2015-02-12 13:10 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-12 13:10 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-12 13:10 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-12 13:10 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-11 17:36 . 2015-02-11 17:36 256280 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpDF0A.exe
2015-02-11 13:34 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 13:33 . 2015-01-12 02:59 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-02-11 13:30 . 2014-12-12 05:31 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-11 13:30 . 2014-12-12 05:07 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-11 13:29 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-11 13:28 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 13:28 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-09 17:33 . 2015-02-09 17:33 421888 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp110A.exe
2015-02-07 17:31 . 2015-02-07 17:31 417792 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp5CE0.exe
2015-02-05 17:16 . 2015-02-05 17:16 139264 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp7872.exe
2015-02-04 23:39 . 2015-02-04 23:39 -------- d-----w- c:\programdata\BlockIt Ad remover
2015-02-03 17:03 . 2015-02-03 17:03 253848 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp4AE5.exe
2015-02-01 16:51 . 2015-02-01 16:51 194680 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpD83D.exe
2015-01-30 16:41 . 2015-01-30 16:41 442368 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpABF7.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-22 17:52 . 2015-01-21 17:00 20 ----a-w- c:\users\jointsmouka\AppData\Roaming\appdataFr3.bin
2015-02-16 03:21 . 2015-02-24 14:03 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E33A4BA3-BF60-443F-8655-33340BE058BB}\mpengine.dll
2015-02-16 00:29 . 2015-02-16 00:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\284bb8a9eec3df4c206dab6a04702aa6\Uniblue DriverScanner.exe
2015-02-12 02:10 . 2013-01-26 09:58 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-01-20 12:04 . 2015-01-20 12:04 117760 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpA5B9.exe
2015-01-18 15:53 . 2015-01-18 15:53 196384 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpECF1.exe
2015-01-16 15:46 . 2015-01-16 15:46 139264 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpA5EA.exe
2015-01-16 06:26 . 2013-01-26 09:33 35688 ----a-w- c:\windows\system32\LMIport.dll
2015-01-16 06:26 . 2013-01-26 09:33 107392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2015-01-16 06:26 . 2013-01-26 09:33 92520 ----a-w- c:\windows\system32\LMIinit.dll
2015-01-15 07:42 . 2015-02-11 13:35 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-01-15 07:41 . 2015-02-11 13:35 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-01-14 15:34 . 2015-01-14 15:34 134920 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp1E7D.exe
2015-01-14 05:44 . 2015-02-11 13:34 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-01-14 05:44 . 2015-02-11 13:34 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-01-14 05:41 . 2015-02-11 13:34 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-01-13 02:49 . 2015-02-11 13:35 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-01-12 15:23 . 2015-01-12 15:23 159744 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp3C49.exe
2015-01-12 02:08 . 2015-02-11 13:34 503296 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-01-12 01:00 . 2015-02-11 13:34 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2015-01-10 15:20 . 2015-01-10 15:20 135168 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpF0FE.exe
2015-01-10 06:27 . 2015-02-11 13:34 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-01-10 06:27 . 2015-02-11 13:34 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-01-10 06:27 . 2015-02-11 13:34 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-01-10 06:27 . 2015-02-11 13:34 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-01-10 06:27 . 2015-02-11 13:34 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-01-08 15:08 . 2015-01-08 15:08 183296 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp664F.exe
2015-01-06 17:07 . 2015-01-06 17:07 615936 ----a-w- c:\windows\AutoKMS.exe
2015-01-06 14:54 . 2015-01-06 14:54 176128 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp1443.exe
2015-01-04 14:48 . 2015-01-04 14:48 129728 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpFA43.exe
2015-01-02 14:45 . 2015-01-02 14:45 318464 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp7B1C.exe
2014-12-31 14:42 . 2014-12-31 14:42 310272 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpE4F5.exe
2014-12-29 14:40 . 2014-12-29 14:40 251024 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp3D58.exe
2014-12-27 14:30 . 2014-12-27 14:30 310272 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp2C34.exe
2014-12-25 14:26 . 2014-12-25 14:26 281088 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp67AB.exe
2014-12-24 18:51 . 2014-12-24 18:51 189952 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp6044.exe
2014-12-23 10:36 . 2014-12-23 10:36 251304 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpA2D2.exe
2014-12-22 23:41 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-21 09:50 . 2014-12-21 09:50 139332 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmp2889.exe
2014-12-20 08:59 . 2014-12-20 08:59 2242560 ----a-w- c:\programdata\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-12-19 03:06 . 2015-01-14 06:14 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 06:14 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 06:14 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-08 02:46 . 2015-02-11 13:28 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2014-12-06 04:17 . 2015-01-14 06:14 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 06:14 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 06:14 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"cz.seznam.software.autoupdate"="c:\users\jointsmouka\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\jointsmouka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"CloudSystemBooster"="d:\install\CSB\Cloud System Booster\CloudSystemBooster.exe" [2014-05-29 527544]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-01-23 31087200]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Ujgbmedia"="c:\users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe" [2014-12-21 139332]
"Anpworks"="c:\users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.dll" [2015-02-12 11776]
"Omkics"="c:\users\jointsmouka\AppData\Local\Omkics\loader_u.dll" [2015-02-13 12800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"MSStp"="c:\windows\system32\msstp.vbe" [2014-01-13 1418]
"mnccdgjdSrv"="c:\windows\inf\mnccdgjd.vbe" [2014-01-13 1338]
"msphtovSrv"="c:\windows\system32\msphtov.vbe" [2013-12-10 583]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"Ad-Watch"="c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
c:\users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-2-11 42555824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 2384af53;Network Acceleration;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz134;cpuz134;c:\users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64;c:\windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys;c:\windows\SYSNATIVE\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [x]
S1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64;c:\windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys;c:\windows\SYSNATIVE\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AnviCsbSvc;Anvi Cloud System Booster Speed Service;D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe;D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 ReimageRealTimeProtector;Reimage Real Time Protector;c:\program files\Reimage\Reimage Protector\ReiGuard.exe;c:\program files\Reimage\Reimage Protector\ReiGuard.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C525(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-21 16:03 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-23 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34]
.
2015-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 16:02]
.
2015-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 16:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1SecureIconsProvider]
@="{FC9D8189-520A-4417-AED7-9EAC810C6FBA}"
[HKEY_CLASSES_ROOT\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}]
2014-12-20 08:59 2733056 ----a-w- c:\programdata\Microsoft\Secure\Icons\SecureIconsProvider.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-11-29 57928]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2462536]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296]
"AutoKMS"="c:\windows\AutoKMS.exe" [2015-01-06 615936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.gboxapp.com/
mStart Page = hxxp://search.gboxapp.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{878EC04A-E66B-447C-BB01-A651764F78C1}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{70ba1ce1-4478-4bf6-8028-a91b017bd1c2} - c:\programdata\shoppia\8KCVB5cQdItgNM.dll
Wow6432Node-HKCU-Run-Ciidifamo - c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
Wow6432Node-HKCU-Run-Ezevlefehov - c:\users\jointsmouka\AppData\Roaming\Utadxou\vuyqb.exe
Wow6432Node-HKCU-Run-Hiwunimyy - c:\users\jointsmouka\AppData\Roaming\Uzqece\yhebl.exe
Wow6432Node-HKCU-Run-Oglinabuqunorie - c:\users\jointsmouka\AppData\Roaming\Etnapaw\uxarpie.exe
Wow6432Node-HKCU-Run-Laekes - c:\users\jointsmouka\AppData\Roaming\Ixvait\haleehr.exe
Wow6432Node-HKCU-Run-Welayfavneas - c:\users\jointsmouka\AppData\Roaming\Myagudi\aduseso.exe
Wow6432Node-HKCU-Run-Zolaazcawe - c:\users\jointsmouka\AppData\Roaming\Hoodid\ukneas.exe
Wow6432Node-HKCU-Run-Ityxxiemhiylom - c:\users\jointsmouka\AppData\Roaming\Awithim\ibqeyz.exe
Wow6432Node-HKCU-Run-Vesisoby - c:\users\jointsmouka\AppData\Roaming\Itohqi\vovaoqa.exe
Wow6432Node-HKCU-Run-Wuuzviakuvha - c:\users\jointsmouka\AppData\Roaming\Ampony\nyepcue.exe
Wow6432Node-HKCU-Run-Zigyrahe - c:\users\jointsmouka\AppData\Roaming\Dasaquut\ipodsa.exe
Wow6432Node-HKCU-Run-Cycyohnazuex - c:\users\jointsmouka\AppData\Roaming\Qoafesk\yxdaw.exe
Wow6432Node-HKCU-Run-Coivr - c:\users\jointsmouka\AppData\Roaming\Otyzxoa\ygcyygv.exe
Wow6432Node-HKCU-Run-Oxxavoacufy - c:\users\jointsmouka\AppData\Roaming\Yhiwaked\etryib.exe
Wow6432Node-HKCU-Run-Yfcuoqdyysewyx - c:\users\jointsmouka\AppData\Roaming\Lumiut\zuyza.exe
Wow6432Node-HKCU-Run-Ashaulgoe - c:\users\jointsmouka\AppData\Roaming\Awaskem\evovdie.exe
Wow6432Node-HKLM-Run-Ciidifamo - c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{70ba1ce1-4478-4bf6-8028-a91b017bd1c2} - c:\programdata\shoppia\8KCVB5cQdItgNM.x64.dll
HKLM-Run-Ciidifamo - c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe
AddRemove-{274E3C5C-178E-EAE2-A52F-2863C0EECD46} - c:\programdata\SavErExtenSion\nF0ldDzHowKuSv.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{2384af53} - c:\progra~3\NETWOR~1\NETWOR~1.DLL
AddRemove-{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4} - c:\programdata\RegualarDeiaLas\FJmuvQFwWOfZid.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AnviCsbSvc]
"ImagePath"="D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AnviCsbSvc]
"ImagePath"="D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\install\CSB\Cloud System Booster\CSBSvc.exe
c:\windows\SysWOW64\regsvr32.exe
c:\users\jointsmouka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
c:\windows\SysWOW64\regsvr32.exe
c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\windows\SysWOW64\WScript.exe
c:\windows\SysWOW64\WScript.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\inf\mnccdgjd\mnccdgjd.exe
c:\program files (x86)\Internet Explorer\IEXPLORE.EXE
c:\program files (x86)\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Celkový čas: 2015-02-24 17:16:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-24 16:15
.
Před spuštěním: 37 196 234 752 bytes free
Po spuštění: 36 814 004 224 bytes free
.
- - End Of File - - CC8C2FF0715E49C0A826AB7C8E269242
A36C5E4F47E84449FF07ED3517B43A31
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Teď trpělivě vyčkej kolegova návratu - připraví ti Sript - já mizím 
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Diky za vypomoc 
Pokud jeste nemate, presunte ComboFix na plochu.
- Otevrete Poznamkovy blok (Start -> Spustit -> notepad)
- zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)
Kód: Vybrat vše
KillAll:: Driver:: 2384af53 {01531192-f7ef-415f-a549-cfdb11836731}w64 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64 Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cz.seznam.software.autoupdate"=- "cz.seznam.software.szndesktop"=- "DAEMON Tools Lite"=- "Ujgbmedia"=- "Anpworks"=- "Omkics"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "MSStp"=- "mnccdgjdSrv"=- "msphtovSrv"=- "seznam-listicka-distribuce"=- "SunJavaUpdateSched"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"=- "BCSSync"=- "AutoKMS"=- Folder:: c:\users\jointsmouka\AppData\Local\Ujgbmedia "Omkics"="c:\users\jointsmouka\AppData\Local\Omkics c:\programdata\shoppia c:\programdata\SavErExtenSion c:\programdata\RegualarDeiaLas c:\windows\inf\mnccdgjd File:: c:\windows\system32\msstp.vbe c:\windows\system32\msstp.inf c:\windows\inf\mnccdgjd.vbe c:\windows\inf\mnccdgjd.inf c:\windows\system32\msphtov.vbe c:\windows\system32\msphtov.inf c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk c:\windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys c:\windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys c:\windows\AutoKMS.exe DDS:: uStart Page = hxxp://search.gboxapp.com/ mStart Page = hxxp://search.gboxapp.com/ Trusted Zone: mojebanka.cz\etrading Trusted Zone: mojebanka.cz\www Trusted Zone: mojebanka.cz\etrading Trusted Zone: mojebanka.cz\www RegLock:: [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] ClearJavaCache:: Reboot:: - Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
- Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.
Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraciPokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
jointsmouka
- Návštěvník
- Příspěvky: 19
- Registrován: 24 úno 2015 15:44
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
ComboFix 15-02-16.01 - jointsmouka 24.02.2015 19:32:27.2.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1033.18.4094.1926 [GMT 1:00]
Spuštěný z: c:\users\jointsmouka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\jointsmouka\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
"c:\windows\AutoKMS.exe"
"c:\windows\inf\mnccdgjd.inf"
"c:\windows\inf\mnccdgjd.vbe"
"c:\windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys"
"c:\windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys"
"c:\windows\system32\msphtov.inf"
"c:\windows\system32\msphtov.vbe"
"c:\windows\system32\msstp.inf"
"c:\windows\system32\msstp.vbe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\jointsmouka\AppData\Local\Ujgbmedia
c:\users\jointsmouka\AppData\Local\Ujgbmedia\{5738E5E1-8487-E254-D5B7-D1C6D60F3266}
c:\users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.dll
c:\users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.idx
c:\users\jointsmouka\AppData\Local\Ujgbmedia\lxa3usb1.idx
c:\users\jointsmouka\AppData\Local\Ujgbmedia\rfvelocityshader.dll
c:\users\jointsmouka\AppData\Local\Ujgbmedia\rfvelocityshader.idx
c:\users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe
c:\windows\inf\mnccdgjd
c:\windows\inf\mnccdgjd\bitstreams\fpgaminer_top_fixed7_197MHz.ncd
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15b1.bit
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15d1.bit
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15d3.bit
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15d4.bin
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15d4.bit
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15y1.bin
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15y1.bit
c:\windows\inf\mnccdgjd\diablo130302.cl
c:\windows\inf\mnccdgjd\diakgcn121016.cl
c:\windows\inf\mnccdgjd\libcurl.dll
c:\windows\inf\mnccdgjd\libeay32.dll
c:\windows\inf\mnccdgjd\libidn-11.dll
c:\windows\inf\mnccdgjd\librtmp.dll
c:\windows\inf\mnccdgjd\libssh2.dll
c:\windows\inf\mnccdgjd\libusb-1.0.dll
c:\windows\inf\mnccdgjd\mnccdgjd.exe
c:\windows\inf\mnccdgjd\phatk121016.cl
c:\windows\inf\mnccdgjd\poclbm130302.cl
c:\windows\inf\mnccdgjd\scrypt130511.cl
c:\windows\inf\mnccdgjd\ssleay32.dll
c:\windows\inf\mnccdgjd\zlib1.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_{01531192-F7EF-415F-A549-CFDB11836731}W64
-------\Legacy_{3F538614-B636-4023-9EC2-564ADA4B07B3}GW64
-------\Service_{01531192-f7ef-415f-a549-cfdb11836731}w64
-------\Service_{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64
-------\Service_2384af53
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-24 do 2015-02-24 )))))))))))))))))))))))))))))))
.
.
2015-02-24 18:40 . 2015-02-24 18:40 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2015-02-24 18:40 . 2015-02-24 18:40 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2015-02-24 18:40 . 2015-02-24 18:40 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-02-24 18:40 . 2015-02-24 18:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-24 15:20 . 2015-02-24 15:22 -------- d-----w- C:\FRST
2015-02-24 14:38 . 2015-02-24 14:39 -------- d-----w- c:\program files\trend micro
2015-02-24 14:16 . 2015-02-24 18:26 -------- d-----w- c:\users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-24 09:25 . 2015-02-24 09:25 -------- d-----w- c:\users\jointsmouka\AppData\Local\Steam
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\2d0ef40ca9e4d12e528b1a094368dc03\Lite x264 Codec Pack.exe
2015-02-16 00:29 . 2015-02-16 00:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\2cca516ea9b208b9f17817199d5b84db\Graphic Equalizer Studio.exe
2015-02-12 13:10 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-12 13:10 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-12 13:10 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-12 13:10 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-11 13:34 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 13:33 . 2015-01-12 02:59 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-02-11 13:30 . 2014-12-12 05:31 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-11 13:30 . 2014-12-12 05:07 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-11 13:29 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-11 13:29 . 2014-11-26 03:32 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-02-11 13:28 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 13:28 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-04 23:39 . 2015-02-04 23:39 -------- d-----w- c:\programdata\BlockIt Ad remover
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-22 17:52 . 2015-01-21 17:00 20 ----a-w- c:\users\jointsmouka\AppData\Roaming\appdataFr3.bin
2015-02-17 18:06 . 2015-02-17 18:06 164352 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpCE6B.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fe48e822b85d70e565d4b2ec480dae4c\NiceLabel PRO.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ee26c627123a85f5765227e718a3f413\Drumagog.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e5281907d882753fb73efbba28e9bcc4\Nero Burning Rom.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e50219afd97832c195403c75f5b27bd4\DeskScapes.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\de97ac922bbf71d449a5056dc8dcc9a3\Paragon Hard Disk Manager 12 Suite.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\d824491c5828e6ffdced0066e3df118e\System Mechanic Professional.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\d6aa4aacdce7a6ff50b4c2d1f66d00a6\Oxygen Forensic Suite.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\d49a398cb7602655bba15b306ffc2449\Panda Internet Security.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\d1aaf19d023cdb340caee8cc65277c6e\Moog Modular V 2.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\cb7fd16d6e48cbbfc153c6ee97d46f7b\MixMeister Fusion + Video.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\c804f013fdb4d2a13e4dcaa52dd51f22\CloneDVD.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\c0f6ecfce46c95d393fdbfed953456bb\MainConcept MPEG Pro HD.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a82966a0a72914d02dd94b7b3abbf7c1\Wavelab.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a60c7c5bc6690164635bb24291488b84\MyScript Studio Notes Edition.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a44b89d8057fbc42093c55b5e4e2f9ad\TuneUp Utilities.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a44b89d8057fbc42093c55b5e4e2f9ad\TuneUp Utilities(24).exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\949d123fee629f2631fc196a19976b7c\Color Efex Pro for Photoshop.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\949d123fee629f2631fc196a19976b7c\Color Efex Pro for Photoshop(23).exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\8646436c62bba011bbcfd52998b505e4\ESET NOD32 Antivirus.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7ddffd86c900401e6cdfb6f136ce09a9\ArcaVir Internet Security.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7c66c30d52931816f550ecefe2f5e0d4\F-Secure Anti-Virus for Windows Servers.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\6c5951ad51c863a5dc99f11150cbc721\AOL 90 VR.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\685924f139a3e06c4b0f6db51165eec9\Absolute Bosendorfer Piano VSTi.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\6323be50cfd4ef04b722b1525715cc3c\KMPlayer.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\6323be50cfd4ef04b722b1525715cc3c\KMPlayer(20).exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\509a5edabe689f361d36fd3db8f739b3\Adobe PageMaker.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\4eec2845b14533477d75ac9d9dc5eb6c\ManageEngine NetFlow Analyzer.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\47a62a9681c23bc9dc7932a1c74ebe92\The Logo Creator.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\459f8f308c16396b754b87f30ed46f0e\Iron Speed Designer.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\342c1bb4bfa4aec8d7c0c6146a0dc201\PHPMaker.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\337aad7f5f2733afa85a2139711bb856\DameWare Mini Remote Control.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\337aad7f5f2733afa85a2139711bb856\DameWare Mini Remote Control(18).exe
2015-02-16 03:21 . 2015-02-24 14:03 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E33A4BA3-BF60-443F-8655-33340BE058BB}\mpengine.dll
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fe2370204997c61229b94a73ea1ee9ad\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f5f0a8e2b6c34a3bb37f87e028a73e96\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f5ea05cc6870525914a03988aa1d672c\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f41f5bd48f8d090c8facd1a486dd144e\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f3ac1755d202c9ee6b77fb53c959c2da\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\eaa260b6b5f64d43bb13301f6c6272ad\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e7e034c63f8a7c707b4065a73ad202dc\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e44d70358bdfe652fe14422385abf8d2\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e374e0b9903e21fdb8067d043e826d70\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\dd6dcf05f2588d845c11e0963b48cf4f\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\daa82e0e2244f0b0d2a92914518fa6e1\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\cf4617dbf6800c2c8b4e2b845d5913bf\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ce9e5ef1f140f42474f63323e6294079\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\c6ac416256fe40c95f00eb0d4663647a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\c31c0be5c145c594d5d2a7bb64fba1a2\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\bc7e0e079099e65b6fdb5e543b648ad6\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\b90adb4cda4be98c9c3cd102b2955ce0\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\b8870b7f50dfb90c47d6a27f5dd4ae07\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\b6431d994aaffbd039dd562ab5865b5e\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\b5298d05670b474cccddf5942284923a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ad521777262e461e1bf721d48fe50a30\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\aca394d1d9daf64a0507e7dd192f5b7a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a9fd8fc9be84c56671578cdb2e8dc317\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a9a8f4a8df60344ccb455e6bbf58bc50\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a170c1f31ea741f69685cd76b302ec67\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\985c10975186d8ee7501338f76c8cda6\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\96ab8606fee3562b0fdfb452fff36b4f\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\92ee3547b50f461ac2415ad752acbef1\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\8dffcf0a5ffb84a980c6280b4b245efe\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\86879f02c1dff5bdb7c8469da43fe677\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\86879f02c1dff5bdb7c8469da43fe677\Hugo x264 Codec Pack(22).exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\800623aa0acec59f5ab4a80e47939b7a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7f2abd22ff8aef0edf56fc15c1777761\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7c3c50ec5e4d522d6058fd1dc9bb7ede\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7300933f06ab20a9a3729c1eb8a2b7d4\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\692dafb6dd12348caea83a4ecdc8dc16\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\673ae5cf5bd82d5f1e872f471c316912\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\66eca20547b5aacda844da1c36568907\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\61ca3b46de9bf69fd6dda7740f86fbb2\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\613ac0058599e91fd3f22fb37fb96b0a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\5ff61bc6ae1788e0e1760172bda3da60\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\5e22a4107819b70940f94105e8604dc3\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\59184eeef81ff1ba8d523d76efacbd84\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\550484b38d0e3a9342f17ac34f534503\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\4939156853a036e41a79df9588d65e18\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\47152a4e54e8586af3a5f0eea1f37c6f\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\3b6c9e0d5e886c94e708762fafa1aeff\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\3a43bff8b4376897e9801154293dced6\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\38dd96353e1b7ac8ee4997bfea7745e1\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\368593f54eadd4a9a624fefa3fde814c\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\2f1fe98e1fa8ac2345fc86d89b82f243\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\2d285f0bd3eb2e4a3483d48071700751\Hugo x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ff9c59e42ed0618bf71d4c55126940f3\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fc8ba40bbfd1fb2fb6e6b36d11fec0df\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fc8ba40bbfd1fb2fb6e6b36d11fec0df\Lite x264 Codec Pack(28).exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fafcce18001e24f35cd0b61f635c0c19\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\faf4e4801646ed0ba2b5db57585204bc\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fa2f95c0b79fb555c97ff3364aa79ea4\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f9769d1a47d38fe261601f14ff824ad2\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f940c1f9e73c33346bf14ed54d2902b5\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f9159d211c0118fdd4e7279948f2f603\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f693d20f01d58120a1a6101701c0e23c\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f62ccdb70efd47b00aa12d2a0d78d1bc\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f3e469cba18e3778c6ebd25287926b4e\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f1e0dbeae004ed71163af04429d07d45\Lite x264 Codec Pack.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{70ba1ce1-4478-4bf6-8028-a91b017bd1c2}]
c:\programdata\shoppia\8KCVB5cQdItgNM.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"CloudSystemBooster"="d:\install\CSB\Cloud System Booster\CloudSystemBooster.exe" [2014-05-29 527544]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-01-23 31087200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"Ad-Watch"="c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712]
.
c:\users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-2-11 42555824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz134;cpuz134;c:\users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AnviCsbSvc;Anvi Cloud System Booster Speed Service;D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe;D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 ReimageRealTimeProtector;Reimage Real Time Protector;c:\program files\Reimage\Reimage Protector\ReiGuard.exe;c:\program files\Reimage\Reimage Protector\ReiGuard.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C525(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-21 16:03 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-23 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34]
.
2015-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 16:02]
.
2015-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 16:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1SecureIconsProvider]
@="{FC9D8189-520A-4417-AED7-9EAC810C6FBA}"
[HKEY_CLASSES_ROOT\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}]
2014-12-20 08:59 2733056 ----a-w- c:\programdata\Microsoft\Secure\Icons\SecureIconsProvider.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-11-29 57928]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296]
"Ciidifamo"="c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://search.gboxapp.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{878EC04A-E66B-447C-BB01-A651764F78C1}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{274E3C5C-178E-EAE2-A52F-2863C0EECD46} - c:\programdata\SavErExtenSion\nF0ldDzHowKuSv.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{2384af53} - c:\progra~3\NETWOR~1\NETWOR~1.DLL
AddRemove-{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4} - c:\programdata\RegualarDeiaLas\FJmuvQFwWOfZid.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AnviCsbSvc]
"ImagePath"="D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AnviCsbSvc]
"ImagePath"="D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\install\CSB\Cloud System Booster\CSBSvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Celkový čas: 2015-02-24 19:52:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-24 18:52
ComboFix2.txt 2015-02-24 16:16
.
Před spuštěním: 36 810 268 672 bytes free
Po spuštění: 36 511 526 912 bytes free
.
- - End Of File - - D88DF4D6C13C523D55FE3D2CBEDEE98E
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1033.18.4094.1926 [GMT 1:00]
Spuštěný z: c:\users\jointsmouka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\jointsmouka\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
"c:\windows\AutoKMS.exe"
"c:\windows\inf\mnccdgjd.inf"
"c:\windows\inf\mnccdgjd.vbe"
"c:\windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys"
"c:\windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys"
"c:\windows\system32\msphtov.inf"
"c:\windows\system32\msphtov.vbe"
"c:\windows\system32\msstp.inf"
"c:\windows\system32\msstp.vbe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\jointsmouka\AppData\Local\Ujgbmedia
c:\users\jointsmouka\AppData\Local\Ujgbmedia\{5738E5E1-8487-E254-D5B7-D1C6D60F3266}
c:\users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.dll
c:\users\jointsmouka\AppData\Local\Ujgbmedia\loader_u.idx
c:\users\jointsmouka\AppData\Local\Ujgbmedia\lxa3usb1.idx
c:\users\jointsmouka\AppData\Local\Ujgbmedia\rfvelocityshader.dll
c:\users\jointsmouka\AppData\Local\Ujgbmedia\rfvelocityshader.idx
c:\users\jointsmouka\AppData\Local\Ujgbmedia\tmp2889.exe
c:\windows\inf\mnccdgjd
c:\windows\inf\mnccdgjd\bitstreams\fpgaminer_top_fixed7_197MHz.ncd
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15b1.bit
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15d1.bit
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15d3.bit
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15d4.bin
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15d4.bit
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15y1.bin
c:\windows\inf\mnccdgjd\bitstreams\ztex_ufm1_15y1.bit
c:\windows\inf\mnccdgjd\diablo130302.cl
c:\windows\inf\mnccdgjd\diakgcn121016.cl
c:\windows\inf\mnccdgjd\libcurl.dll
c:\windows\inf\mnccdgjd\libeay32.dll
c:\windows\inf\mnccdgjd\libidn-11.dll
c:\windows\inf\mnccdgjd\librtmp.dll
c:\windows\inf\mnccdgjd\libssh2.dll
c:\windows\inf\mnccdgjd\libusb-1.0.dll
c:\windows\inf\mnccdgjd\mnccdgjd.exe
c:\windows\inf\mnccdgjd\phatk121016.cl
c:\windows\inf\mnccdgjd\poclbm130302.cl
c:\windows\inf\mnccdgjd\scrypt130511.cl
c:\windows\inf\mnccdgjd\ssleay32.dll
c:\windows\inf\mnccdgjd\zlib1.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_{01531192-F7EF-415F-A549-CFDB11836731}W64
-------\Legacy_{3F538614-B636-4023-9EC2-564ADA4B07B3}GW64
-------\Service_{01531192-f7ef-415f-a549-cfdb11836731}w64
-------\Service_{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64
-------\Service_2384af53
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-24 do 2015-02-24 )))))))))))))))))))))))))))))))
.
.
2015-02-24 18:40 . 2015-02-24 18:40 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2015-02-24 18:40 . 2015-02-24 18:40 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2015-02-24 18:40 . 2015-02-24 18:40 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-02-24 18:40 . 2015-02-24 18:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-24 15:20 . 2015-02-24 15:22 -------- d-----w- C:\FRST
2015-02-24 14:38 . 2015-02-24 14:39 -------- d-----w- c:\program files\trend micro
2015-02-24 14:16 . 2015-02-24 18:26 -------- d-----w- c:\users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-24 09:25 . 2015-02-24 09:25 -------- d-----w- c:\users\jointsmouka\AppData\Local\Steam
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\2d0ef40ca9e4d12e528b1a094368dc03\Lite x264 Codec Pack.exe
2015-02-16 00:29 . 2015-02-16 00:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\2cca516ea9b208b9f17817199d5b84db\Graphic Equalizer Studio.exe
2015-02-12 13:10 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-12 13:10 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-12 13:10 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-12 13:10 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-11 13:34 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 13:33 . 2015-01-12 02:59 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-02-11 13:30 . 2014-12-12 05:31 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-11 13:30 . 2014-12-12 05:07 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-11 13:29 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-11 13:29 . 2014-11-26 03:32 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-02-11 13:28 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 13:28 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-04 23:39 . 2015-02-04 23:39 -------- d-----w- c:\programdata\BlockIt Ad remover
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-22 17:52 . 2015-01-21 17:00 20 ----a-w- c:\users\jointsmouka\AppData\Roaming\appdataFr3.bin
2015-02-17 18:06 . 2015-02-17 18:06 164352 ----a-w- c:\programdata\Microsoft\Secure\Icons\temp\tmpCE6B.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fe48e822b85d70e565d4b2ec480dae4c\NiceLabel PRO.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ee26c627123a85f5765227e718a3f413\Drumagog.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e5281907d882753fb73efbba28e9bcc4\Nero Burning Rom.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e50219afd97832c195403c75f5b27bd4\DeskScapes.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\de97ac922bbf71d449a5056dc8dcc9a3\Paragon Hard Disk Manager 12 Suite.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\d824491c5828e6ffdced0066e3df118e\System Mechanic Professional.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\d6aa4aacdce7a6ff50b4c2d1f66d00a6\Oxygen Forensic Suite.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\d49a398cb7602655bba15b306ffc2449\Panda Internet Security.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\d1aaf19d023cdb340caee8cc65277c6e\Moog Modular V 2.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\cb7fd16d6e48cbbfc153c6ee97d46f7b\MixMeister Fusion + Video.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\c804f013fdb4d2a13e4dcaa52dd51f22\CloneDVD.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\c0f6ecfce46c95d393fdbfed953456bb\MainConcept MPEG Pro HD.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a82966a0a72914d02dd94b7b3abbf7c1\Wavelab.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a60c7c5bc6690164635bb24291488b84\MyScript Studio Notes Edition.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a44b89d8057fbc42093c55b5e4e2f9ad\TuneUp Utilities.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a44b89d8057fbc42093c55b5e4e2f9ad\TuneUp Utilities(24).exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\949d123fee629f2631fc196a19976b7c\Color Efex Pro for Photoshop.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\949d123fee629f2631fc196a19976b7c\Color Efex Pro for Photoshop(23).exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\8646436c62bba011bbcfd52998b505e4\ESET NOD32 Antivirus.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7ddffd86c900401e6cdfb6f136ce09a9\ArcaVir Internet Security.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7c66c30d52931816f550ecefe2f5e0d4\F-Secure Anti-Virus for Windows Servers.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\6c5951ad51c863a5dc99f11150cbc721\AOL 90 VR.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\685924f139a3e06c4b0f6db51165eec9\Absolute Bosendorfer Piano VSTi.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\6323be50cfd4ef04b722b1525715cc3c\KMPlayer.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\6323be50cfd4ef04b722b1525715cc3c\KMPlayer(20).exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\509a5edabe689f361d36fd3db8f739b3\Adobe PageMaker.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\4eec2845b14533477d75ac9d9dc5eb6c\ManageEngine NetFlow Analyzer.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\47a62a9681c23bc9dc7932a1c74ebe92\The Logo Creator.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\459f8f308c16396b754b87f30ed46f0e\Iron Speed Designer.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\342c1bb4bfa4aec8d7c0c6146a0dc201\PHPMaker.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\337aad7f5f2733afa85a2139711bb856\DameWare Mini Remote Control.exe
2015-02-16 04:46 . 2015-02-16 04:46 54525952 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\337aad7f5f2733afa85a2139711bb856\DameWare Mini Remote Control(18).exe
2015-02-16 03:21 . 2015-02-24 14:03 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E33A4BA3-BF60-443F-8655-33340BE058BB}\mpengine.dll
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fe2370204997c61229b94a73ea1ee9ad\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f5f0a8e2b6c34a3bb37f87e028a73e96\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f5ea05cc6870525914a03988aa1d672c\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f41f5bd48f8d090c8facd1a486dd144e\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f3ac1755d202c9ee6b77fb53c959c2da\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\eaa260b6b5f64d43bb13301f6c6272ad\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e7e034c63f8a7c707b4065a73ad202dc\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e44d70358bdfe652fe14422385abf8d2\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\e374e0b9903e21fdb8067d043e826d70\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\dd6dcf05f2588d845c11e0963b48cf4f\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\daa82e0e2244f0b0d2a92914518fa6e1\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\cf4617dbf6800c2c8b4e2b845d5913bf\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ce9e5ef1f140f42474f63323e6294079\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\c6ac416256fe40c95f00eb0d4663647a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\c31c0be5c145c594d5d2a7bb64fba1a2\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\bc7e0e079099e65b6fdb5e543b648ad6\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\b90adb4cda4be98c9c3cd102b2955ce0\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\b8870b7f50dfb90c47d6a27f5dd4ae07\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\b6431d994aaffbd039dd562ab5865b5e\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\b5298d05670b474cccddf5942284923a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ad521777262e461e1bf721d48fe50a30\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\aca394d1d9daf64a0507e7dd192f5b7a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a9fd8fc9be84c56671578cdb2e8dc317\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a9a8f4a8df60344ccb455e6bbf58bc50\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\a170c1f31ea741f69685cd76b302ec67\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\985c10975186d8ee7501338f76c8cda6\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\96ab8606fee3562b0fdfb452fff36b4f\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\92ee3547b50f461ac2415ad752acbef1\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\8dffcf0a5ffb84a980c6280b4b245efe\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\86879f02c1dff5bdb7c8469da43fe677\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\86879f02c1dff5bdb7c8469da43fe677\Hugo x264 Codec Pack(22).exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\800623aa0acec59f5ab4a80e47939b7a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7f2abd22ff8aef0edf56fc15c1777761\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7c3c50ec5e4d522d6058fd1dc9bb7ede\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\7300933f06ab20a9a3729c1eb8a2b7d4\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\692dafb6dd12348caea83a4ecdc8dc16\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\673ae5cf5bd82d5f1e872f471c316912\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\66eca20547b5aacda844da1c36568907\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\61ca3b46de9bf69fd6dda7740f86fbb2\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\613ac0058599e91fd3f22fb37fb96b0a\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\5ff61bc6ae1788e0e1760172bda3da60\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\5e22a4107819b70940f94105e8604dc3\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\59184eeef81ff1ba8d523d76efacbd84\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\550484b38d0e3a9342f17ac34f534503\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\4939156853a036e41a79df9588d65e18\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\47152a4e54e8586af3a5f0eea1f37c6f\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\3b6c9e0d5e886c94e708762fafa1aeff\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\3a43bff8b4376897e9801154293dced6\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\38dd96353e1b7ac8ee4997bfea7745e1\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\368593f54eadd4a9a624fefa3fde814c\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\2f1fe98e1fa8ac2345fc86d89b82f243\Hugo x264 Codec Pack.exe
2015-02-16 01:29 . 2015-02-16 01:29 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\2d285f0bd3eb2e4a3483d48071700751\Hugo x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\ff9c59e42ed0618bf71d4c55126940f3\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fc8ba40bbfd1fb2fb6e6b36d11fec0df\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fc8ba40bbfd1fb2fb6e6b36d11fec0df\Lite x264 Codec Pack(28).exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fafcce18001e24f35cd0b61f635c0c19\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\faf4e4801646ed0ba2b5db57585204bc\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\fa2f95c0b79fb555c97ff3364aa79ea4\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f9769d1a47d38fe261601f14ff824ad2\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f940c1f9e73c33346bf14ed54d2902b5\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f9159d211c0118fdd4e7279948f2f603\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f693d20f01d58120a1a6101701c0e23c\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f62ccdb70efd47b00aa12d2a0d78d1bc\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f3e469cba18e3778c6ebd25287926b4e\Lite x264 Codec Pack.exe
2015-02-16 00:44 . 2015-02-16 00:44 12582912 ----a-w- c:\programdata\Microsoft\Secure\Icons\CachedIcons\data\f1e0dbeae004ed71163af04429d07d45\Lite x264 Codec Pack.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{70ba1ce1-4478-4bf6-8028-a91b017bd1c2}]
c:\programdata\shoppia\8KCVB5cQdItgNM.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"CloudSystemBooster"="d:\install\CSB\Cloud System Booster\CloudSystemBooster.exe" [2014-05-29 527544]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-01-23 31087200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"Ad-Watch"="c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712]
.
c:\users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-2-11 42555824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz134;cpuz134;c:\users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AnviCsbSvc;Anvi Cloud System Booster Speed Service;D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe;D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 ReimageRealTimeProtector;Reimage Real Time Protector;c:\program files\Reimage\Reimage Protector\ReiGuard.exe;c:\program files\Reimage\Reimage Protector\ReiGuard.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C525(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-21 16:03 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-23 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34]
.
2015-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 16:02]
.
2015-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21 16:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1SecureIconsProvider]
@="{FC9D8189-520A-4417-AED7-9EAC810C6FBA}"
[HKEY_CLASSES_ROOT\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}]
2014-12-20 08:59 2733056 ----a-w- c:\programdata\Microsoft\Secure\Icons\SecureIconsProvider.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-11-29 57928]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296]
"Ciidifamo"="c:\users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://search.gboxapp.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{878EC04A-E66B-447C-BB01-A651764F78C1}: NameServer = 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{274E3C5C-178E-EAE2-A52F-2863C0EECD46} - c:\programdata\SavErExtenSion\nF0ldDzHowKuSv.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{2384af53} - c:\progra~3\NETWOR~1\NETWOR~1.DLL
AddRemove-{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4} - c:\programdata\RegualarDeiaLas\FJmuvQFwWOfZid.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AnviCsbSvc]
"ImagePath"="D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AnviCsbSvc]
"ImagePath"="D:/INSTALL/CSB/Cloud System Booster/CSBSvc.exe"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\install\CSB\Cloud System Booster\CSBSvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Celkový čas: 2015-02-24 19:52:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-24 18:52
ComboFix2.txt 2015-02-24 16:16
.
Před spuštěním: 36 810 268 672 bytes free
Po spuštění: 36 511 526 912 bytes free
.
- - End Of File - - D88DF4D6C13C523D55FE3D2CBEDEE98E
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
jointsmouka
- Návštěvník
- Příspěvky: 19
- Registrován: 24 úno 2015 15:44
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2015
Ran by jointsmouka (administrator) on JOINTSMOUKA-PC on 24-02-2015 20:16:43
Running from C:\Users\jointsmouka\Desktop
Loaded Profiles: jointsmouka (Available profiles: jointsmouka & LogMeInRemoteUser)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Anvisoft) D:\INSTALL\CSB\Cloud System Booster\CSBSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Anvisoft) D:\INSTALL\CSB\Cloud System Booster\CloudSystemBooster.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\jointsmouka\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2012-11-29] (LogMeIn, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Ciidifamo] => "C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe"
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [Ad-Watch] => C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe [506712 2009-01-18] (Lavasoft)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [CloudSystemBooster] => D:\INSTALL\CSB\Cloud System Booster\CloudSystemBooster.exe [527544 2014-05-29] (Anvisoft)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * lsdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0C146C8E-EEDF-4F83-99DC-023737234A7B} URL = http://searchab.com/?aff=7&uid=a0d38fd7 ... earchTerms}
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5177
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {25E02ED1-55EC-431E-AA13-3CDCD4905DA8} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3D8E7549-0E8C-4C33-86AD-EA7D285BA95B} URL = http://websearch.ask.com/redirect?clien ... E8FD89B7A3
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3E2089FE-2ADC-4CAE-8075-3DF7E0EB94A9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {4B19489D-19AE-45E6-818C-8790AF04D326} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {5CFBF9BA-1414-41E8-9504-7013CE7AB719} URL = http://search.seznam.cz/?q={searchTerms ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {784BFE96-5543-48BF-8957-FAEA4892296D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {8DCD0D1F-A810-4415-AF4E-1C587E48AA82} URL = http://www.novinky.cz/hledej?w={searchT ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {98198D75-3B7D-45D6-89D0-6B51552E7F5C} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AE830ECE-6621-4BAA-811F-0E68295E9A22} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {BE0E22DF-7D17-4686-B73C-6DC95375082B} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {C04B0473-4653-4FCA-8B5D-4B44A4B15F00} URL = http://www.mapy.cz/?query={searchTerms} ... arch_14875
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: shoppia -> {70ba1ce1-4478-4bf6-8028-a91b017bd1c2} -> C:\ProgramData\shoppia\8KCVB5cQdItgNM.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{878EC04A-E66B-447C-BB01-A651764F78C1}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_269.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_269.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-883375831-3728679416-1811525376-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jointsmouka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-883375831-3728679416-1811525376-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jointsmouka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha1735.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ff
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-21]
CHR Extension: (Google Docs) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-21]
CHR Extension: (Google Drive) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-21]
CHR Extension: (YouTube) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-21]
CHR Extension: (Google Search) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-21]
CHR Extension: (Google Sheets) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-21]
CHR Extension: (Skype Click to Call) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-31]
CHR Extension: (Gmail) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-21]
CHR HKLM-x32\...\Chrome\Extension: [anddllmcjgahdhkagampieimglafnnjm] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home388\ch\MediaWatchV1home388.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iahifhhljhdbokokheinmhdkamjgfmbn] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ch\TrustMediaViewerV1alpha1735.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kepdddahaedaffgedefcdanefbfnpakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1435\ch\MediaBuzzV1mode1435.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kjajonjcpidbhenkljlpmjpmijlnkdoc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6277\ch\MediaViewV1alpha6277.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AnviCsbSvc; D:\INSTALL\CSB\Cloud System Booster\CSBSvc.exe [42680 2014-05-29] (Anvisoft)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
R2 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [921936 2009-01-18] (Lavasoft)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [377704 2015-01-16] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2015-01-16] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-11-29] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-17] (Disc Soft Ltd)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-02] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 20:16 - 2015-02-24 20:16 - 00021813 _____ () C:\Users\jointsmouka\Desktop\FRST.txt
2015-02-24 19:52 - 2015-02-24 19:52 - 00037638 _____ () C:\ComboFix.txt
2015-02-24 17:47 - 2015-02-24 19:40 - 01589248 _____ () C:\Users\jointsmouka\Downloads\autobazar_relace.accdb
2015-02-24 17:47 - 2015-02-24 17:47 - 00145408 _____ () C:\Users\jointsmouka\Downloads\db1-2 upr.ppt
2015-02-24 17:47 - 2015-02-24 17:47 - 00013820 _____ () C:\Users\jointsmouka\Downloads\Test tvorba tabulek a relace.xlsx
2015-02-24 16:54 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-24 16:54 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-24 16:54 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-24 16:53 - 2015-02-24 19:52 - 00000000 ____D () C:\Qoobox
2015-02-24 16:53 - 2015-02-24 19:40 - 00000000 ____D () C:\Windows\erdnt
2015-02-24 16:51 - 2015-02-24 16:52 - 05611903 ____R (Swearware) C:\Users\jointsmouka\Desktop\ComboFix.exe
2015-02-24 16:37 - 2015-02-24 16:39 - 00004084 _____ () C:\Users\jointsmouka\Desktop\Rkill.txt
2015-02-24 16:35 - 2015-02-24 16:35 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\jointsmouka\Desktop\rkill.exe
2015-02-24 16:24 - 2015-02-24 16:24 - 00007862 _____ () C:\Users\jointsmouka\Desktop\Addition.rar
2015-02-24 16:20 - 2015-02-24 20:16 - 00000000 ____D () C:\FRST
2015-02-24 16:19 - 2015-02-24 16:19 - 00112640 _____ (forum.viry.cz) C:\Users\jointsmouka\Desktop\FRSTLauncher.exe
2015-02-24 16:17 - 2015-02-24 16:17 - 02087424 _____ (Farbar) C:\Users\jointsmouka\Desktop\FRST64.exe
2015-02-24 15:38 - 2015-02-24 15:39 - 00000000 ____D () C:\Program Files\trend micro
2015-02-24 15:37 - 2015-02-24 15:37 - 01222144 _____ () C:\Users\jointsmouka\Downloads\RSITx64.exe
2015-02-24 15:16 - 2015-02-24 19:26 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-24 15:16 - 2015-02-24 15:16 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-24 15:15 - 2015-02-24 15:15 - 07826296 _____ (TeamViewer GmbH) C:\Users\jointsmouka\Downloads\TeamViewer_Setup_cs-iuu.exe
2015-02-24 10:27 - 2015-02-24 10:27 - 00284464 _____ () C:\Windows\Minidump\022415-28345-01.dmp
2015-02-24 10:25 - 2015-02-24 10:25 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Steam
2015-02-24 10:11 - 2015-02-24 10:11 - 00290632 _____ () C:\Windows\Minidump\022415-22542-01.dmp
2015-02-24 09:01 - 2015-02-24 09:01 - 00427960 _____ () C:\Windows\Minidump\022415-19609-01.dmp
2015-02-24 08:59 - 2015-02-24 09:00 - 00290648 _____ () C:\Windows\Minidump\022415-25740-01.dmp
2015-02-23 22:30 - 2015-02-23 22:30 - 00000165 ____H () C:\Users\jointsmouka\Downloads\~$využití-radionuklidu.pptx
2015-02-23 22:29 - 2015-02-23 22:29 - 00088372 _____ () C:\Users\jointsmouka\Downloads\využití-radionuklidu.pptx
2015-02-23 15:41 - 2015-02-23 15:41 - 00004631 _____ () C:\Users\jointsmouka\Desktop\BRUŠTÍK DAVID.p12
2015-02-22 17:51 - 2015-02-24 10:27 - 474818582 _____ () C:\Windows\MEMORY.DMP
2015-02-22 17:51 - 2015-02-22 17:51 - 00446688 _____ () C:\Windows\Minidump\022215-28470-01.dmp
2015-02-21 17:08 - 2015-02-21 19:30 - 1276074610 _____ () C:\Users\jointsmouka\Downloads\Padesát-odstínů-šedi---Fifty-Shades-of-Grey-2015-[CAM.XviD]-tit.CZ-v-obraze.avi
2015-02-21 12:16 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\New folder
2015-02-20 22:24 - 2015-02-20 22:25 - 288097593 _____ () C:\Users\jointsmouka\Desktop\MVI_0035.MOV
2015-02-20 21:40 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\hovna
2015-02-20 21:38 - 2015-02-20 21:38 - 00696556 _____ () C:\Users\jointsmouka\Downloads\Vzorník (1).pptx
2015-02-15 15:33 - 2015-02-15 15:33 - 00230094 _____ () C:\Users\jointsmouka\Downloads\tam1.bmp
2015-02-12 14:10 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 14:10 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 14:10 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 14:10 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:35 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:35 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:35 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:35 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:35 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:35 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:35 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:35 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:35 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:35 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:35 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:35 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:35 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:35 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:35 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:35 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:35 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:35 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 14:35 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:35 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:34 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:34 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:34 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:34 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:34 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:34 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:34 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:34 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:34 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:34 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:34 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:34 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:34 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:34 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:34 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:34 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:34 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:34 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:34 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:34 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:34 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:34 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:34 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:34 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:34 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:34 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:34 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:34 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:34 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:34 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:34 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:34 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:34 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:34 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:34 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:34 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:34 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:34 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:34 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:34 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:34 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:34 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:34 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:34 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:34 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:34 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:34 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:34 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:34 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:34 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:34 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:34 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:34 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:34 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:34 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:30 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:30 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:29 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:29 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:28 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:28 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:28 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 21:10 - 2015-02-10 21:10 - 00792942 _____ () C:\Users\jointsmouka\Downloads\Vzorník2.pptx
2015-02-09 14:06 - 2015-02-09 14:07 - 00014776 _____ () C:\Users\jointsmouka\Downloads\kalkulačka-Brusta.xlsm
2015-02-05 22:59 - 2015-02-05 23:00 - 00764401 _____ () C:\Users\jointsmouka\Downloads\Vzorník.pptx
2015-02-05 00:39 - 2015-02-05 00:39 - 00000000 ____D () C:\ProgramData\BlockIt Ad remover
2015-02-03 19:48 - 2015-02-03 19:48 - 00764401 _____ () C:\Users\jointsmouka\Desktop\Vzorník.pptx
2015-02-03 19:32 - 2015-02-03 19:32 - 00031720 _____ () C:\Users\jointsmouka\Downloads\2 Vzorce matematika.xlsx
2015-02-03 19:32 - 2015-02-03 19:32 - 00028672 _____ () C:\Users\jointsmouka\Downloads\1 A vzorce.xls
2015-02-03 19:32 - 2015-02-03 19:32 - 00019456 _____ () C:\Users\jointsmouka\Downloads\3 Funkce a grafy.xls
2015-02-03 19:32 - 2015-02-03 19:32 - 00014848 _____ () C:\Users\jointsmouka\Downloads\5 Data byty.xls
2015-02-03 19:31 - 2015-02-03 19:32 - 00026848 _____ () C:\Users\jointsmouka\Downloads\opakování.xlsm
2015-02-02 19:46 - 2015-02-02 19:46 - 00036559 _____ () C:\Users\jointsmouka\Downloads\The.Big.Bang.Theory.S08E13.720p.HDTV.X264-DIMENSION.torrent
2015-02-01 20:59 - 2015-02-02 13:28 - 00000000 ____D () C:\Users\jointsmouka\Desktop\maturitak
2015-02-01 13:17 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\Facebook_files
2015-01-30 02:49 - 2015-01-30 02:50 - 00040395 _____ () C:\Users\jointsmouka\Downloads\The.Hobbit.2014.Battle.Of.The.Five.Armies.DVDScr.XVID.AC3.HQ.Hive-CM8.torrent
2015-01-27 22:28 - 2015-01-27 22:28 - 00063953 _____ () C:\Users\jointsmouka\Downloads\The.Big.Bang.Theory.S03.HDTV.XviD-TL.torrent
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 20:07 - 2014-12-21 17:02 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-24 19:53 - 2015-01-21 18:00 - 00000020 _____ () C:\Users\jointsmouka\AppData\Roaming\appdataFr3.bin
2015-02-24 19:53 - 2009-07-14 05:45 - 00035312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 19:53 - 2009-07-14 05:45 - 00035312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 19:51 - 2013-06-11 19:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 19:49 - 2013-01-26 09:39 - 01390306 _____ () C:\Windows\WindowsUpdate.log
2015-02-24 19:45 - 2014-08-03 11:21 - 00000000 ___RD () C:\Users\jointsmouka\Dropbox
2015-02-24 19:45 - 2014-08-03 11:20 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dropbox
2015-02-24 19:43 - 2014-12-29 07:00 - 00005340 _____ () C:\Windows\setupact.log
2015-02-24 19:43 - 2014-01-28 12:42 - 00001010 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-02-24 19:43 - 2014-01-28 12:42 - 00000994 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-02-24 19:43 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-24 19:42 - 2015-01-10 07:00 - 00005372 _____ () C:\aaw7boot.log
2015-02-24 19:42 - 2014-12-29 07:00 - 00009556 _____ () C:\Windows\PFRO.log
2015-02-24 19:42 - 2014-12-21 17:02 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 19:42 - 2014-06-07 15:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-24 19:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-24 19:41 - 2009-07-14 03:34 - 76668928 _____ () C:\Windows\system32\config\software.bak
2015-02-24 19:41 - 2009-07-14 03:34 - 16252928 _____ () C:\Windows\system32\config\system.bak
2015-02-24 19:41 - 2009-07-14 03:34 - 06434816 _____ () C:\Windows\system32\config\default.bak
2015-02-24 19:41 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\security.bak
2015-02-24 19:41 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\sam.bak
2015-02-24 19:06 - 2013-01-26 18:13 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Skype
2015-02-24 18:02 - 2015-01-07 20:44 - 00006691 _____ () C:\Windows\system32\ScanResults.xml
2015-02-24 17:58 - 2015-01-07 20:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-02-24 17:16 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-24 17:13 - 2009-07-14 06:13 - 00806776 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-24 17:11 - 2014-01-01 14:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Seznam.cz
2015-02-24 17:08 - 2014-07-18 04:33 - 00015899 _____ () C:\Users\jointsmouka\rgmnr
2015-02-24 17:06 - 2015-01-12 12:40 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Exizumb
2015-02-24 17:05 - 2009-07-14 05:45 - 00417576 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-24 15:58 - 2014-08-30 09:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-24 10:27 - 2013-01-26 18:49 - 00000000 ____D () C:\Windows\Minidump
2015-02-24 09:06 - 2013-01-26 18:13 - 00000000 ____D () C:\ProgramData\Skype
2015-02-24 09:05 - 2013-01-26 18:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-24 09:02 - 2013-01-26 10:33 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-02-23 12:01 - 2014-08-04 11:02 - 00000496 _____ () C:\Windows\Tasks\Ad-Aware Update (Daily).job
2015-02-23 02:39 - 2014-10-12 15:50 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-02-23 02:39 - 2013-01-26 18:12 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\vlc
2015-02-23 02:39 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-02-23 02:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-23 02:38 - 2013-01-26 10:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-02-22 18:54 - 2014-01-30 23:58 - 00003406 __RSH () C:\ProgramData\ntuser.pol
2015-02-22 18:01 - 2014-08-03 11:21 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 17:52 - 2013-01-26 10:02 - 00000000 ____D () C:\Users\jointsmouka
2015-02-20 21:41 - 2014-11-10 17:00 - 00000000 ____D () C:\Users\jointsmouka\Desktop\cestina
2015-02-16 17:59 - 2014-12-20 09:59 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-02-13 18:45 - 2014-12-21 13:51 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Omkics
2015-02-13 08:09 - 2014-04-10 02:55 - 00000000 ____D () C:\Windows\rescache
2015-02-12 14:21 - 2013-08-15 11:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 04:21 - 2015-01-24 13:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awithim
2015-02-12 04:21 - 2015-01-22 13:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Otyzxoa
2015-02-12 04:21 - 2015-01-18 13:08 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awaskem
2015-02-12 04:21 - 2015-01-16 13:00 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ampony
2015-02-12 04:21 - 2015-01-14 12:47 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Itohqi
2015-02-12 04:21 - 2015-01-10 12:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Hoodid
2015-02-12 04:21 - 2015-01-08 12:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Qoafesk
2015-02-12 04:21 - 2015-01-06 12:23 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dasaquut
2015-02-12 04:21 - 2015-01-04 12:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Yhiwaked
2015-02-12 04:21 - 2015-01-02 12:01 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Myagudi
2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Lumiut
2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ikycwe
2015-02-12 04:18 - 2014-12-11 13:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 04:18 - 2014-05-06 23:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 04:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-12 03:56 - 2013-03-13 20:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 03:45 - 2009-07-14 03:34 - 00000678 _____ () C:\Windows\win.ini
2015-02-12 03:10 - 2013-01-26 10:58 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 14:26 - 2014-09-14 16:26 - 00000000 ____D () C:\Users\jointsmouka\Desktop\programovani
2015-02-08 22:33 - 2013-02-11 11:41 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\BitTorrent
==================== Files in the root of some directories =======
2015-01-21 18:00 - 2015-02-24 19:53 - 0000020 _____ () C:\Users\jointsmouka\AppData\Roaming\appdataFr3.bin
2014-07-22 12:15 - 2014-07-22 12:15 - 0007644 _____ () C:\Users\jointsmouka\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\jointsmouka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpamelx8.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 00:18
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (system) (Fixed) (Total:150 GB) (Free:34.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:295.76 GB) (Free:10.42 GB) NTFS
Available physical RAM: 1712.63 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 58%
==================== MBR and Partition Table ==================
TreeSize Professional V6.0.3 (64 bit) (HKLM\...\TreeSize Professional_is1) (Version: 6.0.3 - JAM Software)
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 95BB83A1)
Partition 2: (Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=295.8 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Ad-Aware Update (Daily).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Security Center ==================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\jointsmouka\Desktop" je 4255 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by jointsmouka (administrator) on JOINTSMOUKA-PC on 24-02-2015 20:16:43
Running from C:\Users\jointsmouka\Desktop
Loaded Profiles: jointsmouka (Available profiles: jointsmouka & LogMeInRemoteUser)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Anvisoft) D:\INSTALL\CSB\Cloud System Booster\CSBSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Anvisoft) D:\INSTALL\CSB\Cloud System Booster\CloudSystemBooster.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\jointsmouka\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2012-11-29] (LogMeIn, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Ciidifamo] => "C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe"
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [Ad-Watch] => C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe [506712 2009-01-18] (Lavasoft)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [CloudSystemBooster] => D:\INSTALL\CSB\Cloud System Booster\CloudSystemBooster.exe [527544 2014-05-29] (Anvisoft)
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jointsmouka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * lsdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-883375831-3728679416-1811525376-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0C146C8E-EEDF-4F83-99DC-023737234A7B} URL = http://searchab.com/?aff=7&uid=a0d38fd7 ... earchTerms}
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5177
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {25E02ED1-55EC-431E-AA13-3CDCD4905DA8} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3D8E7549-0E8C-4C33-86AD-EA7D285BA95B} URL = http://websearch.ask.com/redirect?clien ... E8FD89B7A3
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3E2089FE-2ADC-4CAE-8075-3DF7E0EB94A9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {4B19489D-19AE-45E6-818C-8790AF04D326} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {5CFBF9BA-1414-41E8-9504-7013CE7AB719} URL = http://search.seznam.cz/?q={searchTerms ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {784BFE96-5543-48BF-8957-FAEA4892296D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {8DCD0D1F-A810-4415-AF4E-1C587E48AA82} URL = http://www.novinky.cz/hledej?w={searchT ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {98198D75-3B7D-45D6-89D0-6B51552E7F5C} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AE830ECE-6621-4BAA-811F-0E68295E9A22} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {BE0E22DF-7D17-4686-B73C-6DC95375082B} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {C04B0473-4653-4FCA-8B5D-4B44A4B15F00} URL = http://www.mapy.cz/?query={searchTerms} ... arch_14875
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: shoppia -> {70ba1ce1-4478-4bf6-8028-a91b017bd1c2} -> C:\ProgramData\shoppia\8KCVB5cQdItgNM.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{878EC04A-E66B-447C-BB01-A651764F78C1}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_269.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_269.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-883375831-3728679416-1811525376-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jointsmouka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-883375831-3728679416-1811525376-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jointsmouka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha1735.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ff
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-21]
CHR Extension: (Google Docs) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-21]
CHR Extension: (Google Drive) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-21]
CHR Extension: (YouTube) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-21]
CHR Extension: (Google Search) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-21]
CHR Extension: (Google Sheets) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-21]
CHR Extension: (Skype Click to Call) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-31]
CHR Extension: (Gmail) - C:\Users\jointsmouka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-21]
CHR HKLM-x32\...\Chrome\Extension: [anddllmcjgahdhkagampieimglafnnjm] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home388\ch\MediaWatchV1home388.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iahifhhljhdbokokheinmhdkamjgfmbn] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ch\TrustMediaViewerV1alpha1735.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kepdddahaedaffgedefcdanefbfnpakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1435\ch\MediaBuzzV1mode1435.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kjajonjcpidbhenkljlpmjpmijlnkdoc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6277\ch\MediaViewV1alpha6277.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AnviCsbSvc; D:\INSTALL\CSB\Cloud System Booster\CSBSvc.exe [42680 2014-05-29] (Anvisoft)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
R2 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [921936 2009-01-18] (Lavasoft)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [377704 2015-01-16] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2015-01-16] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-11-29] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-17] (Disc Soft Ltd)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-02] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\JOINTS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 20:16 - 2015-02-24 20:16 - 00021813 _____ () C:\Users\jointsmouka\Desktop\FRST.txt
2015-02-24 19:52 - 2015-02-24 19:52 - 00037638 _____ () C:\ComboFix.txt
2015-02-24 17:47 - 2015-02-24 19:40 - 01589248 _____ () C:\Users\jointsmouka\Downloads\autobazar_relace.accdb
2015-02-24 17:47 - 2015-02-24 17:47 - 00145408 _____ () C:\Users\jointsmouka\Downloads\db1-2 upr.ppt
2015-02-24 17:47 - 2015-02-24 17:47 - 00013820 _____ () C:\Users\jointsmouka\Downloads\Test tvorba tabulek a relace.xlsx
2015-02-24 16:54 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-24 16:54 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-24 16:54 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-24 16:54 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-24 16:53 - 2015-02-24 19:52 - 00000000 ____D () C:\Qoobox
2015-02-24 16:53 - 2015-02-24 19:40 - 00000000 ____D () C:\Windows\erdnt
2015-02-24 16:51 - 2015-02-24 16:52 - 05611903 ____R (Swearware) C:\Users\jointsmouka\Desktop\ComboFix.exe
2015-02-24 16:37 - 2015-02-24 16:39 - 00004084 _____ () C:\Users\jointsmouka\Desktop\Rkill.txt
2015-02-24 16:35 - 2015-02-24 16:35 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\jointsmouka\Desktop\rkill.exe
2015-02-24 16:24 - 2015-02-24 16:24 - 00007862 _____ () C:\Users\jointsmouka\Desktop\Addition.rar
2015-02-24 16:20 - 2015-02-24 20:16 - 00000000 ____D () C:\FRST
2015-02-24 16:19 - 2015-02-24 16:19 - 00112640 _____ (forum.viry.cz) C:\Users\jointsmouka\Desktop\FRSTLauncher.exe
2015-02-24 16:17 - 2015-02-24 16:17 - 02087424 _____ (Farbar) C:\Users\jointsmouka\Desktop\FRST64.exe
2015-02-24 15:38 - 2015-02-24 15:39 - 00000000 ____D () C:\Program Files\trend micro
2015-02-24 15:37 - 2015-02-24 15:37 - 01222144 _____ () C:\Users\jointsmouka\Downloads\RSITx64.exe
2015-02-24 15:16 - 2015-02-24 19:26 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\TeamViewer
2015-02-24 15:16 - 2015-02-24 15:16 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-24 15:15 - 2015-02-24 15:15 - 07826296 _____ (TeamViewer GmbH) C:\Users\jointsmouka\Downloads\TeamViewer_Setup_cs-iuu.exe
2015-02-24 10:27 - 2015-02-24 10:27 - 00284464 _____ () C:\Windows\Minidump\022415-28345-01.dmp
2015-02-24 10:25 - 2015-02-24 10:25 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Steam
2015-02-24 10:11 - 2015-02-24 10:11 - 00290632 _____ () C:\Windows\Minidump\022415-22542-01.dmp
2015-02-24 09:01 - 2015-02-24 09:01 - 00427960 _____ () C:\Windows\Minidump\022415-19609-01.dmp
2015-02-24 08:59 - 2015-02-24 09:00 - 00290648 _____ () C:\Windows\Minidump\022415-25740-01.dmp
2015-02-23 22:30 - 2015-02-23 22:30 - 00000165 ____H () C:\Users\jointsmouka\Downloads\~$využití-radionuklidu.pptx
2015-02-23 22:29 - 2015-02-23 22:29 - 00088372 _____ () C:\Users\jointsmouka\Downloads\využití-radionuklidu.pptx
2015-02-23 15:41 - 2015-02-23 15:41 - 00004631 _____ () C:\Users\jointsmouka\Desktop\BRUŠTÍK DAVID.p12
2015-02-22 17:51 - 2015-02-24 10:27 - 474818582 _____ () C:\Windows\MEMORY.DMP
2015-02-22 17:51 - 2015-02-22 17:51 - 00446688 _____ () C:\Windows\Minidump\022215-28470-01.dmp
2015-02-21 17:08 - 2015-02-21 19:30 - 1276074610 _____ () C:\Users\jointsmouka\Downloads\Padesát-odstínů-šedi---Fifty-Shades-of-Grey-2015-[CAM.XviD]-tit.CZ-v-obraze.avi
2015-02-21 12:16 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\New folder
2015-02-20 22:24 - 2015-02-20 22:25 - 288097593 _____ () C:\Users\jointsmouka\Desktop\MVI_0035.MOV
2015-02-20 21:40 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\hovna
2015-02-20 21:38 - 2015-02-20 21:38 - 00696556 _____ () C:\Users\jointsmouka\Downloads\Vzorník (1).pptx
2015-02-15 15:33 - 2015-02-15 15:33 - 00230094 _____ () C:\Users\jointsmouka\Downloads\tam1.bmp
2015-02-12 14:10 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 14:10 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 14:10 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 14:10 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:35 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:35 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:35 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:35 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:35 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:35 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:35 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:35 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:35 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:35 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:35 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:35 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:35 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:35 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:35 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:35 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:35 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:35 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:35 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 14:35 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:35 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:34 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:34 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:34 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:34 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:34 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:34 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:34 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:34 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:34 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:34 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:34 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:34 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:34 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:34 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:34 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:34 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:34 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:34 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:34 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:34 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:34 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:34 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:34 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:34 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:34 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:34 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:34 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:34 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:34 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:34 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:34 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:34 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:34 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:34 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:34 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:34 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:34 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:34 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:34 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:34 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:34 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:34 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:34 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:34 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:34 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:34 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:34 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:34 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:34 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:34 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:34 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:34 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:34 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:34 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:34 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:34 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:34 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:34 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:34 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:34 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:30 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:30 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:29 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:29 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:28 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:28 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:28 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 21:10 - 2015-02-10 21:10 - 00792942 _____ () C:\Users\jointsmouka\Downloads\Vzorník2.pptx
2015-02-09 14:06 - 2015-02-09 14:07 - 00014776 _____ () C:\Users\jointsmouka\Downloads\kalkulačka-Brusta.xlsm
2015-02-05 22:59 - 2015-02-05 23:00 - 00764401 _____ () C:\Users\jointsmouka\Downloads\Vzorník.pptx
2015-02-05 00:39 - 2015-02-05 00:39 - 00000000 ____D () C:\ProgramData\BlockIt Ad remover
2015-02-03 19:48 - 2015-02-03 19:48 - 00764401 _____ () C:\Users\jointsmouka\Desktop\Vzorník.pptx
2015-02-03 19:32 - 2015-02-03 19:32 - 00031720 _____ () C:\Users\jointsmouka\Downloads\2 Vzorce matematika.xlsx
2015-02-03 19:32 - 2015-02-03 19:32 - 00028672 _____ () C:\Users\jointsmouka\Downloads\1 A vzorce.xls
2015-02-03 19:32 - 2015-02-03 19:32 - 00019456 _____ () C:\Users\jointsmouka\Downloads\3 Funkce a grafy.xls
2015-02-03 19:32 - 2015-02-03 19:32 - 00014848 _____ () C:\Users\jointsmouka\Downloads\5 Data byty.xls
2015-02-03 19:31 - 2015-02-03 19:32 - 00026848 _____ () C:\Users\jointsmouka\Downloads\opakování.xlsm
2015-02-02 19:46 - 2015-02-02 19:46 - 00036559 _____ () C:\Users\jointsmouka\Downloads\The.Big.Bang.Theory.S08E13.720p.HDTV.X264-DIMENSION.torrent
2015-02-01 20:59 - 2015-02-02 13:28 - 00000000 ____D () C:\Users\jointsmouka\Desktop\maturitak
2015-02-01 13:17 - 2015-02-23 02:39 - 00000000 ____D () C:\Users\jointsmouka\Desktop\Facebook_files
2015-01-30 02:49 - 2015-01-30 02:50 - 00040395 _____ () C:\Users\jointsmouka\Downloads\The.Hobbit.2014.Battle.Of.The.Five.Armies.DVDScr.XVID.AC3.HQ.Hive-CM8.torrent
2015-01-27 22:28 - 2015-01-27 22:28 - 00063953 _____ () C:\Users\jointsmouka\Downloads\The.Big.Bang.Theory.S03.HDTV.XviD-TL.torrent
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-24 20:07 - 2014-12-21 17:02 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-24 19:53 - 2015-01-21 18:00 - 00000020 _____ () C:\Users\jointsmouka\AppData\Roaming\appdataFr3.bin
2015-02-24 19:53 - 2009-07-14 05:45 - 00035312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 19:53 - 2009-07-14 05:45 - 00035312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 19:51 - 2013-06-11 19:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 19:49 - 2013-01-26 09:39 - 01390306 _____ () C:\Windows\WindowsUpdate.log
2015-02-24 19:45 - 2014-08-03 11:21 - 00000000 ___RD () C:\Users\jointsmouka\Dropbox
2015-02-24 19:45 - 2014-08-03 11:20 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dropbox
2015-02-24 19:43 - 2014-12-29 07:00 - 00005340 _____ () C:\Windows\setupact.log
2015-02-24 19:43 - 2014-01-28 12:42 - 00001010 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-02-24 19:43 - 2014-01-28 12:42 - 00000994 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-02-24 19:43 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-24 19:42 - 2015-01-10 07:00 - 00005372 _____ () C:\aaw7boot.log
2015-02-24 19:42 - 2014-12-29 07:00 - 00009556 _____ () C:\Windows\PFRO.log
2015-02-24 19:42 - 2014-12-21 17:02 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 19:42 - 2014-06-07 15:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-24 19:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-24 19:41 - 2009-07-14 03:34 - 76668928 _____ () C:\Windows\system32\config\software.bak
2015-02-24 19:41 - 2009-07-14 03:34 - 16252928 _____ () C:\Windows\system32\config\system.bak
2015-02-24 19:41 - 2009-07-14 03:34 - 06434816 _____ () C:\Windows\system32\config\default.bak
2015-02-24 19:41 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\security.bak
2015-02-24 19:41 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\sam.bak
2015-02-24 19:06 - 2013-01-26 18:13 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Skype
2015-02-24 18:02 - 2015-01-07 20:44 - 00006691 _____ () C:\Windows\system32\ScanResults.xml
2015-02-24 17:58 - 2015-01-07 20:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-02-24 17:16 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-24 17:13 - 2009-07-14 06:13 - 00806776 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-24 17:11 - 2014-01-01 14:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Seznam.cz
2015-02-24 17:08 - 2014-07-18 04:33 - 00015899 _____ () C:\Users\jointsmouka\rgmnr
2015-02-24 17:06 - 2015-01-12 12:40 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Exizumb
2015-02-24 17:05 - 2009-07-14 05:45 - 00417576 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-24 15:58 - 2014-08-30 09:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-24 10:27 - 2013-01-26 18:49 - 00000000 ____D () C:\Windows\Minidump
2015-02-24 09:06 - 2013-01-26 18:13 - 00000000 ____D () C:\ProgramData\Skype
2015-02-24 09:05 - 2013-01-26 18:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-24 09:02 - 2013-01-26 10:33 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-02-23 12:01 - 2014-08-04 11:02 - 00000496 _____ () C:\Windows\Tasks\Ad-Aware Update (Daily).job
2015-02-23 02:39 - 2014-10-12 15:50 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-02-23 02:39 - 2013-01-26 18:12 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\vlc
2015-02-23 02:39 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-02-23 02:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-23 02:38 - 2013-01-26 10:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-02-22 18:54 - 2014-01-30 23:58 - 00003406 __RSH () C:\ProgramData\ntuser.pol
2015-02-22 18:01 - 2014-08-03 11:21 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 17:52 - 2013-01-26 10:02 - 00000000 ____D () C:\Users\jointsmouka
2015-02-20 21:41 - 2014-11-10 17:00 - 00000000 ____D () C:\Users\jointsmouka\Desktop\cestina
2015-02-16 17:59 - 2014-12-20 09:59 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-02-13 18:45 - 2014-12-21 13:51 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Omkics
2015-02-13 08:09 - 2014-04-10 02:55 - 00000000 ____D () C:\Windows\rescache
2015-02-12 14:21 - 2013-08-15 11:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 04:21 - 2015-01-24 13:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awithim
2015-02-12 04:21 - 2015-01-22 13:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Otyzxoa
2015-02-12 04:21 - 2015-01-18 13:08 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awaskem
2015-02-12 04:21 - 2015-01-16 13:00 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ampony
2015-02-12 04:21 - 2015-01-14 12:47 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Itohqi
2015-02-12 04:21 - 2015-01-10 12:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Hoodid
2015-02-12 04:21 - 2015-01-08 12:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Qoafesk
2015-02-12 04:21 - 2015-01-06 12:23 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dasaquut
2015-02-12 04:21 - 2015-01-04 12:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Yhiwaked
2015-02-12 04:21 - 2015-01-02 12:01 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Myagudi
2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Lumiut
2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ikycwe
2015-02-12 04:18 - 2014-12-11 13:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 04:18 - 2014-05-06 23:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 04:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-12 03:56 - 2013-03-13 20:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 03:45 - 2009-07-14 03:34 - 00000678 _____ () C:\Windows\win.ini
2015-02-12 03:10 - 2013-01-26 10:58 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 14:26 - 2014-09-14 16:26 - 00000000 ____D () C:\Users\jointsmouka\Desktop\programovani
2015-02-08 22:33 - 2013-02-11 11:41 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\BitTorrent
==================== Files in the root of some directories =======
2015-01-21 18:00 - 2015-02-24 19:53 - 0000020 _____ () C:\Users\jointsmouka\AppData\Roaming\appdataFr3.bin
2014-07-22 12:15 - 2014-07-22 12:15 - 0007644 _____ () C:\Users\jointsmouka\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\jointsmouka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpamelx8.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 00:18
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (system) (Fixed) (Total:150 GB) (Free:34.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:295.76 GB) (Free:10.42 GB) NTFS
Available physical RAM: 1712.63 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 58%
==================== MBR and Partition Table ==================
TreeSize Professional V6.0.3 (64 bit) (HKLM\...\TreeSize Professional_is1) (Version: 6.0.3 - JAM Software)
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 95BB83A1)
Partition 2: (Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=295.8 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Ad-Aware Update (Daily).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Security Center ==================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\jointsmouka\Desktop" je 4255 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (7.4 KiB) Staženo 32 x
Re: Prosim o kontrolu logu, pocitac je v hroznem stavu
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [Ciidifamo] => "C:\Users\jointsmouka\AppData\Roaming\Exizumb\dyesfi.exe" C:\Users\jointsmouka\AppData\Roaming\Exizumb Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll () C:\ProgramData\Microsoft\Secure\Icons GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-883375831-3728679416-1811525376-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0C146C8E-EEDF-4F83-99DC-023737234A7B} URL = http://searchab.com/?aff=7&uid=a0d38fd7 ... d003c8a&q={searchTerms} SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F4CF001D7D003C8A&affID=128403&tsp=5177 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {25E02ED1-55EC-431E-AA13-3CDCD4905DA8} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3D8E7549-0E8C-4C33-86AD-EA7D285BA95B} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=8D1E4E03-A33E-4845-AFFD-1CB5E0AE8D2A&apn_sauid=67133D01-E11E-4F4F-9BB8-7DE8FD89B7A3 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {3E2089FE-2ADC-4CAE-8075-3DF7E0EB94A9} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_14875 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {4B19489D-19AE-45E6-818C-8790AF04D326} URL = SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {5CFBF9BA-1414-41E8-9504-7013CE7AB719} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_14875 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {784BFE96-5543-48BF-8957-FAEA4892296D} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_14875 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {8DCD0D1F-A810-4415-AF4E-1C587E48AA82} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {98198D75-3B7D-45D6-89D0-6B51552E7F5C} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_14875 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AE830ECE-6621-4BAA-811F-0E68295E9A22} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_14875 SearchScopes: HKU\S-1-5-21-883375831-3728679416-1811525376-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = BHO-x32: shoppia -> {70ba1ce1-4478-4bf6-8028-a91b017bd1c2} -> C:\ProgramData\shoppia\8KCVB5cQdItgNM.dll No File C:\ProgramData\shoppia FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha1735.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ff CHR HKLM-x32\...\Chrome\Extension: [anddllmcjgahdhkagampieimglafnnjm] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home388\ch\MediaWatchV1home388.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iahifhhljhdbokokheinmhdkamjgfmbn] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1735\ch\TrustMediaViewerV1alpha1735.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [kepdddahaedaffgedefcdanefbfnpakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode1435\ch\MediaBuzzV1mode1435.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [kjajonjcpidbhenkljlpmjpmijlnkdoc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6277\ch\MediaViewV1alpha6277.crx [Not Found] S4 LMIRfsClientNP; No ImagePath 2015-02-05 00:39 - 2015-02-05 00:39 - 00000000 ____D () C:\ProgramData\BlockIt Ad remover 2015-02-24 17:06 - 2015-01-12 12:40 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Exizumb 2015-02-23 12:01 - 2014-08-04 11:02 - 00000496 _____ () C:\Windows\Tasks\Ad-Aware Update (Daily).job 2015-02-13 18:45 - 2014-12-21 13:51 - 00000000 ____D () C:\Users\jointsmouka\AppData\Local\Omkics 2015-02-12 04:21 - 2015-01-24 13:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awithim 2015-02-12 04:21 - 2015-01-22 13:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Otyzxoa 2015-02-12 04:21 - 2015-01-18 13:08 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Awaskem 2015-02-12 04:21 - 2015-01-16 13:00 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ampony 2015-02-12 04:21 - 2015-01-14 12:47 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Itohqi 2015-02-12 04:21 - 2015-01-10 12:36 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Hoodid 2015-02-12 04:21 - 2015-01-08 12:31 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Qoafesk 2015-02-12 04:21 - 2015-01-06 12:23 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Dasaquut 2015-02-12 04:21 - 2015-01-04 12:16 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Yhiwaked 2015-02-12 04:21 - 2015-01-02 12:01 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Myagudi 2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Lumiut 2015-02-12 04:21 - 2014-12-31 11:55 - 00000000 ____D () C:\Users\jointsmouka\AppData\Roaming\Ikycwe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe AlternateDataStreams: C:\ProgramData\TEMP:373E1720 Task: {073BEFCB-723D-4F42-BADF-4C223BD4C208} - \Security Center Update - 2387264809 No Task File <==== ATTENTION Task: {09852AB7-1EFC-4D6D-A3DC-9E40A807792E} - \Security Center Update - 1817271749 No Task File <==== ATTENTION Task: {09D63F6F-94F7-4CE8-9B91-862B61F56E8A} - \Security Center Update - 788185214 No Task File <==== ATTENTION Task: {189B9C27-04D0-4BE3-9FFA-ECD84298AEBB} - \Security Center Update - 1967763578 No Task File <==== ATTENTION Task: {19DCF4A8-A1B0-4371-B353-0EE1B0C279C4} - \Security Center Update - 2813940164 No Task File <==== ATTENTION Task: {282373DA-363B-49DB-92CB-0573E4EC1D40} - \Security Center Update - 464115867 No Task File <==== ATTENTION Task: {3867E30D-EC76-48CC-845B-E2BA53021090} - System32\Tasks\{9A0FEFBE-CE74-4E11-9B17-5C548267300D} => pcalua.exe -a "D:\GAMES\Counter-Strike.1.6-BTM\Counter-Strike 1.6 Full v7.exe" -d D:\GAMES\Counter-Strike.1.6-BTM Task: {3B5543EE-5C64-46CB-AAEE-D24B64D6EB73} - \Security Center Update - 2944175338 No Task File <==== ATTENTION Task: {41113263-4ABB-4DDE-B42E-B8E2343D760E} - \Security Center Update - 2959411260 No Task File <==== ATTENTION Task: {4EDDC796-EE3F-42D4-B09B-F0FECF312AC1} - \Security Center Update - 3983269009 No Task File <==== ATTENTION Task: {509A9A73-7A98-48B0-9D62-8AAAE985D259} - \Security Center Update - 2334446266 No Task File <==== ATTENTION Task: {6227DE5B-FFC3-4BE3-B51B-8AD98599110E} - \Security Center Update - 3237372327 No Task File <==== ATTENTION Task: {7131A177-B7E8-4153-A75B-03229E3B7A5D} - \Security Center Update - 3931236564 No Task File <==== ATTENTION Task: {834D3B06-B9AB-4C91-A123-46D35D358B6F} - \Security Center Update - 2601427658 No Task File <==== ATTENTION Task: {C6CDD345-708B-47B0-8A1D-76E7C5248447} - \Security Center Update - 4081695866 No Task File <==== ATTENTION Task: {DBC87310-3B77-49E1-A212-17C834ECC385} - \Security Center Update - 702504655 No Task File <==== ATTENTION Task: {FFB185AF-C509-4ABE-9C1A-7B2F6E1D1F12} - \Security Center Update - 471716692 No Task File <==== ATTENTION CMD: dir "C:\PROGRA~1" CMD: dir "C:\PROGRA~2" CMD: dir "C:\PROGRA~3" CMD: dir "%localappdata%" CMD: dir "%appdata%" Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?