Prevence

[bigmuff]

Dobrý den,můžu poprosit o kontrolu logu?
Logfile of random's system information tool 1.10 (written by random/random)
Run by mixer at 2015-03-14 11:08:14
Microsoft Windows 8.1 Pro
System drive C: has 51 GB (71%) free of 71 GB
Total RAM: 2046 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:19, on 14. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Users\mixer\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\r2 Studios\HideOE\HideOE.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x86__8wekyb3d8bbwe\glcnd.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\msdt.exe
C:\Windows\System32\sdiagnhost.exe
C:\Windows\system32\conhost.exe
C:\Users\mixer\Downloads\RSIT.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\mixer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\mixer\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [HideOE] "C:\Program Files\r2 Studios\HideOE\HideOE.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCDCC26D-3994-4C29-BB22-D1769C215134}: NameServer = 8.8.8.8,213.191.100.3
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 3965 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\mixer\AppData\Roaming\Mozilla\Firefox\Profiles\8qdr6k85.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\mixer\AppData\Roaming\Mozilla\Firefox\Profiles\8qdr6k85.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\mixer\AppData\Roaming\Mozilla\Firefox\Profiles\8qdr6k85.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-14 850704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-02-19 5503768]
"uTorrent"=C:\Users\mixer\AppData\Roaming\uTorrent\utorrent.exe [2014-04-14 398760]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2014-03-14 2611808]
"HideOE"=C:\Program Files\r2 Studios\HideOE\HideOE.exe [2003-07-24 32768]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2014-12-19 458456]
"USB Safely Remove"=C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [2012-01-30 6061056]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-14 10:40:01 ----DC---- C:\Program Files\trend micro
2015-03-14 10:39:59 ----DC---- C:\rsit
2015-03-10 20:26:42 ----AC---- C:\Windows\system32\WindowsCodecs.dll
2015-03-10 20:26:35 ----AC---- C:\Windows\system32\msctf.dll
2015-03-10 20:26:35 ----AC---- C:\Windows\system32\dwmcore.dll
2015-03-10 20:26:24 ----AC---- C:\Windows\system32\SHCore.dll
2015-03-10 20:26:23 ----AC---- C:\Windows\system32\MrmCoreR.dll
2015-03-10 20:26:09 ----AC---- C:\Windows\system32\ubpm.dll
2015-03-10 20:26:04 ----AC---- C:\Windows\system32\WSShared.dll
2015-03-10 20:26:04 ----AC---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-10 20:25:49 ----AC---- C:\Windows\system32\msftedit.dll
2015-03-10 20:25:42 ----AC---- C:\Windows\system32\photowiz.dll
2015-03-10 20:25:41 ----AC---- C:\Windows\system32\LockScreenContentServer.exe
2015-03-10 20:25:35 ----AC---- C:\Windows\system32\shell32.dll
2015-03-10 20:25:22 ----AC---- C:\Windows\system32\drivers\hidbth.sys
2015-03-10 20:25:12 ----AC---- C:\Windows\system32\schannel.dll
2015-03-10 20:25:07 ----AC---- C:\Windows\system32\win32spl.dll
2015-03-10 20:25:07 ----AC---- C:\Windows\system32\mfc42u.dll
2015-03-10 20:25:07 ----AC---- C:\Windows\system32\mfc42.dll
2015-03-10 20:25:07 ----AC---- C:\Windows\system32\localspl.dll
2015-03-10 20:25:06 ----AC---- C:\Windows\system32\D3DCompiler_47.dll
2015-03-10 20:24:55 ----AC---- C:\Windows\explorer.exe
2015-03-10 20:24:44 ----AC---- C:\Windows\system32\calc.exe
2015-03-10 20:24:41 ----AC---- C:\Windows\system32\mshtml.dll
2015-03-10 20:24:33 ----AC---- C:\Windows\system32\ieframe.dll
2015-03-10 20:24:31 ----AC---- C:\Windows\system32\jscript9.dll
2015-03-10 20:24:30 ----AC---- C:\Windows\system32\wininet.dll
2015-03-10 20:24:30 ----AC---- C:\Windows\system32\urlmon.dll
2015-03-10 20:24:30 ----AC---- C:\Windows\system32\inetcomm.dll
2015-03-10 20:24:30 ----AC---- C:\Windows\system32\iertutil.dll
2015-03-10 20:24:29 ----AC---- C:\Windows\system32\vbscript.dll
2015-03-10 20:24:29 ----AC---- C:\Windows\system32\msfeeds.dll
2015-03-10 20:24:27 ----AC---- C:\Windows\system32\dxtrans.dll
2015-03-10 20:24:26 ----AC---- C:\Windows\system32\webcheck.dll
2015-03-10 20:24:26 ----AC---- C:\Windows\system32\mshtmled.dll
2015-03-10 20:24:26 ----AC---- C:\Windows\system32\MshtmlDac.dll
2015-03-10 20:24:26 ----AC---- C:\Windows\system32\ie4uinit.exe
2015-03-10 20:24:25 ----AC---- C:\Windows\system32\iepeers.dll
2015-03-10 20:24:24 ----AC---- C:\Windows\system32\jscript.dll
2015-03-10 20:24:24 ----AC---- C:\Windows\system32\ieapfltr.dll
2015-03-10 20:23:31 ----AC---- C:\Windows\system32\eapphost.dll
2015-03-10 20:23:31 ----AC---- C:\Windows\system32\eappgnui.dll
2015-03-10 20:23:31 ----AC---- C:\Windows\system32\eappcfg.dll
2015-03-10 20:23:31 ----AC---- C:\Windows\system32\eapp3hst.dll
2015-03-10 20:23:19 ----AC---- C:\Windows\system32\win32k.sys
2015-03-10 20:23:12 ----AC---- C:\Windows\system32\rdpcorets.dll
2015-03-10 20:23:11 ----AC---- C:\Windows\system32\rdpudd.dll
2015-03-10 20:23:10 ----AC---- C:\Windows\system32\WMPhoto.dll
2015-03-10 20:22:59 ----AC---- C:\Windows\system32\StorageContextHandler.dll
2015-03-10 20:22:59 ----AC---- C:\Windows\system32\atmfd.dll
2015-03-10 20:22:58 ----AC---- C:\Windows\system32\ntoskrnl.exe
2015-03-10 20:22:58 ----AC---- C:\Windows\system32\atmlib.dll
2015-03-10 20:22:57 ----AC---- C:\Windows\system32\ntdll.dll
2015-03-10 20:20:52 ----AC---- C:\Windows\system32\drivers\ndis.sys
2015-03-10 20:20:40 ----AC---- C:\Windows\system32\drivers\WdFilter.sys
2015-03-10 20:20:40 ----AC---- C:\Windows\system32\drivers\WdBoot.sys
2015-03-10 20:20:36 ----AC---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-03-10 20:20:34 ----AC---- C:\Windows\system32\winshfhc.dll
2015-03-10 20:18:26 ----AC---- C:\Windows\system32\authui.dll
2015-03-08 17:41:42 ----DC---- C:\Program Files\Common Files\DESIGNER
2015-03-08 14:20:38 ----DC---- C:\Program Files\Puran Delete Empty Folders
2015-03-07 00:18:10 ----AC---- C:\Windows\system32\drivers\1DFB1891.sys
2015-03-06 21:22:04 ----DC---- C:\Users\mixer\AppData\Roaming\USBSafelyRemove
2015-03-06 21:09:39 ----DC---- C:\Program Files\Medieval Software
2015-03-06 16:22:12 ----DC---- C:\ProgramData\Malwarebytes
2015-03-04 17:18:56 ----AC---- C:\Windows\Setup.INI
2015-03-04 17:18:20 ----DC---- C:\Program Files\Launch Manager
2015-03-03 21:00:22 ----DC---- C:\Program Files\4KDownload
2015-03-01 18:09:54 ----DC---- C:\Program Files\r2 Studios
2015-03-01 16:30:01 ----DC---- C:\Users\mixer\AppData\Roaming\vlc
2015-03-01 16:12:12 ----DC---- C:\Program Files\VideoLAN
2015-03-01 09:55:11 ----DC---- C:\Users\mixer\AppData\Roaming\Zoner
2015-03-01 09:54:38 ----DC---- C:\ProgramData\Zoner
2015-03-01 09:53:49 ----DC---- C:\Program Files\Zoner
2015-03-01 09:52:05 ----DC---- C:\Windows\AutoKMS
2015-03-01 09:43:37 ----DC---- C:\Program Files\Microsoft Synchronization Services
2015-03-01 09:42:58 ----DC---- C:\Program Files\Microsoft SQL Server Compact Edition
2015-03-01 09:36:44 ----DC---- C:\Program Files\Microsoft Analysis Services
2015-03-01 09:35:31 ----DC---- C:\Program Files\Microsoft Office
2015-03-01 09:35:29 ----DC---- C:\ProgramData\Microsoft Help
2015-03-01 09:34:37 ----RHDC---- C:\MSOCache
2015-03-01 09:25:08 ----DC---- C:\ProgramData\USBSRService
2015-03-01 09:24:57 ----DC---- C:\Program Files\USB Safely Remove
2015-03-01 09:20:22 ----DC---- C:\Program Files\Rainlendar2
2015-02-27 15:20:55 ----DC---- C:\Users\mixer\AppData\Roaming\WinRAR
2015-02-27 15:19:38 ----DC---- C:\Program Files\WinRAR
2015-02-27 14:12:52 ----AC---- C:\Windows\system32\pwNative.exe
2015-02-27 14:12:41 ----C---- C:\Windows\system32\pwdrvio.sys
2015-02-27 14:11:47 ----C---- C:\Windows\system32\pwdspio.sys
2015-02-27 14:10:09 ----DC---- C:\Program Files\MiniTool Partition Wizard Professional Edition 8.1
2015-02-26 22:47:39 ----DC---- C:\ProgramData\SP_FT_Logs
2015-02-26 21:59:24 ----DC---- C:\Users\mixer\AppData\Roaming\mgyun
2015-02-26 21:59:20 ----DC---- C:\Program Files\VROOT
2015-02-26 21:53:00 ----DC---- C:\Program Files\ClockworkMod
2015-02-26 21:37:20 ----AC---- C:\Windows\system32\WdfCoInstaller01007.dll
2015-02-26 21:37:20 ----AC---- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
2015-02-26 21:37:20 ----AC---- C:\Windows\system32\drivers\ssudeadb.sys
2015-02-26 21:36:15 ----DC---- C:\Program Files\SAMSUNG
2015-02-26 21:34:59 ----DC---- C:\ProgramData\Samsung
2015-02-26 21:00:13 ----AC---- C:\Windows\system32\drivers\pneteth.sys
2015-02-26 20:58:52 ----DC---- C:\Program Files\InstallShield Installation Information
2015-02-26 20:55:51 ----DC---- C:\Windows\tiinst
2015-02-26 20:37:32 ----DC---- C:\Windows\Profiles
2015-02-26 20:37:32 ----DC---- C:\Users\mixer\AppData\Roaming\URSoft
2015-02-26 20:37:30 ----ADC---- C:\ProgramData\TEMP
2015-02-26 20:37:10 ----DC---- C:\Program Files\Your Uninstaller
2015-02-26 20:18:16 ----DC---- C:\ProgramData\ProductData
2015-02-26 20:17:59 ----DC---- C:\ProgramData\IObit
2015-02-26 20:17:59 ----AC---- C:\Windows\system32\drivers\HWiNFO32.SYS
2015-02-26 20:17:58 ----DC---- C:\Users\mixer\AppData\Roaming\IObit
2015-02-26 19:56:59 ----DC---- C:\Users\mixer\AppData\Roaming\Mozilla
2015-02-26 19:56:24 ----DC---- C:\Program Files\Mozilla Firefox
2015-02-26 19:31:36 ----AC---- C:\Windows\system32\aspnet_counters.dll
2015-02-26 19:30:19 ----AC---- C:\Windows\system32\TSWbPrxy.exe
2015-02-26 19:30:19 ----AC---- C:\Windows\system32\nlasvc.dll
2015-02-26 19:30:19 ----AC---- C:\Windows\system32\ncsi.dll
2015-02-26 19:30:11 ----AC---- C:\Windows\system32\sppobjs.dll
2015-02-26 19:30:11 ----AC---- C:\Windows\system32\drivers\ahcache.sys
2015-02-26 19:29:32 ----AC---- C:\Windows\system32\iedkcs32.dll
2015-02-26 19:29:32 ----AC---- C:\Windows\system32\dxtmsft.dll
2015-02-26 19:29:20 ----AC---- C:\Windows\system32\oleaut32.dll
2015-02-26 19:28:34 ----AC---- C:\Windows\system32\WerFaultSecure.exe
2015-02-26 19:28:34 ----AC---- C:\Windows\system32\wer.dll
2015-02-26 19:28:34 ----AC---- C:\Windows\system32\Faultrep.dll
2015-02-26 19:28:34 ----AC---- C:\Windows\system32\EncDump.dll
2015-02-26 19:28:34 ----AC---- C:\Windows\system32\ci.dll
2015-02-26 19:28:34 ----AC---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-02-26 19:28:22 ----AC---- C:\Windows\system32\profsvc.dll
2015-02-26 19:28:04 ----AC---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-26 19:28:04 ----AC---- C:\Windows\system32\drivers\cng.sys
2015-02-26 19:27:53 ----AC---- C:\Windows\system32\drivers\mrxdav.sys
2015-02-26 19:27:35 ----AC---- C:\Windows\system32\scesrv.dll
2015-02-26 19:10:30 ----ASH---- C:\pagefile.sys
2015-02-26 19:10:24 ----ASH---- C:\hiberfil.sys
2015-02-17 15:26:28 ----AC---- C:\Windows\system32\FM20.DLL

======List of files/folders modified in the last 1 month======

2015-03-14 11:08:08 ----DC---- C:\Users\mixer\AppData\Roaming\uTorrent
2015-03-14 11:00:37 ----DC---- C:\Windows\Prefetch
2015-03-14 11:00:00 ----DC---- C:\Windows\system32\sru
2015-03-14 10:40:01 ----RDC---- C:\Program Files
2015-03-14 10:27:17 ----DC---- C:\Windows\Temp
2015-03-14 09:46:34 ----SHDC---- C:\Windows\Installer
2015-03-14 09:29:56 ----SHD---- C:\System Volume Information
2015-03-14 09:26:31 ----RDC---- C:\Windows\System32
2015-03-14 09:26:31 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2015-03-14 09:26:30 ----DC---- C:\Windows\inf
2015-03-14 09:22:18 ----DC---- C:\Windows\system32\catroot
2015-03-14 09:22:18 ----D---- C:\Windows\system32\DriverStore
2015-03-13 22:05:08 ----DC---- C:\Windows\Microsoft.NET
2015-03-13 22:04:33 ----DC---- C:\Windows\system32\config
2015-03-12 19:43:36 ----DC---- C:\Windows\system32\Drivers
2015-03-12 19:16:36 ----DC---- C:\Windows\debug
2015-03-12 16:31:55 ----DC---- C:\Windows\SoftwareDistribution
2015-03-12 16:25:52 ----DC---- C:\Windows
2015-03-10 20:58:30 ----D---- C:\Windows\WinSxS
2015-03-10 20:54:31 ----DC---- C:\Program Files\Internet Explorer
2015-03-10 20:54:30 ----D---- C:\Program Files\Windows Defender
2015-03-10 20:54:29 ----DC---- C:\Windows\WinStore
2015-03-10 20:54:29 ----DC---- C:\Windows\PolicyDefinitions
2015-03-10 20:54:28 ----RD---- C:\Windows\ToastData
2015-03-10 20:54:28 ----DC---- C:\Windows\system32\cs-CZ
2015-03-10 20:49:01 ----DC---- C:\Windows\CbsTemp
2015-03-10 20:47:04 ----DC---- C:\Windows\system32\MRT
2015-03-10 20:38:16 ----AC---- C:\Windows\system32\MRT.exe
2015-03-10 20:25:31 ----DC---- C:\Windows\system32\catroot2
2015-03-10 19:20:40 ----DC---- C:\Windows\system32\Tasks
2015-03-08 18:21:51 ----DC---- C:\Windows\Panther
2015-03-08 17:41:42 ----DC---- C:\Program Files\Common Files
2015-03-08 17:40:29 ----RSDC---- C:\Windows\Fonts
2015-03-08 14:21:22 ----SDC---- C:\Users\mixer\AppData\Roaming\Microsoft
2015-03-06 17:08:19 ----RSDC---- C:\Windows\assembly
2015-03-06 16:22:12 ----HDC---- C:\ProgramData
2015-03-04 22:24:42 ----AC---- C:\Windows\system32\FlashPlayerApp.exe
2015-03-04 17:13:54 ----DC---- C:\Program Files\Common Files\microsoft shared
2015-03-03 14:16:52 ----C---- C:\Windows\system32\MpSigStub.exe
2015-03-01 09:44:52 ----DC---- C:\Windows\ShellNew
2015-03-01 09:42:58 ----SDC---- C:\ProgramData\Microsoft
2015-03-01 09:42:58 ----DC---- C:\Program Files\Microsoft.NET
2015-02-28 17:39:25 ----DC---- C:\Windows\system32\drivers\etc
2015-02-27 14:00:46 ----DC---- C:\Users\mixer\AppData\Roaming\Windows Live Writer
2015-02-27 13:31:13 ----DC---- C:\Windows\system32\LogFiles
2015-02-27 09:10:22 ----D---- C:\Windows\rescache
2015-02-26 21:21:14 ----SHDC---- C:\$Recycle.Bin
2015-02-26 20:39:49 ----DC---- C:\Windows\Tasks
2015-02-26 20:31:57 ----DC---- C:\Windows\system32\wbem
2015-02-26 20:29:29 ----HD---- C:\Program Files\WindowsApps
2015-02-26 20:26:49 ----DC---- C:\Windows\registration
2015-02-26 20:25:33 ----DC---- C:\Windows\Logs
2015-02-26 19:47:39 ----DC---- C:\Windows\system32\CodeIntegrity
2015-02-26 19:17:33 ----DC---- C:\Program Files\CCleaner
2015-02-26 19:14:28 ----DC---- C:\Windows\system32\wdi
2015-02-26 19:08:27 ----DC---- C:\Windows\system32\MsDtc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-09-24 138584]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2015-02-26 23840]
R1 MpKslaa3afb2c;MpKslaa3afb2c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8E6C32EB-B694-46AB-B2A2-AB2BB9273791}\MpKslaa3afb2c.sys []
R2 irda;@netirda.inf,%IrDA.DisplayName%;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2013-08-22 95232]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-19 10071040]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-19 290304]
R3 b57nd60x;@netb57vx.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2013-06-18 376832]
R3 netwlv32;@netwlv32.inf, %NIC_Service_DispName_VISTA%; Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netwlv32.sys [2013-06-18 6637056]
R3 NSCIRDA;@oem7.inf,%NSCIRDA.ServiceDesc%;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 30720]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2013-06-18 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2013-06-18 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2013-06-18 661504]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 177152]
S3 dg_ssudbus;@oem2.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 dot4;@oem3.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 137632]
S3 Dot4Print;@oem4.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 22432]
S3 dot4usb;@oem3.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 42912]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pneteth;@oem15.inf,%pneteth.Service.DispName%;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 13440]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2013-08-26 15576]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-08-26 10200]
S3 ssudeadb;@oem49.inf,%ssud.Service.DeviceDesc%;SAMSUNG Android Composite ADB(V1.5) Interface Driver ; C:\Windows\System32\Drivers\ssudeadb.sys [2013-12-26 34744]
S3 ssudmdm;@oem10.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-08-22 15872]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 37888]
S3 usbser;@oem16.inf,%Serial.SvcDesc%;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2014-11-04 26624]
S3 WinUSB;@winusb.inf,%WinUSB_SvcDesc%;Ovladač WinUsb; C:\Windows\System32\drivers\WinUSB.sys [2013-08-22 64000]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2014-10-29 33088]
R2 USBSafelyRemoveService;USB Safely Remove Assistant; C:\Program Files\USB Safely Remove\USBSRService.exe [2012-01-31 742744]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-05 107912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 33088]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-05 107912]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

-----------------EOF-----------------

[Márty84]

Zdravim

Je s pc nejaky konkretni problem, nebo jde ciste jen o prevenci?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[bigmuff]

..možná malinko pomalejší

ale ted jsem nemohl ntb zapnout ,vždy po zapnutí jen bílá obrazovka asi 6x vypnout zapnout a naběhl

[Márty84]

OK, provedte nejprve krok s ADWCleanerem.

[bigmuff]

# AdwCleaner v4.112 - Logfile created 14/03/2015 at 15:55:11
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 8.1 Pro (x86)
# Username : mixer - _MIXÍK_
# Running from : C:\Users\mixer\Downloads\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Solvusoft

***** [ Web browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v36.0 (x86 cs)


-\\ Google Chrome v41.0.2272.89

[C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://pandasecurityr.mystart.com/?source=5b97eeb3&v=4_0&tbp=rbox&toolbarid=pandasecuritytb&u=A0E1E1F49C1A024BF8334E515C784814&q={searchTerms}
[C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.softonic.it/s/{searchTerms}
[C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.recordmusic.cz/?page=websearch&srch ... earchTerms}

*************************

AdwCleaner[R0].txt - [1490 bytes] - [14/03/2015 15:45:14]
AdwCleaner[S0].txt - [1427 bytes] - [14/03/2015 15:55:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1486 bytes] ##########

[Márty84]

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[bigmuff]

tady

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 Professional [6.2 Build 9200] (x86)
Date : 2015/03/14 20:54:43

-- Controller Map ----------------------------------------------------------
+ Řadič úložiště Intel(R) ICH8M s rozhraním Serial ATA 3portový - 2828 [ATA]
+ ATA Channel 0 (0)
- HL-DT-ST DVDRAM GSA-T20N ATA Device
- ATA Channel 1 (1)
+ Řadiče úložiště Intel(R) ICH8M v režimu Ultra ATA - 2850 [ATA]
+ ATA Channel 0 (0)
- Hitachi HTS541616J9SA00 ATA Device
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS541616J9SA00 : 160,0 GB [0/2/0, pd1]
(2) TOSHIBA MK3255GSX : 320,0 GB [1/0/0, jm1]

----------------------------------------------------------------------------
(1) Hitachi HTS541616J9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS541616J9SA00
Firmware : SB4OC70P
Serial Number : SB2404SJDBPM7E
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 7516 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 1
Transfer Mode : SATA/150
Power On Hours : 13800 hod.
Power On Count : 4735 krát
Temparature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 225 225 _33 000D00000001 Čas na roztočení ploten
04 _97 _97 __0 0000000012F7 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _69 _69 __0 0000000035E8 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 00000000127F Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000000000B6 Počet vypnutí disku
C1 _91 _91 __0 000000016F4A Počet cyklů načítání/vymazání
C2 171 171 __0 003D00140020 Teplota
C4 100 100 __0 000000000004 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 5342 3234 534A 534A 4442 504D 3745
020: 0003 3AB8 0004 5342 344F 3050 3050 4869 7461 6368
030: 6920 4854 5335 3431 3631 3953 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0702 0702 0000 005E 0040
080: 00FC 001A 746B 7F69 6163 3C49 3C49 6163 203F 0029
090: 0000 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 25D3 68BF 0000 0000 0000 0000 0000 0000 0000 4000
120: 4000 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 0030 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 344A 0000 0000 3242 3242 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 72A5

----------------------------------------------------------------------------
(2) TOSHIBA MK3255GSX
----------------------------------------------------------------------------
Enclosure : StoreJet Transcend USB Device (V=152D, P=2329, jm1)
Model : TOSHIBA MK3255GSX
Firmware : FG011J
Serial Number : 1996F02PS
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : Neznámy údaj
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 8804 hod.
Power On Count : 4008 krát
Temparature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 0000000006D7 Čas na roztočení ploten
04 100 100 __0 00000000268B Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _78 _78 __0 000000002264 Hodin v činnosti
0A 253 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000FA8 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 _98 _98 __0 0000000004AF Počet vypnutí disku
C1 _85 _85 __0 000000025C32 Počet cyklů načítání/vymazání
C2 100 100 __0 002E00130021 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000003 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000003045 Posunutí disku vůči ose
DE _91 _91 __0 000000000F30 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000F3 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3939 3939 3646 3032 5053
020: 0000 4000 0000 4647 3031 2020 2020 544F 5348 4942
030: 4120 4D4B 3332 3535 4753 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F06 0F06 0000 004C 0040
080: 01F8 0000 746B 7D09 6163 3C09 3C09 6163 203F 0048
090: 0000 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 4000 4000 0000 5000 0391
110: 86A0 1083 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0001 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0039 0039 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E2A5

[bigmuff]

a tady

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 14. 3. 2015
Čas skenování: 21:00:39
Protokol: ttt.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.14.04
Databáze rootkitů: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x86
Souborový systém: NTFS
Uživatel: mixer

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 305014
Uplynulý čas: 32 min, 0 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

[Márty84]

Test MBAM nebyl nastaven podle navodu. Dal jste jen sken hrozeb. Ja chtel vlastni sken vsech disku. Sken hrozeb neprohlizi cely pocitac. Takze repete

[bigmuff]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 14. 3. 2015
Čas skenování: 22:32:38
Protokol: ttt.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.14.04
Databáze rootkitů: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x86
Souborový systém: NTFS
Uživatel: mixer

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 418682
Uplynulý čas: 1 hod, 39 min, 13 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

[Márty84]

MBAM odinstalujte.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[bigmuff]

tady

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by mixer (administrator) on _MIXÍK_ on 15-03-2015 13:10:35
Running from C:\Users\mixer\Desktop
Loaded Profiles: mixer (Available profiles: mixer)
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\USB Safely Remove\USBSRService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(BitTorrent, Inc.) C:\Users\mixer\AppData\Roaming\uTorrent\utorrent.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(r2 studios) C:\Program Files\r2 Studios\HideOE\HideOE.exe
() C:\Users\mixer\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\mixer\Desktop\FRSTLauncher (2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [850704 2007-06-14] (Dritek System Inc.)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [uTorrent] => C:\Users\mixer\AppData\Roaming\uTorrent\utorrent.exe [398760 2014-04-14] (BitTorrent, Inc.)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2611808 2014-03-14] ()
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [HideOE] => C:\Program Files\r2 Studios\HideOE\HideOE.exe [32768 2003-07-24] (r2 studios)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software)
Startup: C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk
ShortcutTarget: wandoujia_helper.lnk -> C:\Users\mixer\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Tcpip\..\Interfaces\{CCDCC26D-3994-4C29-BB22-D1769C215134}: [NameServer] 8.8.8.8,213.191.100.3

FireFox:
========
FF ProfilePath: C:\Users\mixer\AppData\Roaming\Mozilla\Firefox\Profiles\8qdr6k85.default
FF SearchEngineOrder.1: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-26] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF SearchPlugin: C:\Users\mixer\AppData\Roaming\Mozilla\Firefox\Profiles\8qdr6k85.default\searchplugins\seznam-avast.xml [2014-09-10]
FF Extension: DownloadHelper - C:\Users\mixer\AppData\Roaming\Mozilla\Firefox\Profiles\8qdr6k85.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-03-01]
FF Extension: Adblock Plus - C:\Users\mixer\AppData\Roaming\Mozilla\Firefox\Profiles\8qdr6k85.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-01]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=031813", "https://www.seznam.cz/?clid=22668", "https://www.google.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-05]
CHR Extension: (Google Drive) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-05]
CHR Extension: (YouTube) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-05]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2015-02-26]
CHR Extension: (Google Search) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Google Sheets) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-05]
CHR Extension: (Chrome Remote Desktop) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-02-26]
CHR Extension: (AdBlock) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-26]
CHR Extension: (TLRemove) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hneieddeibpcngeljjkdpcajfcgelalk [2015-02-26]
CHR Extension: (Google Wallet) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\mixer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [250880 2014-10-29] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [103936 2014-10-29] (Microsoft Corporation)
R2 USBSafelyRemoveService; C:\Program Files\USB Safely Remove\USBSRService.exe [742744 2012-01-31] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284488 2015-02-04] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2014-10-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22200 2015-02-04] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1269248 2014-10-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2014-09-24] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-02-26] (REALiX(tm))
R3 netwlv32; C:\Windows\system32\DRIVERS\netwlv32.sys [6637056 2013-06-18] (Intel Corporation)
R0 nhcDriverDevice; C:\Windows\System32\drivers\nhcDriver.sys [71680 2015-03-14] (Notebook Hardware Control) [File not signed]
S3 pneteth; C:\Windows\system32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15576 2013-08-26] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10200 2013-08-26] ()
S3 ssudeadb; C:\Windows\System32\Drivers\ssudeadb.sys [34744 2013-12-26] (Google Inc)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [84800 2015-02-04] (Microsoft Corporation)
R0 Wof; C:\Windows\system32\Drivers\Wof.sys [138584 2014-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 13:10 - 2015-03-15 13:11 - 00011412 ____C () C:\Users\mixer\Desktop\FRST.txt
2015-03-15 13:10 - 2015-03-15 13:10 - 00000000 ___DC () C:\FRST
2015-03-15 13:06 - 2015-03-15 13:06 - 00112640 ____C (forum.viry.cz) C:\Users\mixer\Desktop\FRSTLauncher (2).exe
2015-03-15 13:04 - 2015-03-15 13:04 - 00112640 ____C (forum.viry.cz) C:\Users\mixer\Downloads\Nepotvrzeno 895396.crdownload
2015-03-15 13:03 - 2015-03-15 13:03 - 00112640 ____C (forum.viry.cz) C:\Users\mixer\Downloads\Nepotvrzeno 490189.crdownload
2015-03-15 13:01 - 2015-03-15 13:02 - 01135104 ____C (Farbar) C:\Users\mixer\Desktop\FRST.exe
2015-03-15 12:38 - 2015-03-15 12:39 - 00016104 ____C () C:\Users\mixer\Downloads\[rutracker.org].t4960501.torrent
2015-03-15 12:28 - 2015-03-15 12:30 - 00067767 ____C () C:\Users\mixer\Downloads\[CzT]Americky_gangster_American_gangster_1080p_.torrent
2015-03-15 12:26 - 2015-03-15 12:26 - 00024489 ____C () C:\Users\mixer\Downloads\[CzT]Spalene_zivoty_The_Burning_Plain_2008_CZ_EN_720pHD_.torrent
2015-03-14 23:42 - 2015-03-14 23:42 - 00002343 ____C () C:\Users\mixer\Desktop\ZP320 - SnapPea.lnk
2015-03-14 23:42 - 2015-03-14 23:42 - 00000801 ____C () C:\Users\mixer\Desktop\ZP320 Backup.lnk
2015-03-14 23:42 - 2015-03-14 23:42 - 00000000 ___DC () C:\Users\mixer\Documents\SnapPea
2015-03-14 21:38 - 2015-03-15 00:17 - 00001118 ____C () C:\Users\mixer\Desktop\ttt.txt
2015-03-14 21:30 - 2015-03-14 21:30 - 00001309 ____C () C:\Users\mixer\Downloads\gps.conf
2015-03-14 21:08 - 2015-03-14 23:42 - 00000000 ___DC () C:\Users\mixer\AppData\Local\Wandoujia2
2015-03-14 21:07 - 2015-03-14 23:52 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Wandoujia2
2015-03-14 21:07 - 2015-03-14 21:07 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\WandoujiaUsbDriver
2015-03-14 21:07 - 2015-03-14 21:07 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnapPea
2015-03-14 21:05 - 2015-03-14 21:07 - 00000000 ___DC () C:\Program Files\WandouLabs
2015-03-14 20:53 - 2015-03-14 20:54 - 00000000 ___DC () C:\Users\mixer\Downloads\CrystalDiskInfo5_0_0
2015-03-14 19:01 - 2015-03-14 19:01 - 00000000 ___DC () C:\Users\mixer\Downloads\gps_mtk_no_
2015-03-14 19:00 - 2015-03-14 19:00 - 00006572 ____C () C:\Users\mixer\Downloads\gps_mtk_no_.rar
2015-03-14 18:52 - 2015-03-14 18:52 - 00276480 ____C () C:\Users\mixer\Downloads\EPO.DAT
2015-03-14 18:51 - 2015-03-14 18:51 - 00000037 ____C () C:\Users\mixer\Downloads\EPO.MD5
2015-03-14 17:22 - 2015-03-14 17:22 - 00000043 ____C () C:\Users\mixer\Desktop\gramec.txt
2015-03-14 17:17 - 2015-03-14 17:18 - 106870645 ____C () C:\Users\mixer\Desktop\MTK Phone GPS Software Fix.mp4
2015-03-14 15:45 - 2015-03-14 15:55 - 00000000 ___DC () C:\AdwCleaner
2015-03-14 14:33 - 2015-03-14 14:35 - 00002275 ____C () C:\Users\mixer\Desktop\SpyHunter.lnk
2015-03-14 14:33 - 2015-03-14 14:33 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-03-14 14:33 - 2015-03-14 14:33 - 00000000 ___DC () C:\sh4ldr
2015-03-14 14:33 - 2015-03-14 14:33 - 00000000 ___DC () C:\Program Files\Enigma Software Group
2015-03-14 14:31 - 2015-03-14 14:33 - 00000000 ___DC () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-03-14 14:31 - 2015-03-14 14:31 - 00000000 ___DC () C:\Program Files\Common Files\Wise Installation Wizard
2015-03-14 14:13 - 2015-03-14 14:13 - 00001297 ____C () C:\Users\Public\Desktop\Documents To Go Desktop for Android.lnk
2015-03-14 14:13 - 2015-03-14 14:13 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\DocumentsToGoDesktopAndroid
2015-03-14 14:12 - 2015-03-14 14:12 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Documents To Go Desktop for Android
2015-03-14 14:12 - 2015-03-14 14:12 - 00000000 ___DC () C:\Program Files\Documents To Go Desktop for Android
2015-03-14 11:33 - 2015-03-14 14:10 - 00071680 ____C (Notebook Hardware Control) C:\Windows\system32\Drivers\nhcDriver.sys
2015-03-14 11:33 - 2015-03-14 11:33 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Notebook Hardware Control
2015-03-14 10:40 - 2015-03-14 11:08 - 00000000 ___DC () C:\Program Files\trend micro
2015-03-14 10:39 - 2015-03-14 10:57 - 00000000 ___DC () C:\rsit
2015-03-13 20:58 - 2015-03-13 20:58 - 24100385 ____C () C:\Users\mixer\Desktop\Jak správně naostřit pilový řetěz.mp4
2015-03-13 20:54 - 2015-03-13 20:55 - 131443640 ____C () C:\Users\mixer\Desktop\Jak nabrousit motorovou pilu.mp4
2015-03-12 16:26 - 2015-03-12 16:27 - 00000000 ___DC () C:\Users\mixer\Desktop\zoo hodonín
2015-03-12 16:25 - 2015-03-15 12:50 - 00304837 ____C () C:\Windows\WindowsUpdate.log
2015-03-12 16:24 - 2015-03-15 01:24 - 00002852 ____C () C:\Windows\setupact.log
2015-03-12 16:24 - 2015-03-12 16:24 - 00000000 ____C () C:\Windows\setuperr.log
2015-03-10 23:37 - 2015-03-10 23:37 - 00000000 ____C () C:\Users\mixer\Desktop\Nový textový dokument.txt
2015-03-10 20:26 - 2015-02-08 00:49 - 00791040 ____C (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-10 20:26 - 2015-02-06 02:08 - 01943040 ____C (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-10 20:26 - 2015-01-31 00:20 - 00162304 ____C (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-10 20:26 - 2015-01-29 19:34 - 01488040 ____C (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-10 20:26 - 2015-01-29 02:00 - 00210944 ____C (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-10 20:26 - 2015-01-29 01:50 - 00811008 ____C (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-10 20:26 - 2015-01-23 06:02 - 00560392 ____C (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-10 20:26 - 2015-01-21 06:15 - 01123848 ____C (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-10 20:25 - 2015-03-06 03:33 - 00358912 ____C (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-10 20:25 - 2015-02-12 18:34 - 19731824 ____C (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-10 20:25 - 2015-02-07 00:09 - 00396419 ____C () C:\Windows\system32\ApnDatabase.xml
2015-03-10 20:25 - 2015-02-03 01:03 - 03551744 ____C (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-10 20:25 - 2015-01-31 00:29 - 02484224 ____C (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-10 20:25 - 2015-01-30 03:25 - 00083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-10 20:25 - 2015-01-30 02:44 - 01230336 ____C (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-10 20:25 - 2015-01-30 02:42 - 01204224 ____C (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-10 20:25 - 2015-01-29 02:29 - 00290816 ____C (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-10 20:25 - 2015-01-29 01:56 - 00602624 ____C (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-10 20:25 - 2015-01-29 01:55 - 00873984 ____C (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-10 20:25 - 2014-12-11 06:40 - 00041296 ____C (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-10 20:24 - 2015-02-21 01:41 - 12827648 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-10 20:24 - 2015-02-21 01:27 - 00285696 ____C (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-10 20:24 - 2015-02-21 01:27 - 00128000 ____C (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-10 20:24 - 2015-02-21 01:25 - 19720192 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-10 20:24 - 2015-02-21 00:32 - 00076288 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-10 20:24 - 2015-02-20 03:09 - 00503296 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-10 20:24 - 2015-02-20 03:06 - 00064000 ____C (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-10 20:24 - 2015-02-20 03:03 - 02278400 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-10 20:24 - 2015-02-20 02:56 - 00664064 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-10 20:24 - 2015-02-20 02:30 - 04300288 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-10 20:24 - 2015-02-20 02:30 - 00880128 ____C (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-10 20:24 - 2015-02-20 02:26 - 00230400 ____C (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-10 20:24 - 2015-02-20 02:24 - 02052608 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-10 20:24 - 2015-02-20 02:24 - 00689152 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-10 20:24 - 2015-02-20 02:24 - 00684544 ____C (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-10 20:24 - 2015-02-20 02:01 - 01888256 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-10 20:24 - 2015-02-20 01:57 - 01311232 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-10 20:24 - 2015-02-20 01:55 - 00710144 ____C (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-10 20:24 - 2015-01-28 00:41 - 02207488 ____C (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-10 20:24 - 2015-01-24 02:51 - 00816128 ____C (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-10 20:23 - 2015-02-26 00:27 - 03543552 ____C (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-10 20:23 - 2015-01-30 02:40 - 00091648 ____C (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-10 20:23 - 2015-01-30 02:24 - 00250880 ____C (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-10 20:23 - 2015-01-30 02:16 - 00266752 ____C (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-10 20:23 - 2015-01-30 02:06 - 00278016 ____C (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-10 20:23 - 2015-01-28 02:11 - 00357376 ____C (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-10 20:23 - 2015-01-24 03:20 - 00117248 ____C (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-10 20:23 - 2015-01-24 01:48 - 02975744 ____C (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-10 20:22 - 2015-02-20 03:20 - 00301056 ____C (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-10 20:22 - 2015-02-20 03:15 - 00035840 ____C (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-10 20:22 - 2015-01-28 16:35 - 05769024 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-10 20:22 - 2015-01-28 16:35 - 01468408 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-10 20:22 - 2015-01-28 02:47 - 00060928 ____C (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-10 20:20 - 2015-02-05 21:17 - 00869696 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-10 20:20 - 2015-02-04 00:51 - 00227136 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-10 20:20 - 2015-02-04 00:51 - 00084800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-10 20:20 - 2015-02-04 00:51 - 00038392 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-10 20:20 - 2015-02-03 00:53 - 00012800 ____C (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-10 20:18 - 2015-01-29 01:49 - 02459136 ____C (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-08 17:41 - 2015-03-08 17:41 - 00000000 ___DC () C:\Program Files\Common Files\DESIGNER
2015-03-07 00:18 - 2015-03-07 00:18 - 00114904 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\1DFB1891.sys
2015-03-06 21:22 - 2015-03-15 13:11 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\USBSafelyRemove
2015-03-06 21:09 - 2015-03-06 21:09 - 00001233 ____C () C:\Users\Public\Desktop\Medieval CUE Splitter.lnk
2015-03-06 21:09 - 2015-03-06 21:09 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software
2015-03-06 21:09 - 2015-03-06 21:09 - 00000000 ___DC () C:\Program Files\Medieval Software
2015-03-06 16:22 - 2015-03-06 16:22 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2015-03-05 18:53 - 2015-03-05 18:53 - 00001146 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-04 18:47 - 2015-03-15 12:22 - 00000000 ___DC () C:\Users\mixer\.rainlendar2
2015-03-04 18:42 - 2015-03-04 18:42 - 00001908 ____C () C:\Users\mixer\Desktop\Rainlendar2.lnk
2015-03-04 18:39 - 2015-03-04 18:39 - 00001879 ____C () C:\Users\mixer\Desktop\hp psc 1310 series – zástupce.lnk
2015-03-04 17:31 - 2015-03-04 17:31 - 00000000 ___DC () C:\Users\Default\AppData\Local\Microsoft Help
2015-03-04 17:31 - 2015-03-04 17:31 - 00000000 ___DC () C:\Users\Default User\AppData\Local\Microsoft Help
2015-03-04 17:18 - 2015-03-04 17:18 - 00000083 ____C () C:\Windows\LManager.UNI
2015-03-04 17:18 - 2015-03-04 17:18 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch Manager
2015-03-04 17:18 - 2015-03-04 17:18 - 00000000 ___DC () C:\Program Files\Launch Manager
2015-03-04 17:18 - 2015-03-04 17:18 - 00000000 ____C () C:\Windows\Setup.INI
2015-03-03 21:02 - 2015-03-03 21:02 - 00000000 ___DC () C:\Users\mixer\AppData\Local\4kdownload.com
2015-03-03 21:00 - 2015-03-13 20:54 - 00001251 ____C () C:\Users\mixer\Desktop\4K Video Downloader.lnk
2015-03-03 21:00 - 2015-03-13 20:54 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2015-03-03 21:00 - 2015-03-03 21:00 - 00000000 ___DC () C:\Program Files\4KDownload
2015-03-01 18:09 - 2015-03-01 18:09 - 00000000 ___DC () C:\Program Files\r2 Studios
2015-03-01 16:32 - 2015-01-05 17:26 - 00000769 ____C () C:\Users\mixer\Documents\indexfile.txt
2015-03-01 16:30 - 2015-03-15 12:32 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\vlc
2015-03-01 16:13 - 2015-03-01 16:13 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-01 16:12 - 2015-03-01 16:12 - 00000000 ___DC () C:\Program Files\VideoLAN
2015-03-01 09:55 - 2015-03-01 09:55 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Zoner
2015-03-01 09:55 - 2015-03-01 09:55 - 00000000 ___DC () C:\Users\mixer\AppData\Local\Zoner
2015-03-01 09:54 - 2015-03-01 09:55 - 00002068 ____C () C:\Users\Public\Desktop\Zoner Photo Studio 17.lnk
2015-03-01 09:54 - 2015-03-01 09:54 - 00000000 ___DC () C:\ProgramData\Zoner
2015-03-01 09:53 - 2015-03-01 09:53 - 00000000 ___DC () C:\Program Files\Zoner
2015-03-01 09:52 - 2015-03-01 09:53 - 00000000 ___DC () C:\Windows\AutoKMS
2015-03-01 09:45 - 2015-03-01 09:45 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-01 09:43 - 2015-03-01 09:43 - 00000000 ___DC () C:\Program Files\Microsoft Synchronization Services
2015-03-01 09:42 - 2015-03-01 09:42 - 00000000 ___DC () C:\Program Files\Microsoft SQL Server Compact Edition
2015-03-01 09:36 - 2015-03-01 09:36 - 00000000 ___DC () C:\Users\mixer\AppData\Local\Microsoft Help
2015-03-01 09:36 - 2015-03-01 09:36 - 00000000 ___DC () C:\Program Files\Microsoft Analysis Services
2015-03-01 09:35 - 2015-03-14 09:46 - 00000000 ___DC () C:\ProgramData\Microsoft Help
2015-03-01 09:35 - 2015-03-01 09:43 - 00000000 ___DC () C:\Program Files\Microsoft Office
2015-03-01 09:34 - 2015-03-01 09:34 - 00000000 _RHDC () C:\MSOCache
2015-03-01 09:25 - 2015-03-01 09:26 - 00001092 ____C () C:\Users\mixer\Desktop\USB Safely Remove.lnk
2015-03-01 09:25 - 2015-03-01 09:25 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\USB Safely Remove
2015-03-01 09:25 - 2015-03-01 09:25 - 00000000 ___DC () C:\ProgramData\USBSRService
2015-03-01 09:24 - 2015-03-01 09:26 - 00000000 ___DC () C:\Program Files\USB Safely Remove
2015-03-01 09:20 - 2015-03-04 18:42 - 00000000 ___DC () C:\Program Files\Rainlendar2
2015-02-28 22:07 - 2015-03-14 23:42 - 00086528 __SHC () C:\Users\mixer\Desktop\Thumbs.db
2015-02-28 17:39 - 2015-03-14 22:11 - 00000437 ____C () C:\Windows\system32\Drivers\etc\hosts.ics
2015-02-27 15:20 - 2015-02-27 15:20 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\WinRAR
2015-02-27 15:20 - 2015-02-27 15:20 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-27 15:20 - 2015-02-27 15:20 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-27 15:19 - 2015-02-27 15:21 - 00000000 ___DC () C:\Program Files\WinRAR
2015-02-27 14:37 - 2015-02-27 14:37 - 00047962 ____C () C:\Users\mixer\Desktop\zdroják fotky.txt
2015-02-27 14:12 - 2013-08-26 11:52 - 02880704 ____C () C:\Windows\system32\pwNative.exe
2015-02-27 14:12 - 2013-08-26 11:52 - 00015576 ____C () C:\Windows\system32\pwdrvio.sys
2015-02-27 14:11 - 2013-08-26 11:52 - 00010200 ____C () C:\Windows\system32\pwdspio.sys
2015-02-27 14:10 - 2015-02-27 14:11 - 00001325 ____C () C:\Users\Public\Desktop\MiniTool Partition Wizard Professional Edition.lnk
2015-02-27 14:10 - 2015-02-27 14:11 - 00000000 ___DC () C:\Program Files\MiniTool Partition Wizard Professional Edition 8.1
2015-02-27 14:10 - 2015-02-27 14:10 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Professional Edition 8.1
2015-02-26 21:59 - 2015-02-26 21:59 - 00000945 ____C () C:\Users\Public\Desktop\iRoot.lnk
2015-02-26 21:59 - 2015-02-26 21:59 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\mgyun
2015-02-26 21:59 - 2015-02-26 21:59 - 00000000 ___DC () C:\Users\mixer\.android
2015-02-26 21:59 - 2015-02-26 21:59 - 00000000 ___DC () C:\Program Files\VROOT
2015-02-26 21:53 - 2015-02-26 21:53 - 00000000 ___DC () C:\Program Files\ClockworkMod
2015-02-26 21:43 - 2015-02-26 21:43 - 00000000 ___HC () C:\Windows\system32\Drivers\Msft_Kernel_ssudeadb_01007.Wdf
2015-02-26 21:37 - 2013-12-26 06:41 - 01112288 ____C (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-02-26 21:37 - 2013-12-26 06:41 - 01112288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-02-26 21:37 - 2013-12-26 06:41 - 00034744 ____C (Google Inc) C:\Windows\system32\Drivers\ssudeadb.sys
2015-02-26 21:36 - 2015-02-26 21:36 - 00000000 ___DC () C:\Program Files\SAMSUNG
2015-02-26 21:34 - 2015-02-26 21:34 - 00000000 ___DC () C:\ProgramData\Samsung
2015-02-26 21:00 - 2011-11-25 00:26 - 00013440 ____C (June Fabrics Technology Inc.) C:\Windows\system32\Drivers\pneteth.sys
2015-02-26 20:58 - 2015-02-26 20:58 - 00000000 ___DC () C:\Program Files\InstallShield Installation Information
2015-02-26 20:55 - 2015-02-26 20:55 - 00000000 ___DC () C:\Windows\tiinst
2015-02-26 20:39 - 2015-02-26 20:39 - 00000000 ___DC () C:\Windows\Tasks\ImCleanDisabled
2015-02-26 20:37 - 2015-03-15 12:55 - 00000000 ___DC () C:\ProgramData\TEMP
2015-02-26 20:37 - 2015-02-26 20:37 - 00002030 ____C () C:\Users\mixer\Desktop\1-Click Cleaning by Your Uninstaller!.lnk
2015-02-26 20:37 - 2015-02-26 20:37 - 00001038 ____C () C:\Users\mixer\Desktop\Your Uninstaller!.lnk
2015-02-26 20:37 - 2015-02-26 20:37 - 00000000 ___DC () C:\Windows\Profiles\mixer
2015-02-26 20:37 - 2015-02-26 20:37 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\URSoft
2015-02-26 20:37 - 2015-02-26 20:37 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller!
2015-02-26 20:18 - 2015-02-26 20:18 - 00000000 ___DC () C:\ProgramData\ProductData
2015-02-26 20:17 - 2015-02-26 20:17 - 00023840 ____C (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2015-02-26 20:17 - 2015-02-26 20:17 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\IObit
2015-02-26 20:17 - 2015-02-26 20:17 - 00000000 ___DC () C:\ProgramData\IObit
2015-02-26 19:56 - 2015-02-26 20:41 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2015-02-26 19:56 - 2015-02-26 19:57 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Mozilla
2015-02-26 19:56 - 2015-02-26 19:56 - 00001134 ____C () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-26 19:56 - 2015-02-26 19:56 - 00000000 ___DC () C:\Users\mixer\AppData\Local\Mozilla
2015-02-26 19:31 - 2014-04-16 00:35 - 00028352 ____C (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-02-26 19:30 - 2015-01-19 19:36 - 01192552 ____C (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-26 19:30 - 2014-12-12 02:34 - 00074240 ____C (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-26 19:30 - 2014-12-12 01:46 - 00061952 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-02-26 19:30 - 2014-12-06 03:36 - 00273408 ____C (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-26 19:30 - 2014-12-06 02:28 - 00314880 ____C (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-26 19:29 - 2015-01-12 02:45 - 00418304 ____C (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-26 19:29 - 2015-01-12 02:23 - 00327168 ____C (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-26 19:29 - 2014-12-19 09:25 - 00602776 ____C (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-26 19:29 - 2014-11-22 03:06 - 00340992 ____C (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-26 19:28 - 2015-01-15 23:37 - 00478776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-26 19:28 - 2015-01-15 23:37 - 00148288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-26 19:28 - 2014-12-13 22:29 - 00513488 ____C () C:\Windows\system32\locale.nls
2015-02-26 19:28 - 2014-12-09 04:42 - 00187904 ____C (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-26 19:28 - 2014-12-08 20:46 - 00485544 ____C (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-02-26 19:28 - 2014-12-08 20:46 - 00108944 ____C (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-26 19:28 - 2014-12-08 20:42 - 00448792 ____C (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-02-26 19:28 - 2014-12-08 20:42 - 00372408 ____C (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-02-26 19:28 - 2014-12-08 20:42 - 00033584 ____C (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-02-26 19:28 - 2014-12-06 02:23 - 00194048 ____C (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-02-26 19:27 - 2014-12-19 06:46 - 00124928 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-26 19:27 - 2014-12-09 04:45 - 00393728 ____C (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-17 15:26 - 2015-02-17 15:26 - 01217184 ____C (Microsoft Corporation) C:\Windows\system32\FM20.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 13:12 - 2015-01-05 21:31 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\uTorrent
2015-03-15 13:00 - 2013-08-22 09:17 - 00000000 ___DC () C:\Windows\system32\sru
2015-03-15 12:25 - 2014-09-24 04:06 - 01745984 ____C () C:\Windows\system32\PerfStringBackup.INI
2015-03-15 12:22 - 2015-01-05 19:38 - 00000960 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 01:20 - 2015-01-05 19:38 - 00000964 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-14 15:56 - 2013-08-22 08:23 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2015-03-14 15:51 - 2013-08-22 09:17 - 00000000 ____D () C:\Windows\rescache
2015-03-14 10:28 - 2015-01-05 19:38 - 00002166 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-14 09:18 - 2015-01-05 18:35 - 00000000 ___DC () C:\Users\mixer
2015-03-13 22:05 - 2013-08-22 09:17 - 00000000 ___DC () C:\Windows\Microsoft.NET
2015-03-10 20:58 - 2013-08-22 08:22 - 00472672 ____C () C:\Windows\system32\FNTCACHE.DAT
2015-03-10 20:54 - 2013-08-22 09:17 - 00000000 __RDC () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-10 20:54 - 2013-08-22 09:17 - 00000000 __RDC () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-10 20:54 - 2013-08-22 09:17 - 00000000 ___RD () C:\Windows\ToastData
2015-03-10 20:54 - 2013-08-22 09:17 - 00000000 ___DC () C:\Windows\WinStore
2015-03-10 20:54 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-10 20:49 - 2013-08-22 09:05 - 00000000 ___DC () C:\Windows\CbsTemp
2015-03-10 20:47 - 2015-01-05 19:20 - 00000000 ___DC () C:\Windows\system32\MRT
2015-03-10 20:38 - 2015-01-05 19:20 - 119837696 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-10 20:33 - 2013-08-22 09:17 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-10 19:20 - 2015-01-05 19:52 - 00000000 __RDC () C:\Users\mixer\OneDrive
2015-03-08 18:21 - 2015-01-05 18:21 - 00000000 ___DC () C:\Windows\Panther
2015-03-08 14:23 - 2013-08-22 07:21 - 00000000 _RHDC () C:\Users\Default
2015-03-04 22:24 - 2014-09-24 04:46 - 00792032 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-09-24 04:46 - 00178144 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-03-04 17:13 - 2013-08-22 09:17 - 00000000 ___DC () C:\Program Files\Common Files\microsoft shared
2015-03-03 14:16 - 2015-01-05 18:49 - 00246920 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-01 09:44 - 2014-09-24 03:50 - 00000000 ___DC () C:\Windows\ShellNew
2015-03-01 09:42 - 2013-08-22 09:17 - 00000000 ___DC () C:\Program Files\Microsoft.NET
2015-02-27 14:05 - 2015-01-05 19:55 - 00000000 ___DC () C:\Users\mixer\AppData\Local\Windows Live Writer
2015-02-27 14:00 - 2015-01-05 19:55 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Windows Live Writer
2015-02-27 13:31 - 2013-08-22 09:17 - 00000000 ___DC () C:\Windows\system32\LogFiles
2015-02-26 20:26 - 2013-08-22 09:17 - 00000000 ___DC () C:\Windows\registration
2015-02-26 19:40 - 2015-01-05 21:32 - 00000992 ____C () C:\Users\mixer\Desktop\µTorrent.lnk
2015-02-26 19:26 - 2015-01-05 19:51 - 00000000 ___DC () C:\Users\mixer\AppData\Local\Windows Live
2015-02-26 19:20 - 2013-08-22 07:13 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-26 19:17 - 2015-01-05 21:33 - 00000994 ____C () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-26 19:17 - 2015-01-05 21:33 - 00000000 ___DC () C:\Program Files\CCleaner
2015-02-26 19:08 - 2013-08-22 09:17 - 00000000 ___DC () C:\Windows\system32\MsDtc

==================== Files in the root of some directories =======


Some content of TEMP:
====================
C:\Users\mixer\AppData\Local\Temp\Quarantine.exe
C:\Users\mixer\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:B3D74A13

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\mixer\Desktop" je 338 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

Hlidejte velikost plochy. Cim mensi bude, tim lepe pro pc.

Pokud jeste v pc je, odinstalujte SpyHunter.


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [uTorrent] => C:\Users\mixer\AppData\Roaming\uTorrent\utorrent.exe [398760 2014-04-14] (BitTorrent, Inc.)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software)
Startup: C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk
ShortcutTarget: wandoujia_helper.lnk -> C:\Users\mixer\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe ()

2015-03-14 14:31 - 2015-03-14 14:33 - 00000000 ___DC () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-03-14 14:33 - 2015-03-14 14:35 - 00002275 ____C () C:\Users\mixer\Desktop\SpyHunter.lnk
2015-03-14 14:33 - 2015-03-14 14:33 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-03-07 00:18 - 2015-03-07 00:18 - 00114904 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\1DFB1891.sys
2015-03-06 16:22 - 2015-03-06 16:22 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2015-02-26 20:17 - 2015-02-26 20:17 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\IObit
2015-02-26 20:17 - 2015-02-26 20:17 - 00000000 ___DC () C:\ProgramData\IObit

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:B3D74A13

S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-05 107912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-05 107912]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[bigmuff]

..tak tady

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by mixer at 2015-03-15 17:20:21 Run:1
Running from C:\Users\mixer\Desktop
Loaded Profiles: mixer (Available profiles: mixer)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [uTorrent] => C:\Users\mixer\AppData\Roaming\uTorrent\utorrent.exe [398760 2014-04-14] (BitTorrent, Inc.)
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software)
Startup: C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk
ShortcutTarget: wandoujia_helper.lnk -> C:\Users\mixer\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe ()

2015-03-14 14:31 - 2015-03-14 14:33 - 00000000 ___DC () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-03-14 14:33 - 2015-03-14 14:35 - 00002275 ____C () C:\Users\mixer\Desktop\SpyHunter.lnk
2015-03-14 14:33 - 2015-03-14 14:33 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-03-07 00:18 - 2015-03-07 00:18 - 00114904 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\1DFB1891.sys
2015-03-06 16:22 - 2015-03-06 16:22 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2015-02-26 20:17 - 2015-02-26 20:17 - 00000000 ___DC () C:\Users\mixer\AppData\Roaming\IObit
2015-02-26 20:17 - 2015-02-26 20:17 - 00000000 ___DC () C:\ProgramData\IObit

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:B3D74A13

S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-05 107912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-05 107912]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-3237963030-538257963-1598918537-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk => Moved successfully.
C:\Users\mixer\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe => Moved successfully.
C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP => Moved successfully.
"C:\Users\mixer\Desktop\SpyHunter.lnk" => File/Directory not found.
"C:\Users\mixer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter" => File/Directory not found.
C:\Windows\system32\Drivers\1DFB1891.sys => Moved successfully.
C:\ProgramData\Malwarebytes => Moved successfully.
C:\Users\mixer\AppData\Roaming\IObit => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":B3D74A13" ADS removed successfully.
gupdate => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 911.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog 17:21:15 ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.