Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#16 Příspěvek od Márty84 »

Jak jsem psal, nejde to najednou. Havet nam pomalu mizi, takze je cas vycistit prohlizece.


:arrow: Odinstalujte mozzilu i chrome a to komplet, vcetne nastaveni a profilu.
Pokud nechcete prijit o zalozky, muzete si je zazalohovat. Ale jen zalozky, pripadne hesla, jinak nic, nebo si to tam natahate zpatky.
Mozillu pomoci http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/
Chrome pomoci http://www.slunecnice.cz/sw/google-chrome-backup/


:!: Zatim je, pokud je vylozene nutne nepotrebujete, neinstalujte zpatky.



:!: Presunte ComboFix primo na disk C (takze cesta k nemu bude c:\ComboFix.exe )!
:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\system32\uxt6279.tmp
c:\windows\system32\LavasoftTcpService64.dll
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\users\Tomáš\AppData\Roaming\LavasoftStatistics

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"EgisUpdate"=-
"EgisTecPMMUpdate"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
esgiguard
NAUpdate

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte take primo na C (takze cesta k nemu bude c:\CFScript.txt ).
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
simplyfine
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 06 dub 2015 10:31

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#17 Příspěvek od simplyfine »

Zdravím :),
posílám poslední log report Combofix:

ComboFix 15-04-01.01 - Tomáš 07.04.2015 20:04:33.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4076.1869 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\LavasoftTcpService64.dll"
"c:\windows\system32\uxt6279.tmp"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\LavasoftTcpService64.dll
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ESGIGUARD
-------\Service_esgiguard
-------\Service_NAUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-07 do 2015-04-07 )))))))))))))))))))))))))))))))
.
.
2015-04-07 18:13 . 2015-04-07 18:13 -------- d-----w- c:\users\Tomáš\AppData\Local\temp
2015-04-07 18:13 . 2015-04-07 18:13 -------- d-----w- c:\users\Tom ç\AppData\Local\temp
2015-04-07 18:13 . 2015-04-07 18:13 -------- d-----w- c:\users\TOC19D~1\AppData\Local\temp
2015-04-07 18:13 . 2015-04-07 18:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-07 17:06 . 2015-04-07 17:06 -------- d-----w- c:\users\Tomáš\AppData\Roaming\Publish Providers
2015-04-07 15:16 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{334644FF-97AC-40A0-ACE0-088E09262B6E}\mpengine.dll
2015-04-06 19:11 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-04-06 17:24 . 2015-04-06 16:57 24064 ----a-w- c:\windows\zoek-delete.exe
2015-04-06 17:24 . 2015-04-07 18:15 -------- d-----w- c:\users\Tomáš\AppData\Local\Temp
2015-04-06 17:24 . 2015-04-06 17:24 -------- d-----w- c:\users\Tom??
2015-04-06 13:14 . 2015-04-06 16:07 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-06 13:14 . 2015-03-17 04:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-06 13:14 . 2015-03-17 04:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-06 13:14 . 2015-03-17 04:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-06 10:40 . 2015-04-06 10:40 -------- d-----w- c:\users\TomßÜ
2015-04-06 10:21 . 2015-04-06 17:15 -------- d-----w- C:\zoek_backup
2015-04-06 10:15 . 2015-04-06 10:15 -------- d-----w- C:\RegBackup
2015-04-06 10:04 . 2015-04-06 16:55 -------- d-----w- C:\AdwCleaner
2015-04-06 09:50 . 2015-04-06 09:53 -------- d-----w- c:\program files\trend micro
2015-04-06 09:50 . 2015-04-06 09:50 -------- d-----w- C:\rsit
2015-04-04 20:49 . 2015-04-04 20:49 -------- d-----w- c:\program files (x86)\AVG
2015-04-04 17:35 . 2015-04-04 17:35 -------- d-s---w- c:\windows\system32\GWX
2015-04-04 17:35 . 2015-04-04 17:35 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-04 15:42 . 2015-03-13 15:38 622224 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-04-04 14:59 . 2015-04-04 14:59 -------- d-----w- c:\users\Tomáš\AppData\Roaming\LavasoftStatistics
2015-04-01 14:34 . 2015-04-01 14:34 -------- d-----w- c:\users\Tomáš\Tracing
2015-03-31 18:02 . 2015-03-26 15:00 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{43EF85C9-0C1C-4E62-AA4E-98C9D80B95B7}\gapaengine.dll
2015-03-31 17:51 . 2015-03-31 17:51 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2015-03-25 12:37 . 2015-03-11 04:06 677888 ----a-w- c:\windows\system32\generaltel.dll
2015-03-25 12:37 . 2015-03-11 04:06 760832 ----a-w- c:\windows\system32\invagent.dll
2015-03-25 12:37 . 2015-03-11 04:06 414720 ----a-w- c:\windows\system32\devinv.dll
2015-03-25 12:37 . 2015-03-11 04:06 943616 ----a-w- c:\windows\system32\appraiser.dll
2015-03-25 12:37 . 2015-03-11 04:05 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-25 12:37 . 2015-03-11 04:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-25 12:37 . 2015-03-11 04:05 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-25 12:37 . 2015-03-11 04:02 1107456 ----a-w- c:\windows\system32\aeinv.dll
2015-03-23 13:21 . 2015-03-23 13:21 -------- d-----w- c:\users\Tomáš\AppData\Roaming\HomeMakeover3PC
2015-03-21 19:35 . 2015-03-21 19:35 -------- d-----w- c:\users\Tomáš\AppData\Local\MAGIX
2015-03-21 15:17 . 2003-04-18 15:29 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2015-03-21 15:11 . 2015-03-21 15:11 -------- d-----w- c:\users\Tomáš\AppData\Roaming\Logitech
2015-03-15 15:58 . 2015-03-15 15:58 -------- d-----w- c:\users\Tomáš\AppData\Roaming\ZOG
2015-03-11 14:11 . 2015-02-20 04:41 41984 ----a-w- c:\windows\system32\lpk.dll
2015-03-11 14:11 . 2015-02-20 04:40 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-03-11 14:11 . 2015-02-20 04:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-03-11 14:11 . 2015-02-20 03:29 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-03-11 14:11 . 2015-02-20 03:09 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-03-11 14:11 . 2015-02-20 04:40 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-03-11 14:11 . 2015-02-20 04:40 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-03-11 14:11 . 2015-02-20 04:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-03-11 14:11 . 2015-02-20 04:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-03-11 14:11 . 2015-02-20 04:12 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-03-11 14:11 . 2015-01-31 03:48 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2015-03-11 14:11 . 2015-01-31 03:48 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 14:11 . 2015-01-30 23:56 243200 ----a-w- c:\windows\system32\rdpudd.dll
2015-03-11 14:09 . 2015-02-03 03:31 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-03-11 14:04 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 14:04 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-06 18:40 . 2013-01-27 19:43 5617096 ------r- C:\ComboFix.exe
2015-04-04 10:14 . 2015-02-18 13:52 20 ----a-w- c:\users\Tomáš\AppData\Roaming\appdataFr3.bin
2015-04-04 10:14 . 2015-02-18 13:52 20 ----a-w- c:\users\Tomáš\AppData\Roaming\appdataFr3.bin
2015-03-30 13:25 . 2014-03-19 19:13 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-28 03:44 . 2014-11-22 13:12 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-03-28 03:44 . 2014-11-22 13:12 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-03-28 03:43 . 2014-11-22 13:12 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-03-28 03:43 . 2014-11-22 13:12 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-03-26 15:00 . 2015-02-22 15:50 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-03-22 17:48 . 2012-04-02 21:01 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-22 17:48 . 2011-07-11 04:09 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-13 19:41 . 2015-01-22 19:18 16022016 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-03-13 19:41 . 2012-02-09 04:27 18580512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-03-13 19:41 . 2012-02-09 04:27 14121624 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-03-13 19:41 . 2012-02-09 04:27 3303448 ----a-w- c:\windows\system32\nvapi64.dll
2015-03-13 16:16 . 2011-03-08 21:19 6861968 ----a-w- c:\windows\system32\nvcpl.dll
2015-03-13 16:16 . 2011-03-08 21:19 3526856 ----a-w- c:\windows\system32\nvsvc64.dll
2015-03-13 16:16 . 2011-03-08 21:19 935056 ----a-w- c:\windows\system32\nvvsvc.exe
2015-03-13 16:16 . 2011-03-08 21:19 75976 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-03-13 16:16 . 2011-03-08 21:19 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-03-13 16:16 . 2011-03-08 21:19 386248 ----a-w- c:\windows\system32\nvmctray.dll
2015-03-13 16:16 . 2011-03-08 21:19 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2015-03-13 16:16 . 2011-03-08 21:19 1099408 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-03-11 16:48 . 2012-03-30 18:21 122905856 ----a-w- c:\windows\system32\MRT.exe
2015-03-11 13:10 . 2011-03-08 21:19 4246327 ----a-w- c:\windows\system32\nvcoproc.bin
2015-03-06 05:42 . 2015-03-11 14:09 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-06 05:10 . 2015-03-11 14:09 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-03 13:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-10 10:36 . 2013-11-02 16:34 627912 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-02-05 21:01 . 2015-02-15 15:19 1895240 ----a-w- c:\windows\system32\nvdispco6434752.dll
2015-02-05 21:01 . 2015-02-15 15:19 1557648 ----a-w- c:\windows\system32\nvdispgenco6434752.dll
2015-01-27 23:36 . 2015-02-11 16:36 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-01-13 04:15 . 2015-01-22 19:18 1540240 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-01-10 08:07 . 2015-01-22 19:18 1556808 ----a-w- c:\windows\system32\nvdispgenco6434725.dll
2015-01-10 08:07 . 2015-01-22 19:18 1895240 ----a-w- c:\windows\system32\nvdispco6434725.dll
2015-01-09 03:14 . 2015-02-15 15:30 91136 ----a-w- c:\windows\system32\wdi.dll
2015-01-09 03:14 . 2015-02-15 15:30 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-01-09 03:14 . 2015-02-15 15:30 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-01-09 02:48 . 2015-02-15 15:30 76800 ----a-w- c:\windows\SysWow64\wdi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-03-14 08:44 329376 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-03-14 08:44 329376 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-03-14 08:44 329376 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *bddel.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"LWS"=c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 cpuz134;cpuz134;c:\users\TOM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\TOM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver;c:\windows\system32\DRIVERS\PcaSp60.sys;c:\windows\SYSNATIVE\DRIVERS\PcaSp60.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 zghsser;ZTE General Handset Serial Port;c:\windows\system32\DRIVERS\zghsser.sys;c:\windows\SYSNATIVE\DRIVERS\zghsser.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-03-14 08:44 358056 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-03-14 08:44 358056 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-03-14 08:44 358056 ----a-w- c:\users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
mStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files\Microsoft Office 15\Root\Office15\MsoSync.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-04-07 20:20:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-04-07 18:19
ComboFix2.txt 2015-04-06 19:08
.
Před spuštěním: Volných bajtů: 47 923 167 232
Po spuštění: Volných bajtů: 47 549 349 888
.
- - End Of File - - F31D733F3A8D9BA551D97B122E409C04
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#18 Příspěvek od Márty84 »

:arrow: Dejte novy log z RSITx64

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
simplyfine
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 06 dub 2015 10:31

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#19 Příspěvek od simplyfine »

Zdravím a vkládám logy ve 2. částech
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Tomáš (administrator) on MILOUS on 08-04-2015 20:33:13
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available profiles: Tomáš)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll (Microsoft Corporation)
BootExecute: autocheck autochk * bddel.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3337465978-2193547489-3213491474-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default
FF DefaultSearchEngine: Google Default
FF Homepage: hxxp://atlas.centrum.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-22] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-05-26] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-22] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-11-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\22\NP_wtapp.dll [2013-09-29] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-05-26] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3337465978-2193547489-3213491474-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-3337465978-2193547489-3213491474-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tomáš\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-16] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\searchplugins\google-default.xml [2015-04-04]
FF Extension: Send to XBMC - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\Extensions\jid0-YCM0p5WlCGjvBJcZhAusQ5h26wM@jetpack.xpi [2013-05-05]
FF Extension: Google Translator for Firefox - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\Extensions\translator@zoli.bod.xpi [2012-05-05]
FF Extension: ImTranslator - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\s67l7c61.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2012-05-05]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-08-02] (Adobe Systems) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-07] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-15] (Electronic Arts)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S3 zghsser; C:\Windows\System32\DRIVERS\zghsser.sys [134976 2013-09-11] (ZTE Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\TOM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 20:33 - 2015-04-08 20:33 - 00017424 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2015-04-08 20:32 - 2015-04-08 20:33 - 00000000 ____D () C:\FRST
2015-04-08 20:26 - 2015-04-08 20:26 - 01222144 _____ () C:\Users\Tomáš\Desktop\RSITx64.exe
2015-04-08 20:15 - 2015-04-08 20:15 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2015-04-08 20:14 - 2015-04-08 20:14 - 02095616 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2015-04-07 20:20 - 2015-04-07 20:20 - 00029126 _____ () C:\Users\Tomáš\Desktop\combofixfinal.txt
2015-04-07 20:20 - 2015-04-07 20:20 - 00029126 _____ () C:\ComboFix.txt
2015-04-07 19:18 - 2015-04-07 19:18 - 00013256 _____ () C:\Users\Tomáš\Documents\kuchyn, hlava.veg
2015-04-07 19:06 - 2015-04-07 19:06 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Publish Providers
2015-04-07 18:38 - 2015-04-07 18:38 - 00000000 ____D () C:\Users\Tomáš\Documents\Updater
2015-04-06 21:09 - 2015-04-07 20:14 - 00003596 _____ () C:\Windows\PFRO.log
2015-04-06 21:08 - 2015-04-06 21:08 - 00031800 _____ () C:\Users\Tomáš\Desktop\combofix.txt
2015-04-06 20:54 - 2015-04-07 20:20 - 00000000 ____D () C:\Qoobox
2015-04-06 20:54 - 2015-04-07 20:13 - 00000000 ____D () C:\Windows\erdnt
2015-04-06 20:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-06 20:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-06 20:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-06 20:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-06 20:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-06 20:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-06 20:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-06 20:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-06 20:32 - 2015-04-06 20:32 - 00040041 _____ () C:\Users\Tomáš\Desktop\zoek-resultsnový.txt
2015-04-06 19:24 - 2015-04-06 19:24 - 00000000 ____D () C:\Users\Tom▀▄\AppData\Roaming\Macromedia
2015-04-06 19:24 - 2015-04-06 19:24 - 00000000 ____D () C:\Users\Tom▀▄
2015-04-06 19:24 - 2015-04-06 18:57 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-06 19:04 - 2015-04-06 19:04 - 00000631 _____ () C:\Users\Tomáš\Desktop\JRTnový.txt
2015-04-06 19:04 - 2015-04-06 12:46 - 00058504 _____ () C:\zoek-results2015-04-06-104639.log
2015-04-06 19:01 - 2015-04-06 19:01 - 00000631 _____ () C:\Users\Tomáš\Desktop\JRT.txt
2015-04-06 18:57 - 2015-04-06 18:57 - 00002118 _____ () C:\Users\Tomáš\Desktop\AdwCleaner[S5].txt
2015-04-06 18:38 - 2015-04-06 18:38 - 00001172 _____ () C:\Users\Tomáš\Desktop\Malwarebytes nový test.txt
2015-04-06 17:41 - 2015-04-06 17:41 - 00009534 _____ () C:\Users\Tomáš\Desktop\výsledky malwarebytes.txt
2015-04-06 15:14 - 2015-04-08 20:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-06 15:14 - 2015-04-06 15:14 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-06 15:14 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-06 15:14 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-06 15:14 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-06 15:11 - 2015-04-06 15:12 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Tomáš\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-06 13:17 - 2015-04-06 13:17 - 00001513 _____ () C:\Users\Tomáš\Desktop\AdwCleaner[S4].txt
2015-04-06 13:14 - 2015-04-06 13:14 - 00001397 _____ () C:\Users\Tomáš\Desktop\AdwCleaner[S3].txt
2015-04-06 12:47 - 2015-04-06 12:47 - 00058504 _____ () C:\Users\Tomáš\Desktop\zoek-results.txt
2015-04-06 12:40 - 2015-04-06 12:40 - 00000000 ____D () C:\Users\TomßÜ\AppData\Roaming\Macromedia
2015-04-06 12:40 - 2015-04-06 12:40 - 00000000 ____D () C:\Users\TomßÜ
2015-04-06 12:22 - 2015-04-06 20:31 - 00040041 _____ () C:\zoek-results.log
2015-04-06 12:21 - 2015-04-06 19:15 - 00000000 ____D () C:\zoek_backup
2015-04-06 12:20 - 2015-04-06 12:20 - 01305600 _____ () C:\Users\Tomáš\Desktop\zoek.exe
2015-04-06 12:15 - 2015-04-06 12:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MILOUS-Windows-7-Home-Premium-(64-bit).dat
2015-04-06 12:15 - 2015-04-06 12:15 - 00000000 ____D () C:\RegBackup
2015-04-06 12:14 - 2015-04-06 12:14 - 02691312 _____ (Thisisu) C:\Users\Tomáš\Desktop\JRT.exe
2015-04-06 12:09 - 2015-04-06 12:09 - 00016156 _____ () C:\Users\Tomáš\Desktop\AdwCleaner[S2].txt
2015-04-06 12:04 - 2015-04-06 18:55 - 00000000 ____D () C:\AdwCleaner
2015-04-06 12:03 - 2015-04-06 12:03 - 02208768 _____ () C:\Users\Tomáš\Desktop\adwcleaner_4.200.exe
2015-04-06 11:50 - 2015-04-08 20:27 - 00000000 ____D () C:\Program Files\trend micro
2015-04-06 11:50 - 2015-04-06 11:50 - 01222144 _____ () C:\Users\Tomáš\Downloads\RSITx64.exe
2015-04-06 11:50 - 2015-04-06 11:50 - 00000000 ____D () C:\rsit
2015-04-06 11:23 - 2015-04-06 11:23 - 00011861 _____ () C:\Users\Tomáš\Downloads\hijackthis.log
2015-04-06 11:22 - 2015-04-06 11:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tomáš\Downloads\hijackthis(1).exe
2015-04-04 23:32 - 2015-04-04 23:32 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-04 22:49 - 2015-04-04 22:49 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-04-04 22:46 - 2015-04-04 22:47 - 87520056 _____ (AVG Technologies) C:\Users\Tomáš\Downloads\avg_tuht_stf_all_2015_105.exe
2015-04-04 22:13 - 2015-04-04 22:13 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Tomáš\Downloads\sh-remover.exe
2015-04-04 21:09 - 2015-04-04 21:11 - 155159296 _____ (Microsoft Corporation) C:\Users\Tomáš\Downloads\msert.exe
2015-04-04 21:03 - 2015-04-04 21:04 - 41840320 _____ (Microsoft Corporation) C:\Users\Tomáš\Downloads\Windows-KB890830-x64-V5.22.exe
2015-04-04 20:59 - 2015-04-04 21:00 - 00000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-04-04 20:59 - 2015-04-04 20:59 - 07783472 _____ () C:\Users\Tomáš\Downloads\Infigo_setup.exe
2015-04-04 19:35 - 2015-04-04 19:35 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 19:35 - 2015-04-04 19:35 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 18:20 - 2015-04-06 11:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-04-04 17:47 - 2015-04-04 17:47 - 21578888 _____ (SUPERAntiSpyware) C:\Users\Tomáš\Downloads\SUPERAntiSpyware.exe
2015-04-04 17:42 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-04 17:40 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-04 17:40 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-04 17:40 - 2015-03-13 21:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-04 17:12 - 2015-04-04 17:17 - 00026656 _____ () C:\Windows\system32\bddel.dat
2015-04-04 16:59 - 2015-04-04 16:59 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\LavasoftStatistics
2015-04-04 16:50 - 2015-04-04 16:50 - 02057008 _____ () C:\Users\Tomáš\Downloads\Adaware_Installer.exe
2015-04-04 13:20 - 2015-04-07 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-04 12:14 - 2015-04-04 12:14 - 00002806 _____ () C:\Users\Tomáš\Downloads\software_removal_tool.log
2015-04-01 19:04 - 2015-04-06 13:16 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-01 16:34 - 2015-04-01 16:34 - 00000000 ____D () C:\Users\Tomáš\Tracing
2015-03-31 19:51 - 2015-03-31 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-31 19:51 - 2015-03-31 19:51 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo
2015-03-25 14:37 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 14:37 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 14:37 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 14:37 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 14:37 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 14:37 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 14:37 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 14:37 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-23 15:21 - 2015-03-23 15:21 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\HomeMakeover3PC
2015-03-21 21:35 - 2015-03-21 21:35 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\MAGIX
2015-03-21 17:17 - 2003-04-18 17:29 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2015-03-21 17:11 - 2015-03-21 17:11 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Logitech
2015-03-21 17:07 - 2015-03-21 17:07 - 03581480 _____ (MAGIX AG) C:\Users\Tomáš\Downloads\photo_manager_9_int.exe
2015-03-15 17:58 - 2015-03-15 17:58 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\ZOG
2015-03-11 16:13 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 16:13 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 16:13 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 16:13 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 16:13 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 16:13 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 16:13 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 16:13 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 16:13 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 16:13 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 16:13 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 16:13 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 16:13 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 16:13 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 16:13 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 16:13 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:13 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 16:13 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 16:13 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 16:13 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 16:13 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 16:13 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 16:13 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 16:13 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 16:13 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 16:13 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 16:13 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 16:13 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 16:13 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 16:13 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 16:13 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 16:13 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:13 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 16:13 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 16:13 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 16:13 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 16:13 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 16:13 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 16:13 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 16:13 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 16:13 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 16:13 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 16:13 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 16:13 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 16:13 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 16:13 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 16:13 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 16:13 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 16:13 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 16:13 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 16:13 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 16:13 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 16:13 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 16:13 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 16:13 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 16:13 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 16:11 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 16:11 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 16:11 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 16:11 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 16:11 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 16:11 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 16:11 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 16:11 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 16:11 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 16:11 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 16:11 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 16:11 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 16:11 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 16:10 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:10 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 16:10 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 16:10 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 16:10 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 16:10 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 16:10 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 16:10 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 16:10 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 16:10 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 16:10 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 16:10 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 16:10 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 16:10 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 16:10 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 16:10 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 16:10 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 16:10 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 16:10 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 16:10 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 16:10 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 16:10 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 16:10 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 16:10 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 16:10 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 16:10 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 16:10 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 16:10 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 16:10 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 16:10 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 16:10 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 16:10 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 16:10 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 16:09 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 16:09 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 16:09 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 16:09 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 16:09 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 16:09 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 16:09 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 16:09 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 16:09 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 16:09 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 16:09 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 16:09 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 16:09 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 16:09 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 16:09 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 16:09 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 16:09 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 16:09 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 16:09 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 16:09 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 16:09 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 16:09 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 16:09 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 16:09 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 16:09 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 16:09 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:09 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 16:09 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:09 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 16:09 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 16:09 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 16:09 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 16:04 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 16:04 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 19:18 - 2014-06-13 15:26 - 00000000 ____D () C:\Users\Tomáš\Desktop\skladiště
2015-04-08 18:46 - 2013-08-11 01:00 - 00102718 _____ () C:\Windows\setupact.log
2015-04-08 17:52 - 2014-09-29 12:16 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{83A7A283-55C2-4354-9C5A-3085613F5987}
2015-04-08 17:16 - 2014-03-19 21:13 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\LogMeIn Hamachi
2015-04-08 17:16 - 2012-02-09 06:26 - 01408510 _____ () C:\Windows\WindowsUpdate.log
2015-04-08 15:56 - 2013-11-02 18:40 - 00004966 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MILOUS-Tomáš Milouš
2015-04-08 15:08 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-08 15:08 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-08 15:07 - 2012-02-07 21:37 - 10059238 _____ () C:\Windows\system32\perfh005.dat
2015-04-08 15:07 - 2012-02-07 21:37 - 03344172 _____ () C:\Windows\system32\perfc005.dat
2015-04-08 15:07 - 2009-07-14 07:13 - 00006544 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 15:02 - 2012-03-30 19:22 - 00000000 ____D () C:\ProgramData\clear.fi
2015-04-08 15:01 - 2012-02-09 06:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-08 15:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-07 20:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-07 20:13 - 2009-07-14 04:34 - 21757952 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-04-07 20:13 - 2009-07-14 04:34 - 105644032 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-04-07 20:13 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-04-07 20:13 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-04-07 20:13 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-04-07 19:51 - 2012-03-30 20:23 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Google
2015-04-07 19:51 - 2012-03-30 20:23 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-07 19:44 - 2014-05-05 15:49 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Battle.net
2015-04-07 19:42 - 2014-05-22 14:54 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2015-04-07 19:39 - 2014-12-03 18:50 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-07 19:12 - 2012-11-10 11:21 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\vlc
2015-04-06 21:53 - 2012-09-10 08:56 - 00002428 ____N () C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2015-04-06 21:53 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-06 21:08 - 2013-03-13 18:10 - 00000000 ____D () C:\Users\Tomáš
2015-04-06 20:40 - 2013-01-27 21:43 - 05617096 ____R (Swearware) C:\ComboFix.exe
2015-04-06 18:05 - 2009-03-12 11:30 - 00000000 ____D () C:\Windows\LP
2015-04-06 17:14 - 2012-03-30 19:34 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Adobe
2015-04-06 15:14 - 2014-10-26 17:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-06 12:37 - 2011-07-11 06:08 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-06 12:37 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-06 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-04-06 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-04 23:42 - 2012-05-14 20:43 - 00010521 _____ () C:\Windows\system32\lvcoinst.log
2015-04-04 23:30 - 2012-12-12 13:17 - 00003694 _____ () C:\Windows\System32\Tasks\Program k provádění aktualizací online Adobe
2015-04-04 23:19 - 2014-01-06 19:04 - 00000000 ____D () C:\Users\Tomáš\.thumbnails
2015-04-04 23:19 - 2013-01-07 16:14 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Sony
2015-04-04 23:19 - 2012-12-24 20:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-04 23:19 - 2012-05-14 20:58 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Skype
2015-04-04 23:19 - 2012-04-21 10:54 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Microsoft Help
2015-04-04 23:19 - 2012-02-09 06:53 - 00000000 ____D () C:\ProgramData\Temp
2015-04-04 23:19 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther
2015-04-04 22:50 - 2014-05-09 10:11 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\AVG
2015-04-04 22:50 - 2012-05-31 18:24 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\AVG
2015-04-04 22:48 - 2014-05-09 10:07 - 00000000 ____D () C:\ProgramData\AVG
2015-04-04 19:19 - 2013-01-07 16:14 - 00000000 ____D () C:\ProgramData\Sony Corporation
2015-04-04 19:19 - 2012-12-11 21:06 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-04-04 19:19 - 2012-05-05 23:24 - 00000000 ____D () C:\Program Files (x86)\PatchBeam
2015-04-04 19:17 - 2014-12-07 12:02 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2015-04-04 18:30 - 2012-03-30 18:59 - 00000000 ____D () C:\Users\Tomáš
2015-04-04 18:20 - 2012-11-09 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-04-04 18:19 - 2011-07-11 06:08 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-04 18:17 - 2012-03-30 19:47 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Adobe
2015-04-04 17:43 - 2014-11-22 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-04 17:43 - 2012-04-08 13:48 - 00000000 ____D () C:\Temp
2015-04-04 17:41 - 2012-02-09 06:27 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-04 17:28 - 2012-06-27 13:57 - 00000000 ____D () C:\ProgramData\MAGIX
2015-04-04 12:14 - 2015-02-18 15:52 - 00000020 _____ () C:\Users\Tomáš\AppData\Roaming\appdataFr3.bin
2015-04-02 19:01 - 2014-10-15 19:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-01 16:34 - 2011-07-11 05:41 - 00000000 ____D () C:\ProgramData\Skype
2015-03-31 23:17 - 2012-04-03 00:36 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\SoftGrid Client
2015-03-31 19:51 - 2015-02-18 15:13 - 00000890 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-03-30 15:25 - 2014-03-19 21:13 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-28 05:44 - 2014-11-22 15:12 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:44 - 2014-11-22 15:12 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:43 - 2014-11-22 15:12 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-11-22 15:12 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-26 16:45 - 2014-12-10 16:29 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 16:45 - 2014-05-06 17:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-23 15:24 - 2014-12-26 19:55 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\MysteryTag
2015-03-22 19:48 - 2012-04-02 23:01 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-22 19:48 - 2012-04-02 23:01 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-22 19:48 - 2011-07-11 06:09 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-21 18:20 - 2013-12-31 12:14 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\XBMC
2015-03-21 17:18 - 2012-06-27 13:58 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\MAGIX
2015-03-21 15:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-20 20:25 - 2009-07-14 07:08 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-18 18:33 - 2012-06-25 13:59 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Audacity
2015-03-17 19:20 - 2013-11-02 18:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-15 21:20 - 2015-02-19 18:54 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\WhenInRome_Realore_WildTanget
2015-03-15 16:58 - 2013-07-22 20:38 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\ShamanGS
2015-03-15 11:13 - 2015-02-15 16:45 - 00000000 ____D () C:\Windows\pss
2015-03-14 10:44 - 2014-02-20 09:17 - 00002186 _____ () C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-03-14 10:44 - 2013-11-02 18:37 - 00000000 ___RD () C:\Users\Tomáš\SkyDrive
2015-03-13 21:41 - 2015-01-22 21:18 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-13 21:41 - 2012-02-09 06:27 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-13 21:41 - 2012-02-09 06:27 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-13 21:41 - 2012-02-09 06:27 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-13 21:41 - 2012-02-09 06:27 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-13 18:16 - 2011-03-08 23:19 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-13 18:16 - 2011-03-08 23:19 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-13 18:16 - 2011-03-08 23:19 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-13 18:16 - 2011-03-08 23:19 - 01099408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-03-13 18:16 - 2011-03-08 23:19 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-13 18:16 - 2011-03-08 23:19 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-13 18:16 - 2011-03-08 23:19 - 00075976 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-03-13 18:16 - 2011-03-08 23:19 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-12 20:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 16:50 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 16:47 - 2009-07-14 06:45 - 00531352 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 16:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 22:35 - 2013-07-14 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 18:48 - 2012-03-30 20:21 - 122905856 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 15:10 - 2011-03-08 23:19 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2012-03-27 10:26 - 2012-03-27 10:26 - 0000120 _____ () C:\Users\Tomáš\AppData\Roaming\1cfbf17e.dat
2015-02-18 15:52 - 2015-04-04 12:14 - 0000020 _____ () C:\Users\Tomáš\AppData\Roaming\appdataFr3.bin
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Tomáš\AppData\Roaming\CFBEDSDX
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt
2012-06-01 21:13 - 2012-04-09 11:38 - 3995886 _____ () C:\Users\Tomáš\AppData\Roaming\minecraft.jar
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Tomáš\AppData\Roaming\MXPUWBDF
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Tomáš\AppData\Roaming\SM
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Tomáš\AppData\Roaming\WGPYQE
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e
2014-01-07 19:31 - 2014-01-07 19:31 - 0003383 _____ () C:\Users\Tomáš\AppData\Local\recently-used.xbel
2012-02-09 06:53 - 2012-08-04 20:11 - 0002528 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-04-04 20:59 - 2015-04-04 21:00 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 16:01




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:222.45 GB) (Free:42.28 GB) NTFS
Drive d: (DATA) (Fixed) (Total:223.21 GB) (Free:213.14 GB) NTFS

Available physical RAM: 2555.94 MB
Total physical RAM: 4076.26 MB
Percentage of memory in use: 37%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C0205118)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=223.2 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:11EF326F
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:862BDB1A
AlternateDataStreams: C:\ProgramData\Temp:D8AE9DD1
AlternateDataStreams: C:\ProgramData\Temp:E1D06077
AlternateDataStreams: C:\ProgramData\Temp:F3EFA8A8

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom��\Desktop" je 3896 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive
"C:\Users\Tom��\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPNInstaller
C:\Users\Tom��\AppData\Local\PrivitizeVPNInstaller\PrivitizeVPN_1.0.0.2_install_config.exe /S /delayInstall [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom��^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom��^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Banished.lnk
C:\PROGRA~3\{E03AD~1\Banished.exe --startup=1 [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.zip
(12.29 KiB) Staženo 81 x
Nahoru
simplyfine
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 06 dub 2015 10:31

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#20 Příspěvek od simplyfine »

2. část -

RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2015-04-08 20:27:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 43 GB (19%) free of 228 GB
Total RAM: 4076 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:43, on 8.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10261 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
taskeng.exe {3B57E856-4130-4D8E-ADB4-488AD828F701}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
taskeng.exe {B6AFBA7C-3698-4FD6-833C-77B5FCF3134E}
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-96afbb3b-0fb3-4be9-af43-b8c764f382ef -SystemEventPortName:HostProcess-4388a07e-3d8e-4657-b8d5-de00784adbbd -IoCancelEventPortName:HostProcess-a714c641-e03d-4a4e-8864-017042a175ab -NonStateChangingEventPortName:HostProcess-0b6c55e4-039d-40d9-affa-01ec1788e940 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1015027f-a522-4fc9-b5c5-c0293f9200a2 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c9885b1c-93c3-4c03-8c54-45bb496e6e85 1
\??\C:\Windows\system32\conhost.exe "1214681739-1646916418-5547677681769961064863621365898999399-2039767157252772365
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1888297363-11184763472841547271499115102-1216870927-61073255-1639483238-108082095
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:33324 CREDAT:267521 /prefetch:2

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe42_ Global\UsGthrCtrlFltPipeMssGthrPipe42 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Tomáš\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10 886488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10 710864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-05-26 2688920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService]
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-08-31 185640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-12-27 3618648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility]
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2011-08-11 627304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-12-20 844296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2012-12-20 1476104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-12-20 310280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive]
C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-03-14 281248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPNInstaller]
C:\Users\Tomáš\AppData\Local\PrivitizeVPNInstaller\PrivitizeVPN_1.0.0.2_install_config.exe [2012-11-26 1281936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tomáš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tomáš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Banished.lnk]
C:\PROGRA~3\{E03AD~1\Banished.exe --startup=1 []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-04-07 20:20:00 ----A---- C:\ComboFix.txt
2015-04-07 20:15:00 ----D---- C:\$RECYCLE.BIN
2015-04-07 19:06:28 ----D---- C:\Users\Tomáš\AppData\Roaming\Publish Providers
2015-04-06 20:54:27 ----A---- C:\Windows\zip.exe
2015-04-06 20:54:27 ----A---- C:\Windows\SWSC.exe
2015-04-06 20:54:27 ----A---- C:\Windows\SWREG.exe
2015-04-06 20:54:27 ----A---- C:\Windows\sed.exe
2015-04-06 20:54:27 ----A---- C:\Windows\PEV.exe
2015-04-06 20:54:27 ----A---- C:\Windows\NIRCMD.exe
2015-04-06 20:54:27 ----A---- C:\Windows\MBR.exe
2015-04-06 20:54:27 ----A---- C:\Windows\grep.exe
2015-04-06 20:54:23 ----AD---- C:\Qoobox
2015-04-06 20:54:09 ----D---- C:\Windows\erdnt
2015-04-06 19:24:25 ----A---- C:\Windows\zoek-delete.exe
2015-04-06 19:24:24 ----D---- C:\Windows\Temp
2015-04-06 15:14:45 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-06 15:14:26 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-06 15:14:26 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-06 15:14:26 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-06 12:21:14 ----D---- C:\zoek_backup
2015-04-06 12:15:23 ----A---- C:\Windows\tweaking.com-regbackup-MILOUS-Windows-7-Home-Premium-(64-bit).dat
2015-04-06 12:15:17 ----D---- C:\RegBackup
2015-04-06 12:04:56 ----D---- C:\AdwCleaner
2015-04-06 11:50:25 ----D---- C:\rsit
2015-04-06 11:50:25 ----D---- C:\Program Files\trend micro
2015-04-04 22:49:40 ----D---- C:\Program Files (x86)\AVG
2015-04-04 19:35:27 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 19:35:27 ----SD---- C:\Windows\system32\GWX
2015-04-04 17:42:59 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-04 17:40:17 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-04 17:40:17 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-04 17:40:17 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-04 17:40:16 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-04 17:40:16 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-04 17:40:15 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-04 17:40:15 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvdispgenco6434788.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvdispco6434788.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-04 17:40:15 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-04 17:40:11 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-04 17:40:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-04 17:40:11 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-04 17:12:15 ----A---- C:\Windows\system32\bddel.dat
2015-04-04 16:59:36 ----D---- C:\Users\Tomáš\AppData\Roaming\LavasoftStatistics
2015-04-04 13:20:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-31 19:51:35 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2015-03-25 14:37:29 ----A---- C:\Windows\system32\invagent.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\generaltel.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\devinv.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\appraiser.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\aepic.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\aepdu.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\aeinv.dll
2015-03-25 14:37:29 ----A---- C:\Windows\system32\acmigration.dll
2015-03-23 15:21:41 ----D---- C:\Users\Tomáš\AppData\Roaming\HomeMakeover3PC
2015-03-21 17:17:32 ----A---- C:\Windows\SYSWOW64\msxml4a.dll
2015-03-21 17:11:22 ----D---- C:\Users\Tomáš\AppData\Roaming\Logitech
2015-03-15 17:58:30 ----D---- C:\Users\Tomáš\AppData\Roaming\ZOG
2015-03-11 16:13:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-11 16:13:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-11 16:13:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-11 16:13:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-11 16:13:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 16:13:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-11 16:13:23 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-11 16:13:23 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 16:13:23 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 16:13:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 16:13:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-11 16:13:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-11 16:13:22 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 16:13:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-11 16:13:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-11 16:13:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-11 16:13:21 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 16:13:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 16:13:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-11 16:13:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 16:13:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-11 16:13:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-11 16:13:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-11 16:13:16 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 16:13:16 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 16:13:16 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 16:13:16 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 16:13:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-11 16:13:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-11 16:13:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-11 16:13:15 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 16:13:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-11 16:13:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-11 16:13:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 16:13:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 16:13:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 16:13:13 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 16:13:12 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 16:13:12 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 16:13:12 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 16:13:11 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 16:13:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:13:11 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 16:11:07 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 16:11:07 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 16:11:07 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 16:11:07 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 16:11:07 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 16:11:06 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 16:11:06 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 16:11:06 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 16:11:06 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 16:10:53 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 16:10:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:10:51 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 16:10:44 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 16:10:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-11 16:10:42 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 16:10:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 16:10:41 ----A---- C:\Windows\system32\mf.dll
2015-03-11 16:10:41 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 16:10:40 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 16:10:39 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 16:10:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 16:10:39 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 16:10:39 ----A---- C:\Windows\system32\winload.exe
2015-03-11 16:10:39 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 16:10:39 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 16:10:39 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 16:10:39 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 16:10:38 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 16:10:38 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 16:10:38 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 16:10:37 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\evr.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 16:10:37 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 16:10:36 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 16:10:36 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 16:10:36 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 16:10:36 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 16:10:36 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 16:10:36 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 16:10:35 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 16:10:35 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 16:10:35 ----A---- C:\Windows\system32\smss.exe
2015-03-11 16:10:35 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 16:10:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 16:10:33 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 16:10:29 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 16:10:29 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 16:10:27 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 16:10:26 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 16:10:26 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 16:10:26 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 16:10:24 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 16:10:21 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 16:10:20 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 16:10:20 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 16:10:20 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 16:10:18 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 16:10:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-11 16:10:16 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 16:10:16 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 16:10:16 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 16:10:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 16:10:16 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 16:10:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 16:10:15 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-11 16:10:15 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 16:10:15 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 16:10:14 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 16:10:14 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 16:09:38 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 16:09:38 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 16:09:37 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 16:09:36 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 16:09:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-11 16:09:29 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 16:09:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 16:09:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 16:09:29 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 16:09:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 16:09:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-11 16:09:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-11 16:09:27 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 16:09:27 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 16:09:27 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 16:09:27 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 16:09:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-11 16:09:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-11 16:09:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 16:09:26 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-11 16:09:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-11 16:09:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 16:09:25 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 16:09:25 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 16:09:25 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 16:09:25 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 16:09:24 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-11 16:09:24 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-11 16:09:24 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-11 16:09:24 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 16:09:24 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 16:09:24 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 16:09:22 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 16:09:21 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 16:09:21 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:09:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 16:09:19 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 16:04:18 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 16:04:17 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

======List of files/folders modified in the last 1 month======

2015-04-08 20:27:10 ----D---- C:\Windows\Prefetch
2015-04-08 17:17:31 ----SHD---- C:\System Volume Information
2015-04-08 16:23:05 ----D---- C:\Windows\system32\config
2015-04-08 15:07:40 ----D---- C:\Windows\System32
2015-04-08 15:07:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-08 15:03:46 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-08 15:02:04 ----D---- C:\ProgramData\clear.fi
2015-04-08 15:01:16 ----D---- C:\ProgramData\NVIDIA
2015-04-07 20:20:02 ----D---- C:\Windows\system32\drivers
2015-04-07 20:15:01 ----D---- C:\Windows
2015-04-07 20:15:01 ----A---- C:\Windows\system.ini
2015-04-07 20:14:59 ----D---- C:\Windows\system32\drivers\etc
2015-04-07 20:12:54 ----D---- C:\Windows\Tasks
2015-04-07 20:09:47 ----D---- C:\Windows\SYSWOW64\drivers
2015-04-07 20:09:47 ----D---- C:\Windows\SysWOW64
2015-04-07 20:09:47 ----D---- C:\Windows\AppPatch
2015-04-07 20:09:46 ----D---- C:\Program Files (x86)\Common Files
2015-04-07 19:52:28 ----D---- C:\Program Files (x86)
2015-04-07 19:51:26 ----D---- C:\Program Files (x86)\Google
2015-04-07 19:42:04 ----D---- C:\Program Files (x86)\World of Warcraft
2015-04-07 19:39:35 ----D---- C:\Program Files (x86)\Battle.net
2015-04-07 19:12:18 ----D---- C:\Users\Tomáš\AppData\Roaming\vlc
2015-04-06 21:07:29 ----D---- C:\Windows\system32\Tasks
2015-04-06 21:05:23 ----D---- C:\Windows\SYSWOW64\System32
2015-04-06 20:45:44 ----RD---- C:\Program Files
2015-04-06 20:45:41 ----D---- C:\ProgramData
2015-04-06 20:44:24 ----SHD---- C:\Windows\Installer
2015-04-06 20:40:24 ----R---- C:\ComboFix.exe
2015-04-06 19:24:18 ----RD---- C:\Users
2015-04-06 18:05:53 ----D---- C:\Windows\LP
2015-04-06 17:14:14 ----D---- C:\Users\Tomáš\AppData\Roaming\Adobe
2015-04-06 15:14:31 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-06 12:37:08 ----HD---- C:\Windows\system32\GroupPolicy
2015-04-06 12:37:08 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2015-04-06 12:37:08 ----D---- C:\Program Files\Common Files\System
2015-04-06 12:37:08 ----D---- C:\Program Files (x86)\Adobe
2015-04-04 23:38:03 ----D---- C:\Windows\inf
2015-04-04 23:38:02 ----D---- C:\Windows\system32\DriverStore
2015-04-04 23:19:40 ----D---- C:\Users\Tomáš\AppData\Roaming\Sony
2015-04-04 23:19:40 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2015-04-04 23:19:39 ----D---- C:\Program Files (x86)\Steam
2015-04-04 23:19:39 ----AD---- C:\ProgramData\Temp
2015-04-04 23:19:25 ----D---- C:\Windows\Panther
2015-04-04 22:50:15 ----D---- C:\Users\Tomáš\AppData\Roaming\AVG
2015-04-04 22:48:42 ----D---- C:\ProgramData\AVG
2015-04-04 21:11:22 ----D---- C:\Windows\debug
2015-04-04 19:35:40 ----D---- C:\Windows\winsxs
2015-04-04 19:35:38 ----D---- C:\Windows\Logs
2015-04-04 19:19:15 ----D---- C:\Program Files (x86)\PatchBeam
2015-04-04 19:19:08 ----D---- C:\ProgramData\Sony Corporation
2015-04-04 19:19:08 ----D---- C:\Program Files (x86)\Sony
2015-04-04 19:18:58 ----RSD---- C:\Windows\assembly
2015-04-04 19:17:59 ----D---- C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2015-04-04 18:19:54 ----D---- C:\ProgramData\Adobe
2015-04-04 17:43:24 ----D---- C:\Temp
2015-04-04 17:41:43 ----D---- C:\Program Files\NVIDIA Corporation
2015-04-04 17:28:39 ----D---- C:\ProgramData\MAGIX
2015-04-04 17:27:15 ----D---- C:\Program Files\Common Files
2015-04-02 19:01:04 ----RD---- C:\Program Files (x86)\Skype
2015-04-01 21:11:58 ----D---- C:\Windows\system32\wdi
2015-04-01 16:34:22 ----D---- C:\ProgramData\Skype
2015-03-31 23:17:30 ----D---- C:\Users\Tomáš\AppData\Roaming\SoftGrid Client
2015-03-28 05:44:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-03-28 05:44:01 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-03-28 05:43:39 ----A---- C:\Windows\system32\nvspcap64.dll
2015-03-28 05:43:39 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-03-26 16:45:19 ----SD---- C:\Windows\system32\CompatTel
2015-03-26 16:45:19 ----D---- C:\Windows\system32\wbem
2015-03-26 16:45:19 ----D---- C:\Windows\system32\appraiser
2015-03-23 15:24:10 ----D---- C:\Users\Tomáš\AppData\Roaming\MysteryTag
2015-03-22 19:48:27 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-03-21 18:20:57 ----D---- C:\Users\Tomáš\AppData\Roaming\XBMC
2015-03-21 17:18:46 ----D---- C:\Users\Tomáš\AppData\Roaming\MAGIX
2015-03-21 15:59:23 ----D---- C:\Windows\system32\NDF
2015-03-18 18:33:54 ----D---- C:\Users\Tomáš\AppData\Roaming\Audacity
2015-03-17 19:21:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-03-17 19:20:07 ----D---- C:\Program Files\Microsoft Office 15
2015-03-15 21:20:45 ----D---- C:\Users\Tomáš\AppData\Roaming\WhenInRome_Realore_WildTanget
2015-03-15 16:58:36 ----D---- C:\Users\Tomáš\AppData\Roaming\ShamanGS
2015-03-15 11:13:52 ----D---- C:\Windows\pss
2015-03-13 21:41:47 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-03-13 21:41:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-03-13 21:41:47 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-03-13 21:41:47 ----A---- C:\Windows\system32\nvapi64.dll
2015-03-13 18:16:47 ----A---- C:\Windows\system32\nvsvc64.dll
2015-03-13 18:16:47 ----A---- C:\Windows\system32\nvcpl.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nvvsvc.exe
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nvsvcr.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nvshext.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nvmctray.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-03-13 18:16:45 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-03-12 20:19:24 ----D---- C:\Windows\rescache
2015-03-12 16:44:39 ----D---- C:\Program Files\Windows Media Player
2015-03-12 16:44:39 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-12 16:44:37 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-12 16:44:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-12 16:44:36 ----D---- C:\Windows\system32\Dism
2015-03-12 16:44:35 ----D---- C:\Windows\system32\en-US
2015-03-12 16:44:35 ----D---- C:\Windows\system32\cs-CZ
2015-03-12 16:44:33 ----D---- C:\Windows\system32\Boot
2015-03-12 16:44:28 ----D---- C:\Program Files\Internet Explorer
2015-03-12 16:44:27 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-12 16:44:22 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 22:35:03 ----D---- C:\Windows\system32\MRT
2015-03-11 22:26:15 ----D---- C:\Windows\system32\catroot2
2015-03-11 18:48:24 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-11-15 274696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-18 23704]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 124560]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-06-30 54784]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-06-30 77696]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech HD Webcam C310(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 25816]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-12-08 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz134;cpuz134; \??\C:\Users\TOM~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2012-06-20 20232]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 63704]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-12-08 146920]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2011-12-08 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2011-12-08 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2011-12-08 172104]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-02-10 2714800]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 116648]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-03-30 2490216]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-03-30 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-03-13 935056]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-03-13 410768]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-08-02 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-22 268464]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-09-07 255040]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-05-09 203344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-02-15 1910128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-10-03 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-10-03 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-10-21 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-30 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#21 Příspěvek od Márty84 »

:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-3337465978-2193547489-3213491474-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-08-02] (Adobe Systems) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-08-02 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-22 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 116648]

2015-04-04 16:59 - 2015-04-04 16:59 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\LavasoftStatistics
2015-04-04 16:50 - 2015-04-04 16:50 - 02057008 _____ () C:\Users\Tomáš\Downloads\Adaware_Installer.exe

2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:11EF326F
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:862BDB1A
AlternateDataStreams: C:\ProgramData\Temp:D8AE9DD1
AlternateDataStreams: C:\ProgramData\Temp:E1D06077
AlternateDataStreams: C:\ProgramData\Temp:F3EFA8A8

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPNInstaller" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom��^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom��^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Banished.lnk" /f

Task: {0A7A1F49-3B5D-42B1-879D-4A5C72C9F0A7} - System32\Tasks\{BDF8F527-F77E-473E-89C6-3CBA1386AD7A} => pcalua.exe -a C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe -c -X

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
simplyfine
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 06 dub 2015 10:31

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#22 Příspěvek od simplyfine »

:) vkládám log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Tomáš at 2015-04-10 06:23:42 Run:1
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available profiles: Tomáš)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-3337465978-2193547489-3213491474-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-08-02] (Adobe Systems) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-08-02 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-22 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-30 116648]

2015-04-04 16:59 - 2015-04-04 16:59 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\LavasoftStatistics
2015-04-04 16:50 - 2015-04-04 16:50 - 02057008 _____ () C:\Users\Tomáš\Downloads\Adaware_Installer.exe

2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:11EF326F
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:862BDB1A
AlternateDataStreams: C:\ProgramData\Temp:D8AE9DD1
AlternateDataStreams: C:\ProgramData\Temp:E1D06077
AlternateDataStreams: C:\ProgramData\Temp:F3EFA8A8

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPNInstaller" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom��^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom��^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Banished.lnk" /f

Task: {0A7A1F49-3B5D-42B1-879D-4A5C72C9F0A7} - System32\Tasks\{BDF8F527-F77E-473E-89C6-3CBA1386AD7A} => pcalua.exe -a C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe -c -X

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKU\S-1-5-21-3337465978-2193547489-3213491474-1001\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0" => Key deleted successfully.
C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => Key deleted successfully.
Adobe LM Service => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
Adobe LM Service => Service not found.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Users\Tomáš\AppData\Roaming\LavasoftStatistics => Moved successfully.
C:\Users\Tomáš\Downloads\Adaware_Installer.exe => Moved successfully.
C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji => Moved successfully.
C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6 => Moved successfully.
C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW => Moved successfully.
C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e => Moved successfully.
C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt => Moved successfully.
C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo => Moved successfully.
"C:\Users\Tomáš\AppData\Roaming\IxQnq8uZotLEwLLOPgFo" => File/Directory not found.
"C:\Users\Tomáš\AppData\Roaming\lpVZv7X228u6cWyo3qjt" => File/Directory not found.
"C:\Users\Tomáš\AppData\Roaming\pf7gISjpqyWoBOPwbVGngYW" => File/Directory not found.
"C:\Users\Tomáš\AppData\Roaming\s9ZKYkKryl6" => File/Directory not found.
"C:\Users\Tomáš\AppData\Roaming\VtvjHxih3kn4ipYw3NqUzjxf1Ji" => File/Directory not found.
"C:\Users\Tomáš\AppData\Roaming\YGfDh4QaTC6i74pMkc7e" => File/Directory not found.
C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully.
C:\ProgramData\Temp => ":11EF326F" ADS removed successfully.
C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully.
C:\ProgramData\Temp => ":862BDB1A" ADS removed successfully.
C:\ProgramData\Temp => ":D8AE9DD1" ADS removed successfully.
C:\ProgramData\Temp => ":E1D06077" ADS removed successfully.
C:\ProgramData\Temp => ":F3EFA8A8" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPNInstaller" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom��^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tom��^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Banished.lnk" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.


========= End of Reg: =========

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A7A1F49-3B5D-42B1-879D-4A5C72C9F0A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A7A1F49-3B5D-42B1-879D-4A5C72C9F0A7}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BDF8F527-F77E-473E-89C6-3CBA1386AD7A} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BDF8F527-F77E-473E-89C6-3CBA1386AD7A}" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 786.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog 06:25:24 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#23 Příspěvek od Márty84 »

Zopakujte krok s ADWCleanerem...

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


:arrow: Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[ClearAllRestorePoints]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)




:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pokud jste to jeste neudelala, nainstalujte zpet prohlizece a napiste, jak je na tom pc.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
simplyfine
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 06 dub 2015 10:31

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#24 Příspěvek od simplyfine »

Zdravím,
tak postupuju podle instrukcí a zasekla jsem se v bodě:

Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
po kliknutí se mi zobrazí, že program nelze stáhnout a nabídne opakovat, když kliknu zobrazí se stažení souboru dfsetup219_exe bylo dokončeno. Poté když kliknu pravým tlačítkem tak se zobrazí v nabídce otevřít a ne spustit jako správce a celkově se program jeví jako neznámý, takže se ptá v jakém programu ho má otevřít.
Prosím o radu. :?:
Nahoru
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#25 Příspěvek od cernohous13 »

Zdravím a omlouvám se kolegovi za vstup :oops:

Raději bych stahoval zde https://www.piriform.com/defraggler/download/standard
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
simplyfine
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 06 dub 2015 10:31

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#26 Příspěvek od simplyfine »

:( naprosto stejný problém - nemůže tomu nějaký program bránit? ccleaner ..... třeba?
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#27 Příspěvek od Márty84 »

CCleaner by tomu urcite nebtanil. Zkuste to stahnout tady http://leteckaposta.cz/293778477 Kdyz to nepujde, nevadi, neni to nezbytne :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
simplyfine
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 06 dub 2015 10:31

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#28 Příspěvek od simplyfine »

vkládám všechny logy a ještě poznámka k problému se stažením programu na defragmentaci nechtěl se stahovat to zaprvé a když jsem klikla na opakovat stahování, tak se stáhl, ale jeho název vypadal takto: dfsetup219_exe
nešel otevřít, spustit, cokoli - to jsem tady psala, ale i podle dalších rad se nic nestalo, dokud jsem _exe nezměnila na .exe - trivialita a byl klid :wink: :) , takže zde je výsledek:

1.AdwCleaner - asi jsem už zmagořelá, ale jak program tak log prostě nemůžu najít, přestože jsem program nainstalovala a použila, log hezky uložila na plochu
2. OTM -
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Tom ç
->Temp folder emptied: 0 bytes

User: Tomáš
->Temp folder emptied: 0 bytes

User: Tomáš
->Temp folder emptied: 4578321 bytes
->Temporary Internet Files folder emptied: 235138670 bytes
->Java cache emptied: 1826881 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 57075 bytes

User: TomßÜ
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Tomáš
->Temp folder emptied: 0 bytes

User: Tom▀▄
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Tom�
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 3617566 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 155789 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 755 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 234.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Tom ç

User: Tomáš

User: Tomáš
->Flash cache emptied: 0 bytes

User: TomßÜ
->Flash cache emptied: 0 bytes

User: Tomáš

User: Tom▀▄
->Flash cache emptied: 0 bytes

User: Tom�

Total Flash Files Cleaned = 0.00 mb


Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.

OTM by OldTimer - Version 3.1.21.0 log created on 04112015_075004

Files moved on Reboot...
File move failed. C:\Users\Tomáš\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\d0ee50f82000f8b25561e549f5f1b458_fce8395c8fd8a876_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Tomáš\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\d0ee50f82000f8b25561e549f5f1b458_fce8395c8fd8a876_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Tomáš\AppData\Local\Temp\Low\NVIDIA Corporation\NV_Cache\2a0326a08a12848dccfcd16232e70e39_fce8395c8fd8a876_f3279b66e87c6f22_0_0.bin moved successfully.
C:\Users\Tomáš\AppData\Local\Temp\Low\NVIDIA Corporation\NV_Cache\2a0326a08a12848dccfcd16232e70e39_fce8395c8fd8a876_f3279b66e87c6f22_0_0.toc moved successfully.
C:\Users\Tomáš\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VXTK59KB\viewtopic[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J2KD36VF\context[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CPRM9SGC\afr[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CPRM9SGC\context[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C18K7MSK\afr[1].htm moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\MILOUS-20150411-0744.log moved successfully.
File C:\Windows\temp\officeclicktorun.exe_c2ruidll(201504110744547BC).log not found!
File C:\Windows\temp\officeclicktorun.exe_streamserver(201504110744557BC).log not found!
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

3. Delfix -
# DelFix v10.9 - Logfile created 11/04/2015 at 07:58:34
# Updated 27/02/2015 by Xplode
# Username : Tomáš - MILOUS
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\_OTM
Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.exe
Deleted : C:\ComboFix.txt
Deleted : C:\log.txt
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-04-06-104639.log
Deleted : C:\Users\Tomáš\Desktop\AdwCleaner[S6].txt
Deleted : C:\Users\Tomáš\Desktop\adwcleaner_4.201.exe
Deleted : C:\Users\Tomáš\Desktop\FRST64.exe
Deleted : C:\Users\Tomáš\Desktop\FRSTLauncher.exe
Deleted : C:\Users\Tomáš\Desktop\JRT.exe
Deleted : C:\Users\Tomáš\Desktop\OTM.exe
Deleted : C:\Users\Tomáš\Desktop\RSITx64.exe
Deleted : C:\Users\Tomáš\Desktop\zoek.exe
Deleted : C:\Users\Tomáš\Downloads\hijackthis(1).exe
Deleted : C:\Users\Tomáš\Downloads\HiJackThis.exe
Deleted : C:\Users\Tomáš\Downloads\hijackthis.log
Deleted : C:\Users\Tomáš\Downloads\RSITx64.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

########## - EOF - ##########

4. CCleaner - vyčištěno
5. Defragmentace taky hotová

:shock: Tak to by bylo fajn, kdybych teď nezačala stahovat prohlížeče nazpět - objevil se stejný problém jako s posledním stahováním - "něco" koncovku .exe mění na _exe a tudíž opět nejde stahování. CO TO JE? Prosím o pomoc.
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#29 Příspěvek od Márty84 »

simplyfine píše:Tak to by bylo fajn, kdybych teď nezačala stahovat prohlížeče nazpět - objevil se stejný problém jako s posledním stahováním - "něco" koncovku .exe mění na _exe a tudíž opět nejde stahování. CO TO JE? Prosím o pomoc.
:???: Dela to jen u .exe ? Kdyz stahnete treba pisnicku, nebo dokument, je taky koncovka zmenena?

:arrow: Vyzkousejte, jestli se koncovka zmeni i v nouzovem rezimu s praci v siti.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
simplyfine
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 06 dub 2015 10:31

Re: jsem naprosto zoufalá z ADS BY info neb AD OPTIONS

#30 Příspěvek od simplyfine »

není jen u exe, zkoušela jsem stáhnout písničku i dokument a NIC. Koncovka je také _mp3 a _doc. Ještě jdu do nouzového režimu, pak dám vědět.

edit: v nouzovém režimu je vše ok.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“