Problem s mcxsvc

[Ondrys66]

Zdravim
Rad bych se zeptal, jestli mi muze nekdo poradit s problemem mcxsvc.
Asi pred3 dny se mi ve win 7(profesional) zacala objevovat hlaska: program mcxsvc prestal pracovat.
Toto okno pravidelne vyskakuje ,coz je dost otravne.
Soubor mcxsvc se nachazi ve slozce : Users\jmeno\AppData\Roaming\User\mcxsvc.exe.
Jen jsem zkusil WindowexeAllkiller a nepomohlo.
Mohl by mi nekdo poradit.

Na netu jsou pouze tyto dva odkazy ,ale nejde to opravit.

http://windowexeallkiller.com/q.php?q=m ... m-msds-exe
http://windowsvc.com/bbs/board.php?bo_t ... r_id=70648

Predem dekuji

[vyosek]

Zdravim

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

[Ondrys66]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Adi (administrator) on ADI-PC on 14-09-2014 18:01:52
Running from C:\Users\Adi\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Users\Adi\AppData\Roaming\Services\wcssvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Users\Adi\AppData\Roaming\User\fussvc.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
() C:\Users\Adi\AppData\Roaming\Services\regsvc32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Users\Adi\AppData\Roaming\User\mcxsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774936 2014-05-14] (Crawler.com)
HKLM\...\Run: [SoundMAX] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Analog Devices, Inc.)
HKU\S-1-5-21-4028636639-3535163432-3999029935-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584 2014-04-21] (IObit)
HKU\S-1-5-21-4028636639-3535163432-3999029935-1000\...\Run: [wcssvc] => C:\Users\Adi\AppData\Roaming\Services\wcssvc.exe [4004016 2012-05-21] (Microsoft Corporation)
HKU\S-1-5-21-4028636639-3535163432-3999029935-1000\...\Run: [fussvc] => C:\Users\Adi\AppData\Roaming\User\fussvc.exe [1347584 2011-05-23] (Microsoft Corporation)
HKU\S-1-5-21-4028636639-3535163432-3999029935-1000\...\Policies\Explorer: [ForceRunOnStartMenu] 1
IFEO\ActionCenterDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\AutoPico.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Boost.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\chrmstp.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\GameBooster.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\gbtray.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\IObitCommunities.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\maintenanceservice.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SDInit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\setup.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SmartDefrag.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF NetworkProxy: "http", "202.41.10.200"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\searchplugins\seznam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\ascsurfingprotection@iobit.com [2014-06-15]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-06-15]
FF Extension: ImageShack® Toolbar - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24} [2014-06-15]
FF Extension: Calculator - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\{AA052FD6-366A-4771-A591-0D8DC551585D}.xpi [2014-06-15]
FF Extension: Adblock Plus - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-15]
FF Extension: MetaProducts Integration - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi [2014-06-15]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR HomePage: Default -> E8A878112B79518088FD15F98658B85D713D6EF7699B83DEA71BCA70EE60E4D9
CHR DefaultSearchKeyword: Default -> 1889E53B6D9076F9F7E79B28C690115F87BFDDCAF2AB36E7107846E7DCF316DD
CHR DefaultSearchURL: Default -> B98112ABDEA7195B193B4A14BA5F1B82933C7DAABDAED5FF6174894BAF8DB662
CHR Profile: C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-17]
CHR Extension: (Disk Google) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-17]
CHR Extension: (YouTube) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-17]
CHR Extension: (Peněženka Google) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-17]
CHR Extension: (Gmail) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146304 2014-05-14] (Crawler.com)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [105176 2007-04-13] (EZB Systems, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-29] (Duplex Secure Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-06-15] (Windows (R) Win 7 DDK provider)
U3 apxv7xpl; C:\Windows\System32\Drivers\apxv7xpl.sys [0 ] (Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 18:01 - 2014-09-14 18:02 - 00017589 _____ () C:\Users\Adi\Desktop\FRST.txt
2014-09-14 18:01 - 2014-09-14 18:01 - 00029696 _____ () C:\Users\Adi\AppData\Local\MSGBOX.EXE
2014-09-14 18:01 - 2014-09-14 18:01 - 00015327 _____ () C:\Users\Adi\Desktop\LM.bat
2014-09-14 17:30 - 2014-09-14 18:01 - 00000000 ____D () C:\FRST
2014-09-13 13:50 - 2014-09-13 13:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-10 23:28 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 23:28 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 23:28 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 23:28 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 23:28 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 23:28 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 23:28 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 23:28 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 23:28 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 23:28 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 23:28 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 23:28 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 23:28 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 23:28 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 23:28 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 23:28 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 23:28 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 23:28 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 23:28 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 23:28 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 23:28 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 23:28 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 23:28 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 23:28 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 23:28 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 23:28 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 23:28 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 23:28 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 23:28 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 23:28 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 23:28 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 23:28 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 23:28 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 23:28 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 23:28 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:28 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 23:28 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 23:28 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 23:28 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 23:28 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 23:28 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 23:28 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 23:28 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 23:28 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 23:28 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 23:28 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 23:28 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 23:28 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 23:28 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 23:28 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 23:28 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 23:28 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 23:28 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 23:28 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 23:28 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 23:28 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 23:18 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 23:18 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 14:13 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 14:13 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 14:13 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 14:13 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 14:13 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 14:12 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 14:12 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 14:05 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 14:05 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 13:44 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 13:44 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-27 21:33 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:33 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:33 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 16:39 - 2014-08-27 16:39 - 00001053 _____ () C:\Users\Adi\Desktop\Notepad++.lnk
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Notepad++


==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 18:02 - 2014-09-14 18:01 - 00017589 _____ () C:\Users\Adi\Desktop\FRST.txt
2014-09-14 18:01 - 2014-09-14 18:01 - 00029696 _____ () C:\Users\Adi\AppData\Local\MSGBOX.EXE
2014-09-14 18:01 - 2014-09-14 18:01 - 00015327 _____ () C:\Users\Adi\Desktop\LM.bat
2014-09-14 18:01 - 2014-09-14 17:30 - 00000000 ____D () C:\FRST
2014-09-14 17:59 - 2014-08-13 20:42 - 01574555 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 17:57 - 2014-06-15 15:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-14 17:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 17:53 - 2010-11-21 11:27 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-09-14 17:53 - 2010-11-21 11:27 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-09-14 17:53 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 17:52 - 2009-07-14 06:45 - 00034912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-14 17:52 - 2009-07-14 06:45 - 00034912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-14 17:45 - 2014-06-17 19:30 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 17:45 - 2014-06-17 19:30 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 17:44 - 2014-06-17 19:30 - 00003954 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-14 17:44 - 2014-06-17 19:30 - 00003702 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-14 17:44 - 2014-06-15 20:25 - 00003158 _____ () C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2014-09-14 17:43 - 2014-08-02 08:00 - 00003796 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart
2014-09-14 17:43 - 2014-06-15 20:23 - 00003162 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update
2014-09-14 17:03 - 2014-09-14 17:29 - 00112640 _____ (forum.viry.cz) C:\Users\Adi\Desktop\FRSTLauncher.exe
2014-09-14 17:02 - 2014-09-14 17:04 - 02105856 _____ (Farbar) C:\Users\Adi\Desktop\FRST64.exe
2014-09-14 14:48 - 2014-06-22 19:13 - 71704576 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-14 14:48 - 2014-06-22 19:13 - 43950080 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-09-14 14:48 - 2014-06-22 19:13 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-14 14:48 - 2014-06-22 19:13 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-14 14:48 - 2014-06-22 19:13 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-14 14:48 - 2014-06-15 15:15 - 00000000 ____D () C:\Users\Adi
2014-09-14 14:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-14 12:51 - 2014-06-16 01:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-14 12:34 - 2014-09-14 12:34 - 00941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-09-14 12:34 - 2014-09-14 12:34 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-09-14 12:34 - 2014-06-15 15:47 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-09-14 12:32 - 2014-06-15 19:33 - 00002209 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-09-14 12:12 - 2014-06-15 19:33 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-14 12:10 - 2014-06-15 16:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 22:16 - 2014-07-22 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-09-13 19:24 - 2014-07-13 12:04 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{542E3906-32AA-4941-A792-64D2C06A0556}
2014-09-13 13:51 - 2014-09-13 13:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 22:47 - 2014-08-02 08:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 22:46 - 2014-08-02 08:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-10 23:25 - 2014-06-15 15:27 - 01559268 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 23:24 - 2014-06-15 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 23:24 - 2014-06-15 16:30 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 23:24 - 2014-06-15 16:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-10 23:24 - 2014-06-15 16:29 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 23:24 - 2014-06-15 16:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-10 23:18 - 2014-06-15 19:13 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 23:17 - 2014-06-15 19:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 22:41 - 2014-06-17 19:32 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-09 11:50 - 2014-06-30 19:03 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\AIMP3
2014-09-06 13:40 - 2009-07-14 07:08 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-05 04:10 - 2014-09-10 14:12 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 14:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-31 10:39 - 2014-06-15 19:53 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-08-28 17:02 - 2009-07-14 06:45 - 00435512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 16:39 - 2014-08-27 16:39 - 00001053 _____ () C:\Users\Adi\Desktop\Notepad++.lnk
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-23 04:07 - 2014-08-27 21:33 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:33 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:33 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 20:05 - 2014-09-10 23:28 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-10 23:28 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 19:22 - 2014-06-15 15:37 - 00002850 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Adi)
2014-08-19 19:22 - 2014-06-15 15:37 - 00001174 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-08-19 19:22 - 2014-06-15 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-08-19 15:50 - 2014-08-19 15:50 - 00001030 _____ () C:\Users\Adi\Desktop\age3y – zástupce.lnk
2014-08-19 01:01 - 2014-09-10 23:28 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-10 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-10 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-10 23:28 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-10 23:28 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-10 23:28 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-10 23:28 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-10 23:28 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-10 23:28 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-10 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-10 23:28 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-10 23:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-10 23:28 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-10 23:28 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-10 23:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-10 23:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-10 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-10 23:28 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-10 23:28 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-10 23:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-10 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-10 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-10 23:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-10 23:28 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-10 23:28 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-10 23:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-10 23:28 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-10 23:28 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-10 23:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-10 23:28 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-10 23:28 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-10 23:28 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-10 23:28 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-10 23:28 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-10 23:28 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-10 23:28 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-10 23:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-10 23:28 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-10 23:28 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-10 23:28 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-10 23:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-10 23:28 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-10 23:28 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-10 23:28 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-10 23:28 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-10 23:28 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-10 23:28 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-10 23:28 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-18 21:30 - 2014-07-04 14:35 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-18 21:28 - 2014-06-27 14:49 - 00000000 ____D () C:\Users\Adi\Documents\My Games
2014-08-18 19:53 - 2014-08-18 19:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-17 23:33 - 2014-08-17 23:33 - 00000000 ____D () C:\Users\Adi\AppData\Local\Adobe
2014-08-17 23:31 - 2014-08-17 23:31 - 00000000 ____D () C:\Users\Adi\AppDat
2014-08-17 23:15 - 2014-08-17 23:15 - 00000518 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-17 23:15 - 2014-08-17 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-17 22:29 - 2014-07-14 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2014-08-17 12:38 - 2014-06-15 16:35 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-17 12:38 - 2014-06-15 16:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 21:47 - 2014-08-15 21:47 - 00001726 _____ () C:\Users\Adi\Desktop\IObitUninstaler – zástupce.lnk
2014-08-15 21:43 - 2014-06-15 15:37 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\IObit


Files to move or delete:
====================
C:\Users\Adi\IP_Log_Data.js
C:\Users\Adi\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\Adi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-14 14:01

==================== End Of Log ============================

[vyosek]

Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[Ondrys66]

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/14/2014 07:09:18 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\USERS\ADI\APPDATA\ROAMING\SERVICES\WCSSVC.EXE (PID: 2660) [UP-HEUR]
* C:\USERS\ADI\APPDATA\ROAMING\USER\FUSSVC.EXE (PID: 2828) [UP-HEUR]
* C:\USERS\ADI\APPDATA\ROAMING\SERVICES\REGSVC32.EXE (PID: 6012) [UP-HEUR]
* C:\Users\Adi\AppData\Roaming\User\mcxsvc.exe (PID: 3196) [UP-HEUR]

4 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/14/2014 07:09:39 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)

[vyosek]

Pokracujte Combofixem

[Ondrys66]

ComboFix 14-09-14.01 - Adi 14.09.2014 19:20:23.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8191.6761 [GMT 2:00]
Spuštěný z: c:\users\Adi\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Adi\AppData\Local\MSGBOX.EXE
c:\users\Adi\AppData\Roaming\Adobe\update_flashplayerxx_mssd_en_aih.exe
c:\users\Adi\AppData\Roaming\Adobe\update_flashplayerxx_mssd_fr_aih.exe
c:\users\Adi\AppData\Roaming\User
c:\users\Adi\AppData\Roaming\User\fussvc.exe
c:\users\Adi\AppData\Roaming\User\mcxsvc.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-14 do 2014-09-14 )))))))))))))))))))))))))))))))
.
.
2014-09-14 15:30 . 2014-09-14 16:03 -------- d-----w- C:\FRST
2014-09-14 14:59 . 2014-09-14 14:59 -------- d-----w- c:\windows\ERUNT
2014-09-14 14:22 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-14 10:34 . 2014-09-14 10:34 941272 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-09-14 10:34 . 2014-09-14 10:34 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-09-14 10:22 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C99F655-624B-481D-A285-B3F70AD415B7}\mpengine.dll
2014-09-12 15:23 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-10 21:18 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 21:18 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 12:13 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 12:13 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-10 12:13 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 12:13 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-10 12:13 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-10 12:12 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-10 12:12 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-10 12:05 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-10 12:05 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 11:44 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 11:44 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-08-29 20:30 . 2014-08-19 17:31 1169712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EC7C3C2-3C29-4015-BDCB-4884D2A677CD}\gapaengine.dll
2014-08-27 19:33 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-27 19:33 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-27 19:33 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-27 14:39 . 2014-08-27 14:39 -------- d-----w- c:\program files (x86)\Notepad++
2014-08-27 14:39 . 2014-08-27 14:39 -------- d-----w- c:\users\Adi\AppData\Roaming\Notepad++
2014-08-19 14:29 . 2014-08-19 14:29 -------- d-----w- c:\users\Adi\AppData\Roaming\The Creative Assembly
2014-08-18 17:52 . 2014-08-18 17:53 -------- d-----w- c:\programdata\Package Cache
2014-08-17 21:33 . 2014-08-17 21:33 -------- d-----w- c:\users\Adi\AppData\Local\Adobe
2014-08-17 21:15 . 2014-08-18 18:01 -------- d-----w- c:\program files (x86)\Common Files\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.

2014-09-14 10:34 . 2014-06-15 13:47 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-09-10 21:18 . 2014-06-15 17:13 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-19 17:31 . 2014-06-25 15:38 1169712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-08-17 10:38 . 2014-06-15 14:35 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-17 10:38 . 2014-06-15 14:35 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-10 19:00 . 2014-08-10 19:00 0 --sha-w- c:\windows\SysWow64\wmplog03.bat
2014-07-25 13:50 . 2014-08-13 21:18 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-07-25 13:50 . 2014-06-15 13:30 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-07-25 13:50 . 2014-08-13 21:18 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-07-25 13:50 . 2014-06-15 13:30 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-17 16:05 . 2014-07-17 16:05 269008 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-07-17 16:05 . 2014-03-11 07:52 125584 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-07-16 03:23 . 2014-08-13 01:32 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-13 01:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-13 00:05 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-13 00:05 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-11 01:02 . 2014-07-29 13:36 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-09 02:03 . 2014-08-13 01:18 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-13 01:18 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-13 01:18 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-13 01:18 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-13 01:18 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-13 01:18 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-13 01:18 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-07-07 12:34 . 2014-06-15 13:47 107552 ----a-w- c:\windows\system32\SET8B40.tmp
2014-07-03 16:56 . 2014-07-03 16:56 52736 ----a-w- c:\windows\ipuninst.exe
2014-07-02 20:48 . 2014-08-13 21:28 846832 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-07-02 20:48 . 2014-08-13 21:28 16122344 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-07-02 20:48 . 2014-08-13 21:28 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-07-02 20:48 . 2014-08-13 21:28 31512520 ----a-w- c:\windows\system32\nvoglv64.dll
2014-07-02 20:48 . 2014-08-13 21:28 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-07-02 20:48 . 2014-08-13 21:28 24196896 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-07-02 20:48 . 2014-08-13 21:28 13922752 ----a-w- c:\windows\system32\nvopencl.dll
2014-07-02 20:48 . 2014-08-13 21:28 12866008 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-07-02 20:48 . 2014-08-13 21:28 11283344 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-07-02 20:48 . 2014-08-13 21:28 944928 ----a-w- c:\windows\system32\NvIFR64.dll
2014-07-02 20:48 . 2014-08-13 21:28 391640 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-07-02 20:48 . 2014-08-13 21:28 348120 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-07-02 20:48 . 2014-08-13 21:28 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-07-02 20:48 . 2014-08-13 21:28 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-07-02 20:48 . 2014-08-13 21:28 907096 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-07-02 20:48 . 2014-08-13 21:28 903624 ----a-w- c:\windows\system32\NvFBC64.dll
2014-07-02 20:48 . 2014-08-13 21:28 869152 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-07-02 20:48 . 2014-08-13 21:28 502232 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-07-02 20:48 . 2014-08-13 21:28 418760 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-07-02 20:48 . 2014-08-13 21:28 4247000 ----a-w- c:\windows\system32\nvcuvid.dll
2014-07-02 20:48 . 2014-08-13 21:28 3989960 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-07-02 20:48 . 2014-08-13 21:28 1890080 ----a-w- c:\windows\system32\nvdispco6434052.dll
2014-07-02 20:48 . 2014-08-13 21:28 17555104 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-07-02 20:48 . 2014-08-13 21:28 1539928 ----a-w- c:\windows\system32\nvdispgenco6434052.dll
2014-07-02 20:48 . 2014-08-13 21:28 13835208 ----a-w- c:\windows\system32\nvcuda.dll
2014-07-02 20:48 . 2014-08-13 21:28 11222048 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-07-02 20:48 . 2014-08-13 21:28 22994208 ----a-w- c:\windows\system32\nvcompiler.dll
2014-07-02 20:48 . 2014-08-13 21:28 15294296 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-07-02 20:48 . 2014-06-15 13:29 75040 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-02 20:48 . 2014-06-15 13:29 61912 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-07-02 20:48 . 2014-06-15 13:24 965312 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2014-06-15 13:24 3196816 ----a-w- c:\windows\system32\nvapi64.dll
2014-07-02 20:48 . 2014-06-15 13:24 2814656 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-07-02 20:48 . 2014-06-15 13:24 18626304 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-07-02 20:48 . 2014-06-15 13:24 14498552 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-07-02 18:55 . 2014-06-15 13:29 6783776 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:55 . 2014-06-15 13:29 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-02 18:55 . 2014-06-15 13:29 935368 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-02 18:55 . 2014-06-15 13:29 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-02 18:55 . 2014-06-15 13:29 386520 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 18:55 . 2014-06-15 13:29 2559960 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-02 17:44 . 2014-08-13 21:35 609240 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-07-02 10:14 . 2014-06-15 13:29 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2014-06-30 22:24 . 2014-08-13 19:13 8856 ----a-w- c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-13 19:13 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-06-29 11:50 . 2014-06-29 11:50 386680 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-06-25 02:05 . 2014-08-13 00:11 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-06-18 02:18 . 2014-07-11 13:24 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-11 13:24 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-16 19:09 . 2014-06-15 13:31 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-08-12 07:58 1729232 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-08-12 07:58 1729232 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-08-12 07:58 1729232 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-06-05 1310720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceRunOnStartMenu"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-10 20:38 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-17 17:30]
.
2014-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-17 17:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-08-12 07:54 2334416 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-08-12 07:54 2334416 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-08-12 07:54 2334416 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2014-05-14 2774936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.http - 202.41.10.200
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 4
# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
FF - user.js: accessibility.typeaheadfind - true
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1410639736
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1410690652
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1410639496
FF - user.js: app.update.lastUpdateTime.browser-cleanup-thumbnails - 1410705736
FF - user.js: app.update.lastUpdateTime.experiments-update-timer - 1410639616
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1313342962
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1302280650
FF - user.js: app.update.lastUpdateTime.restart-nag-timer - 1196623854
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1410690532
FF - user.js: app.update.migrated.updateDir - true
FF - user.js: browser.anchor_color - #0000FF
FF - user.js: browser.cache.disk.capacity - 358400
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size.use_old_max - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 358400
FF - user.js: browser.cache.frecency_experiment - 1
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.customizemode.tip0.shown - true
FF - user.js: browser.display.background_color - #C0C0C0
FF - user.js: browser.display.use_system_colors - true
FF - user.js: browser.download.dir - f:\\Download Mozzila
FF - user.js: browser.download.folderList - 2
FF - user.js: browser.download.importedFromSqlite - true
FF - user.js: browser.download.lastDir - f:\\Download Mozzila
FF - user.js: browser.download.manager.alertOnEXEOpen - true
FF - user.js: browser.download.panel.firstSessionCompleted - true
FF - user.js: browser.download.panel.shown - true
FF - user.js: browser.download.save_converter_index - 0
FF - user.js: browser.feeds.showFirstRunUI - false
FF - user.js: browser.history_expire_days.mirror - 20
FF - user.js: browser.keywordURLPromptDeclined - 1
FF - user.js: browser.migration.version - 22
FF - user.js: browser.newtabpage.blocked - {\nwtvUtZYotJfF0RLIZnMUw==\:1}
FF - user.js: browser.newtabpage.storageVersion - 1
FF - user.js: browser.offline - false
FF - user.js: browser.pagethumbnails.storage_version - 3
FF - user.js: browser.places.importBookmarksHTML - false
FF - user.js: browser.places.importDefaults - false
FF - user.js: browser.places.leftPaneFolderId - -1
FF - user.js: browser.places.migratePostDataAnnotations - false
FF - user.js: browser.places.smartBookmarksVersion - 7
FF - user.js: browser.places.updateRecentTagsUri - false
FF - user.js: browser.preferences.advanced.selectedTabIndex - 0
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.search.param.yahoo-fr - chr-greentree_ff&ilc=12&type=668083
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.search.useDBForOrder - true
FF - user.js: browser.sessionstore.upgradeBackup.latestBuildID - 20140911151253
FF - user.js: browser.slowStartup.averageTime - 3533
FF - user.js: browser.slowStartup.samples - 3
FF - user.js: browser.startup.homepage - about:home
FF - user.js: browser.startup.homepage_override.buildID - 20140911151253
FF - user.js: browser.startup.homepage_override.mstone - 32.0.1
FF - user.js: browser.startup.page - 0
FF - user.js: browser.syncPromoViewsLeftMap - {\bookmarks\:0,\passwords\:0}
FF - user.js: browser.tabs.drawInTitlebar - false
FF - user.js: browser.tabs.onTop - false
FF - user.js: browser.tabs.warnOnClose - false
FF - user.js: browser.taskbar.lastgroupid - E7CF176E110C211B
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.uiCustomization.state - {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\privatebrowsing-button\,\save-page-button\,\print-button\,\history-panelmenu\,\fullscreen-button\,\find-button\,\preferences-button\,\add-ons-button\,\developer-button\],\addon-bar\:[\addonbar-closebutton\,\customizableui-special-spring1\,\status-bar\],\PersonalToolbar\:[\personal-bookmarks\],\nav-bar\:[\unified-back-forward-button\,\urlbar-container\,\reload-button\,\stop-button\,\search-container\,\downloads-button\,\home-button\,\bookmarks-menu-button\,\webrtc-status-button\,\social-share-button\,\window-controls\,\abp-toolbarbutton\],\TabsToolbar\:[\tabbrowser-tabs\,\new-tab-button\,\alltabs-button\,\tabs-closebutton\],\toolbar-menubar\:[\menubar-items\,\customizableui-special-spring2\]},\seen\:[\abp-toolbarbutton\],\dirtyAreaCache\:[\addon-bar\,\PersonalToolbar\,\nav-bar\,\TabsToolbar\,\toolbar-menubar\,\PanelUI-contents\],\newElementCount\:2}
FF - user.js: browser.uitour.whitelist.add.260 -
FF - user.js: browser.uitour.whitelist.add.340 -
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.visited_color - #800080
FF - user.js: calculator.calc_angle - 1
FF - user.js: calculator.calc_format - 0
FF - user.js: calculator.calc_open - 0
FF - user.js: calculator.calc_pad - 0
FF - user.js: calculator.calc_updated - 0
FF - user.js: calculator.superfish_first_launch - 0
FF - user.js: calculator.superfish_userId - 1627641674
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: datareporting.healthreport.lastDataSubmissionFailureTime - 1403536544843
FF - user.js: datareporting.healthreport.lastDataSubmissionRequestedTime - 1410621345114
FF - user.js: datareporting.healthreport.lastDataSubmissionSuccessfulTime - 1410621347628
FF - user.js: datareporting.healthreport.nextDataSubmissionTime - 1410707747628
FF - user.js: datareporting.healthreport.service.firstRun - true
FF - user.js: datareporting.policy.dataSubmissionPolicyAccepted - true
FF - user.js: datareporting.policy.dataSubmissionPolicyAcceptedVersion - 1
FF - user.js: datareporting.policy.dataSubmissionPolicyNotifiedTime - 1366027271551
FF - user.js: datareporting.policy.dataSubmissionPolicyResponseTime - 1366027577931
FF - user.js: datareporting.policy.dataSubmissionPolicyResponseType - accepted-implicit-time-elapsed
FF - user.js: datareporting.policy.firstRunTime - 1365960828315
FF - user.js: datareporting.sessions.current.activeTicks - 4
FF - user.js: datareporting.sessions.current.firstPaint - 2217
FF - user.js: datareporting.sessions.current.main - 68
FF - user.js: datareporting.sessions.current.sessionRestored - 2345
FF - user.js: datareporting.sessions.current.startTime - 1410708558356
FF - user.js: datareporting.sessions.current.totalTime - 22
FF - user.js: datareporting.sessions.currentIndex - 2163
FF - user.js: datareporting.sessions.previous.2148 - {\s\:1410604662093,\a\:262,\t\:22220,\c\:true,\m\:1145,\fp\:5389,\sr\:5508}
FF - user.js: datareporting.sessions.previous.2149 - {\s\:1410639364061,\a\:184,\t\:1053,\c\:true,\m\:2575,\fp\:5987,\sr\:13919}
FF - user.js: datareporting.sessions.previous.2150 - {\s\:1410690288645,\a\:81,\t\:433,\c\:true,\m\:1631,\fp\:6559,\sr\:6872}
FF - user.js: datareporting.sessions.previous.2151 - {\s\:1410691556027,\a\:14,\t\:72,\c\:true,\m\:198,\fp\:2499,\sr\:2639}
FF - user.js: datareporting.sessions.previous.2152 - {\s\:1410694637153,\a\:30,\t\:373,\c\:true,\m\:212,\fp\:2732,\sr\:2875}
FF - user.js: datareporting.sessions.previous.2153 - {\s\:1410697806344,\a\:47,\t\:297,\c\:true,\m\:11466,\fp\:32505,\sr\:33063}
FF - user.js: datareporting.sessions.previous.2154 - {\s\:1410698415463,\a\:18,\t\:364,\c\:true,\m\:351,\fp\:2676,\sr\:2819}
FF - user.js: datareporting.sessions.previous.2155 - {\s\:1410699586260,\a\:533,\t\:4319,\c\:false,\m\:1214,\fp\:5510,\sr\:5652}
FF - user.js: datareporting.sessions.previous.2156 - {\s\:1410704623900,\a\:2,\t\:12,\c\:true,\m\:1093,\fp\:5308,\sr\:5639}
FF - user.js: datareporting.sessions.previous.2157 - {\s\:1410704637862,\a\:25,\t\:231,\c\:true,\m\:256,\fp\:2679,\sr\:2816}
FF - user.js: datareporting.sessions.previous.2158 - {\s\:1410705210713,\a\:1,\t\:8,\c\:true,\m\:1033,\fp\:5225,\sr\:5603}
FF - user.js: datareporting.sessions.previous.2159 - {\s\:1410705249755,\a\:6,\t\:701,\c\:false,\m\:200,\fp\:242675,\sr\:242812}
FF - user.js: datareporting.sessions.previous.2160 - {\s\:1410706958596,\a\:6,\t\:33,\c\:false,\m\:245,\fp\:3511,\sr\:3768}
FF - user.js: datareporting.sessions.previous.2161 - {\s\:1410708197198,\a\:2,\t\:8,\c\:true,\m\:182,\fp\:2387,\sr\:2521}
FF - user.js: datareporting.sessions.previous.2162 - {\s\:1410708497392,\a\:2,\t\:11,\c\:true,\m\:1133,\fp\:5417,\sr\:5845}
FF - user.js: datareporting.sessions.prunedIndex - 2147
FF - user.js: dom.mozApps.used - true
FF - user.js: dom.w3c_touch_events.expose - false
FF - user.js: extensions.adblockplus.currentVersion - 2.6.4
FF - user.js: extensions.adblockplus.lastRuleUpdate - 1374652758
FF - user.js: extensions.adblockplus.notificationdata - {\lastCheck\:1410705970312,\softExpiration\:1410736678529,\hardExpiration\:1410812898423,\data\:{\notifications\:[],\version\:\201409132020\},\lastError\:0,\downloadStatus\:\synchronize_ok\,\shown\:[]}
FF - user.js: extensions.blocklist.pingCountTotal - 894
FF - user.js: extensions.blocklist.pingCountVersion - 2
FF - user.js: extensions.bootstrappedAddons - {\cs@dictionaries.addons.mozilla.org\:{\version\:\1.0.4\,\type\:\dictionary\,\descriptor\:\c:\\\\Users\\\\Adi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hi9wh3g8.default\\\\extensions\\\\cs@dictionaries.addons.mozilla.org\},\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\:{\version\:\2.6.4\,\type\:\extension\,\descriptor\:\c:\\\\Users\\\\Adi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hi9wh3g8.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\}}
FF - user.js: extensions.cs@dictionaries.addons.mozilla.org.install-event-fired - true
FF - user.js: extensions.databaseSchema - 16
FF - user.js: extensions.enabledAddons - %7BD249FD00-4DF9-11D9-9FDC-0080481ADA61%7D:1.6.3,%7BAA052FD6-366A-4771-A591-0D8DC551585D%7D:1.1.31,ascsurfingprotection%40iobit.com:1.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.1
FF - user.js: extensions.enabledItems - {AA052FD6-366A-4771-A591-0D8DC551585D}:1.1.21,{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}:5.2.4.8,{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03,{D249FD00-4DF9-11D9-9FDC-0080481ADA61}:1.5,cs@dictionaries.addons.mozilla.org:1.0.2,{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,jqs@sun.com:1.0,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,firefox1@myibay.com:1.1.8,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - user.js: extensions.firefox1@myibay.com.install-event-fired - true
FF - user.js: extensions.getAddons.cache.lastUpdate - 1410639742
FF - user.js: extensions.getAddons.databaseSchema - 5
FF - user.js: extensions.getsmartlinks.addons - {\{AA052FD6-366A-4771-A591-0D8DC551585D}\:\calculator\}
FF - user.js: extensions.getsmartlinks.guid - 995D0E89-BBC2-AE97-0754-7442B233CC32
FF - user.js: extensions.getsmartlinks.last-ran - {\{AA052FD6-366A-4771-A591-0D8DC551585D}\:15203}
FF - user.js: extensions.getsmartlinks.log.opt-in-dismiss - 14920
FF - user.js: extensions.getsmartlinks.log.opt-in-view - 14920
FF - user.js: extensions.getsmartlinks.max-version - 18
FF - user.js: extensions.getsmartlinks.min-version - 18
FF - user.js: extensions.getsmartlinks.next-opt-in - -1
FF - user.js: extensions.getsmartlinks.opt-in-prompts - true
FF - user.js: extensions.getsmartlinks.preferred - [\{AA052FD6-366A-4771-A591-0D8DC551585D}\]
FF - user.js: extensions.getsmartlinks.seen-opt-in - 14920
FF - user.js: extensions.getsmartlinks.show-in-menu - false
FF - user.js: extensions.getsmartlinks.version - {\{AA052FD6-366A-4771-A591-0D8DC551585D}\:18}
FF - user.js: extensions.hotfix.lastVersion - 20140527.01.3
FF - user.js: extensions.imageshacktoolbar.USERID - 41afc6e48c634b49d135e51cb89c31ab
FF - user.js: extensions.imageshacktoolbar.imageOptions - 0
FF - user.js: extensions.installCache - [{\name\:\app-global\,\addons\:{\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1410609087003,\rdfTime\:1410609085758}}},{\name\:\app-profile\,\addons\:{\ascsurfingprotection@iobit.com\:{\descriptor\:\c:\\\\Users\\\\Adi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hi9wh3g8.default\\\\extensions\\\\ascsurfingprotection@iobit.com\,\mtime\:1402853617484,\rdfTime\:1337957796000},\cs@dictionaries.addons.mozilla.org\:{\descriptor\:\c:\\\\Users\\\\Adi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hi9wh3g8.default\\\\extensions\\\\cs@dictionaries.addons.mozilla.org\,\mtime\:1402841801787,\rdfTime\:1356798294000},\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\:{\descriptor\:\c:\\\\Users\\\\Adi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hi9wh3g8.default\\\\extensions\\\\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\,\mtime\:1402841801943,\rdfTime\:1267608652000},\{AA052FD6-366A-4771-A591-0D8DC551585D}\:{\descriptor\:\c:\\\\Users\\\\Adi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hi9wh3g8.default\\\\extensions\\\\{AA052FD6-366A-4771-A591-0D8DC551585D}.xpi\,\mtime\:1391112115640},\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\:{\descriptor\:\c:\\\\Users\\\\Adi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hi9wh3g8.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\,\mtime\:1406133755210},\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\:{\descriptor\:\c:\\\\Users\\\\Adi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hi9wh3g8.default\\\\extensions\\\\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi\,\mtime\:1310531870656}}}]
FF - user.js: extensions.jqs@sun.com.install-event-fired - true
FF - user.js: extensions.lastAppVersion - 32.0.1
FF - user.js: extensions.lastPlatformVersion - 32.0.1
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.ui.dictionary.hidden - false
FF - user.js: extensions.ui.experiment.hidden - true
FF - user.js: extensions.ui.lastCategory - addons://list/extension
FF - user.js: extensions.ui.locale.hidden - true
FF - user.js: extensions.update.notifyUser - false
FF - user.js: extensions.{4B3803EA-5230-4DC3-A7FC-33638F3D3542}.install-event-fired - true
FF - user.js: extensions.{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}.install-event-fired - true
FF - user.js: extensions.{AA052FD6-366A-4771-A591-0D8DC551585D}.install-event-fired - true
FF - user.js: extensions.{B13721C7-F507-4982-B2E5-502A71474FED}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: extensions.{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.install-event-fired - true
FF - user.js: font.internaluseonly.changed - true
FF - user.js: gecko.buildID - 20140911151253
FF - user.js: gecko.mstone - 32.0.1
FF - user.js: gfx.direct3d.last_used_feature_level_idx - 0
FF - user.js: idle.lastDailyNotification - 1410701298
FF - user.js: intl.charsetmenu.browser.cache - ISO-8859-15, windows-1252, UTF-8, ISO-8859-2, windows-1250
FF - user.js: layout.spellcheckDefault - 0
FF - user.js: mpint.AccTypes - 123,ace,arc,arj,cdw,chm,doc,dvi,exe,gz,gzip,ha,iso,lha,lzh,mp2,mp3,mpe,mpeg,mpg,msi,ogg,pak,pdf,ppt,ps,ram,rar,rm,rtf,tar,tgz,vqf,wri,xls,xlw,zip
FF - user.js: mpint.DefDL - DE
FF - user.js: mpint.IsInit - true
FF - user.js: mpint.LastDownload - false
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.proxy.http - 202.41.10.200
FF - user.js: network.proxy.http_port - 8080
FF - user.js: network.proxy.type - 4
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: pdfjs.migrationVersion - 2
FF - user.js: pdfjs.previousHandler.alwaysAskBeforeHandling - true
FF - user.js: places.database.lastMaintenance - 1410621345
FF - user.js: places.history.expiration.transient_current_max_pages - 104858
FF - user.js: places.history.expiration.transient_optimal_database_size - 78202880
FF - user.js: places.last_vacuum - 1301250798
FF - user.js: plugin.disable_full_page_plugin_for_types - application/pdf
FF - user.js: plugin.expose_full_path - true
FF - user.js: plugin.importedState - true
FF - user.js: pref.advanced.images.disable_button.view_image - false
FF - user.js: pref.advanced.javascript.disable_button.advanced - false
FF - user.js: print.print_bgcolor - false
FF - user.js: print.print_bgimages - false
FF - user.js: print.print_command -
FF - user.js: print.print_downloadfonts - true
FF - user.js: print.print_evenpages - true
FF - user.js: print.print_in_color - true
FF - user.js: print.print_margin_bottom - 0.5
FF - user.js: print.print_margin_left - 0.5
FF - user.js: print.print_margin_right - 0.5
FF - user.js: print.print_margin_top - 0.5
FF - user.js: print.print_oddpages - true
FF - user.js: print.print_orientation - 0
FF - user.js: print.print_pagedelay - 500
FF - user.js: print.print_paper_data - 0
FF - user.js: print.print_paper_height - 11,00
FF - user.js: print.print_paper_size - 8192034
FF - user.js: print.print_paper_size_type - 1
FF - user.js: print.print_paper_size_unit - 0
FF - user.js: print.print_paper_width - 8,50
FF - user.js: print.print_printer -
FF - user.js: print.print_reversed - false
FF - user.js: print.print_scaling - 1,00
FF - user.js: print.print_shrink_to_fit - true
FF - user.js: print.print_to_file - false
FF - user.js: print.print_to_filename -
FF - user.js: privacy.donottrackheader.enabled - true
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: services.sync.clients.lastSync - 0
FF - user.js: services.sync.clients.lastSyncLocal - 0
FF - user.js: services.sync.declinedEngines -
FF - user.js: services.sync.globalScore - 0
FF - user.js: services.sync.migrated - true
FF - user.js: services.sync.nextSync - 0
FF - user.js: services.sync.tabs.lastSync - 0
FF - user.js: services.sync.tabs.lastSyncLocal - 0
FF - user.js: signon.importedFromSqlite - true
FF - user.js: spellchecker.dictionary - Cestina
FF - user.js: storage.vacuum.last.index - 1
FF - user.js: storage.vacuum.last.places.sqlite - 1409385898
FF - user.js: toolkit.startup.last_success - 1410708558
FF - user.js: toolkit.telemetry.previousBuildID - 20140911151253
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: toolkit.telemetry.rejected - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1400703124
FF - user.js: urlclassifier.tableversion.goog-black-enchash - 1.58177
FF - user.js: urlclassifier.tableversion.goog-black-url - 1.24302
FF - user.js: urlclassifier.tableversion.goog-white-domain - 1.481
FF - user.js: urlclassifier.tableversion.goog-white-url - 1.371
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.103 -
FF - user.js: xpinstall.whitelist.add.180 -
FF - user.js: xpinstall.whitelist.add.36 -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-fussvc - c:\users\Adi\AppData\Roaming\User\fussvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e0,24,b6,46,83,c1,41,46,b7,14,0a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e0,24,b6,46,83,c1,41,46,b7,14,0a,\
.
[HKEY_USERS\S-1-5-21-4028636639-3535163432-3999029935-1000\Software\SecuROM\License information*]
"datasecu"=hex:95,83,eb,71,ec,ed,71,bd,5d,10,22,21,e3,26,1f,0d,8d,3d,92,92,fc,
a6,5d,22,46,fb,99,25,13,9a,20,13,07,6c,79,d9,2b,8a,9e,29,f9,a1,b9,55,a7,20,\
"rkeysecu"=hex:f8,b8,79,66,83,32,fc,46,e1,59,0d,cd,67,ba,4d,20
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
.
**************************************************************************
.
Celkový čas: 2014-09-14 19:39:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-14 17:39
.
Před spuštěním: Volných bajtů: 39 151 329 280
Po spuštění: Volných bajtů: 38 619 787 264
.
- - End Of File - - E47E6B360B191915771F672B4E216CBF
8F558EB6672622401DA993E1E865C861

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Ondrys66]

Omlouvam se trvalo to trochu dele.
Mel bych dve otazky:
1: combofix udelal vymaz toho souboru mcxsvc.exe,ale on byl signovany microsoft?
To znamena ,ze byl poskozen nebo skodlivy?

2: Zrusil jsem,na vasi radu ,vse od Iobit a chtel bych vas poprosit o doporuceni nejakeho kvalitniho programku,jako byl Iobit Uninstaller.
Dekuji

[vyosek]

To nebyl ale digitalni podpis, pouze autor toho viru dal jeno puvodce Microsoft, ale nemel digitalni sigchceck

Na odinstalaci mohu doporucit Geek Uninstaller http://www.geekuninstaller.com/

Pokracujte ted Zoek-em

[Ondrys66]

Zoek.exe v5.0.0.0 Updated 14-September-2014
Tool run by Adi on ne 14.09.2014 at 20:09:00,21.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Adi\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14.9.2014 20:10:31 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\mlaunlt0.default\prefs.js:

Added to C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\mlaunlt0.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Adi\AppData\Roaming\TomTom\HOME\Profiles\3kjqzopy.default\prefs.js:

Added to C:\Users\Adi\AppData\Roaming\TomTom\HOME\Profiles\3kjqzopy.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default

---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 0);
---- Lines browser.startup.page removed from user.js ----

user_pref("browser.startup.page", 0);

---- FireFox user.js and prefs.js backups ----

user_14.09.2014_2022_.backup
prefs_14.09.2014_2022_.backup

ProfilePath: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\mlaunlt0.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_14.09.2014_2022_.backup

ProfilePath: C:\Users\Adi\AppData\Roaming\TomTom\HOME\Profiles\3kjqzopy.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_14.09.2014_2022_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Users\Adi\AppData\Roaming\Network Meter_Settings.ini deleted
C:\Users\Adi\AppData\Roaming\Network Meter_Usage.ini deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Users\Adi\AppData\Roaming\Network" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- ImageShack174; Toolbar - %ProfilePath%\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}
- Calculator - %ProfilePath%\extensions\{AA052FD6-366A-4771-A591-0D8DC551585D}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- MetaProducts Integration - %ProfilePath%\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi

ProfilePath: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\mlaunlt0.default
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

ProfilePath: C:\Users\Adi\AppData\Roaming\TomTom\HOME\Profiles\3kjqzopy.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default
9EE20E6E2E3F94714D44F739B9A228F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll - Shockwave Flash


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?ocid=iehp"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?ocid=iehp"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fussvc deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Adi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=23 folders=19 14158618 bytes)

==== Empty Temp Folders ======================

C:\Users\Adi\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Adi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 14.09.2014 at 20:28:37,06 ======================

[Ondrys66]

Da se nejak zjistit,odkud se ta havet da chytnout?
A jeste me napada,ze toto okno o chybe, vyskakovalo prevazne pri spustene mozille.
Jinak dekuji za cas ,ktery jse venoval ,reseni meho problemu.

[vyosek]

Tezko se uz dopatrate puvodu

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

Dejte novy log z FRST

[Ondrys66]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Adi (administrator) on ADI-PC on 14-09-2014 20:51:09
Running from C:\Users\Adi\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Microsoft Corporation) C:\Users\Adi\AppData\Roaming\Services\wcssvc.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Adi\AppData\Roaming\Services\regsvc32.exe
(Microsoft Corporation) C:\Users\Adi\AppData\Roaming\Services\fussvc.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Users\Adi\AppData\Roaming\User\mcxsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774936 2014-05-14] (Crawler.com)
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Analog Devices, Inc.)
HKLM\...\RunOnce: [NCInstallQueue] => rundll32 netman.dll,ProcessQueue
HKU\S-1-5-21-4028636639-3535163432-3999029935-1000\...\Run: [wcssvc] => C:\Users\Adi\AppData\Roaming\Services\wcssvc.exe [4004016 2012-05-21] (Microsoft Corporation)
HKU\S-1-5-21-4028636639-3535163432-3999029935-1000\...\Run: [fussvc] => C:\Users\Adi\AppData\Roaming\User\fussvc.exe [1347584 2011-05-23] (Microsoft Corporation)
HKU\S-1-5-21-4028636639-3535163432-3999029935-1000\...\Policies\Explorer: [ForceRunOnStartMenu] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "http", "202.41.10.200"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\searchplugins\seznam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\ascsurfingprotection@iobit.com [2014-06-15]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-06-15]
FF Extension: ImageShack® Toolbar - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24} [2014-06-15]
FF Extension: Calculator - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\{AA052FD6-366A-4771-A591-0D8DC551585D}.xpi [2014-06-15]
FF Extension: Adblock Plus - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-15]
FF Extension: MetaProducts Integration - C:\Users\Adi\AppData\Roaming\Mozilla\Firefox\Profiles\hi9wh3g8.default\Extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi [2014-06-15]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-17]
CHR Extension: (Google Drive) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-17]
CHR Extension: (YouTube) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-17]
CHR Extension: (Google Search) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-17]
CHR Extension: (Google Wallet) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-17]
CHR Extension: (Gmail) - C:\Users\Adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146304 2014-05-14] (Crawler.com)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [105176 2007-04-13] (EZB Systems, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-29] (Duplex Secure Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-06-15] (Windows (R) Win 7 DDK provider)
U3 ayzznkoz; C:\Windows\System32\Drivers\ayzznkoz.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 20:51 - 2014-09-14 20:51 - 00016133 _____ () C:\Users\Adi\Desktop\FRST.txt
2014-09-14 20:29 - 2014-09-14 20:29 - 00000000 ___HD () C:\Users\Adi\AppData\Roaming\Network
2014-09-14 20:26 - 2014-09-14 20:08 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-14 20:10 - 2014-09-14 20:28 - 00010812 _____ () C:\zoek-results.log
2014-09-14 20:08 - 2014-09-14 20:22 - 00000000 ____D () C:\zoek_backup
2014-09-14 20:07 - 2014-09-14 20:07 - 01290240 _____ () C:\Users\Adi\Desktop\zoek.exe
2014-09-14 19:39 - 2014-09-14 19:39 - 00048369 _____ () C:\ComboFix.txt
2014-09-14 19:15 - 2014-09-14 20:50 - 00000000 ____D () C:\Windows\erdnt
2014-09-14 19:09 - 2014-09-14 19:09 - 00002604 _____ () C:\Users\Adi\Desktop\Rkill.txt
2014-09-14 19:07 - 2014-09-14 19:06 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Adi\Desktop\rkill.com
2014-09-14 19:03 - 2014-09-14 19:03 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-14 18:01 - 2014-09-14 18:01 - 00015327 _____ () C:\Users\Adi\Desktop\LM.bat
2014-09-14 17:30 - 2014-09-14 20:51 - 00000000 ____D () C:\FRST
2014-09-14 17:29 - 2014-09-14 17:03 - 00112640 _____ (forum.viry.cz) C:\Users\Adi\Desktop\FRSTLauncher.exe
2014-09-14 17:04 - 2014-09-14 17:02 - 02105856 _____ (Farbar) C:\Users\Adi\Desktop\FRST64.exe
2014-09-14 16:59 - 2014-09-14 16:59 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 16:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-14 12:34 - 2014-09-14 12:34 - 00941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-09-14 12:34 - 2014-09-14 12:34 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-09-13 13:50 - 2014-09-13 13:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-10 23:28 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 23:28 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 23:28 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 23:28 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 23:28 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 23:28 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 23:28 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 23:28 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 23:28 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 23:28 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 23:28 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 23:28 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 23:28 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 23:28 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 23:28 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 23:28 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 23:28 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 23:28 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 23:28 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 23:28 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 23:28 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 23:28 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 23:28 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 23:28 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 23:28 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 23:28 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 23:28 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 23:28 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 23:28 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 23:28 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 23:28 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 23:28 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 23:28 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 23:28 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 23:28 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:28 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 23:28 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 23:28 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 23:28 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 23:28 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 23:28 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 23:28 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 23:28 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 23:28 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 23:28 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 23:28 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 23:28 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 23:28 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 23:28 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 23:28 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 23:28 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 23:28 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 23:28 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 23:28 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 23:28 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 23:28 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 23:18 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 23:18 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 14:13 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 14:13 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 14:13 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 14:13 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 14:13 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 14:12 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 14:12 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 14:05 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 14:05 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 13:44 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 13:44 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-27 21:33 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:33 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:33 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 16:39 - 2014-08-27 16:39 - 00001053 _____ () C:\Users\Adi\Desktop\Notepad++.lnk
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Notepad++

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 20:51 - 2014-09-14 20:51 - 00016133 _____ () C:\Users\Adi\Desktop\FRST.txt
2014-09-14 20:51 - 2014-09-14 17:30 - 00000000 ____D () C:\FRST
2014-09-14 20:50 - 2014-09-14 19:15 - 00000000 ____D () C:\Windows\erdnt
2014-09-14 20:35 - 2014-06-17 19:30 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 20:35 - 2009-07-14 06:45 - 00034912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-14 20:35 - 2009-07-14 06:45 - 00034912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-14 20:34 - 2010-11-21 11:27 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-09-14 20:34 - 2010-11-21 11:27 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-09-14 20:34 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 20:31 - 2014-08-13 20:42 - 01586082 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 20:29 - 2014-09-14 20:29 - 00000000 ___HD () C:\Users\Adi\AppData\Roaming\Network
2014-09-14 20:28 - 2014-09-14 20:10 - 00010812 _____ () C:\zoek-results.log
2014-09-14 20:28 - 2014-06-17 19:30 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 20:28 - 2014-06-15 15:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-14 20:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 20:22 - 2014-09-14 20:08 - 00000000 ____D () C:\zoek_backup
2014-09-14 20:19 - 2014-07-13 12:04 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{542E3906-32AA-4941-A792-64D2C06A0556}
2014-09-14 20:08 - 2014-09-14 20:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-14 20:07 - 2014-09-14 20:07 - 01290240 _____ () C:\Users\Adi\Desktop\zoek.exe
2014-09-14 19:39 - 2014-09-14 19:39 - 00048369 _____ () C:\ComboFix.txt
2014-09-14 19:39 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-14 19:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-14 19:27 - 2009-07-14 04:34 - 71704576 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-14 19:27 - 2009-07-14 04:34 - 14155776 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-14 19:27 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-14 19:27 - 2009-07-14 04:34 - 00028672 _____ () C:\Windows\system32\config\SAM.bak
2014-09-14 19:27 - 2009-07-14 04:34 - 00024576 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-14 19:24 - 2014-06-15 18:58 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Adobe
2014-09-14 19:22 - 2014-06-16 21:08 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-14 19:09 - 2014-09-14 19:09 - 00002604 _____ () C:\Users\Adi\Desktop\Rkill.txt
2014-09-14 19:06 - 2014-09-14 19:07 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Adi\Desktop\rkill.com
2014-09-14 19:04 - 2014-06-15 15:37 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-09-14 19:03 - 2014-09-14 19:03 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-14 19:03 - 2014-08-02 08:00 - 00003794 _____ () C:\Windows\System32\Tasks\AutoPico Daily Restart
2014-09-14 19:03 - 2014-06-17 19:30 - 00003952 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-14 19:03 - 2014-06-17 19:30 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-14 19:03 - 2014-06-15 20:25 - 00003156 _____ () C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2014-09-14 19:03 - 2014-06-15 20:23 - 00003160 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update
2014-09-14 18:01 - 2014-09-14 18:01 - 00015327 _____ () C:\Users\Adi\Desktop\LM.bat
2014-09-14 17:03 - 2014-09-14 17:29 - 00112640 _____ (forum.viry.cz) C:\Users\Adi\Desktop\FRSTLauncher.exe
2014-09-14 17:02 - 2014-09-14 17:04 - 02105856 _____ (Farbar) C:\Users\Adi\Desktop\FRST64.exe
2014-09-14 14:48 - 2014-06-22 19:13 - 71704576 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-14 14:48 - 2014-06-22 19:13 - 43950080 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-09-14 14:48 - 2014-06-22 19:13 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-14 14:48 - 2014-06-22 19:13 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-14 14:48 - 2014-06-22 19:13 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-14 14:48 - 2014-06-15 15:15 - 00000000 ____D () C:\Users\Adi
2014-09-14 14:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-14 12:51 - 2014-06-16 01:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-14 12:34 - 2014-09-14 12:34 - 00941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-09-14 12:34 - 2014-09-14 12:34 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-09-14 12:34 - 2014-06-15 15:47 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-09-14 12:10 - 2014-06-15 16:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 22:16 - 2014-07-22 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-09-13 13:51 - 2014-09-13 13:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 22:47 - 2014-08-02 08:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 22:46 - 2014-08-02 08:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-10 23:25 - 2014-06-15 15:27 - 01559268 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 23:24 - 2014-06-15 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 23:24 - 2014-06-15 16:30 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 23:24 - 2014-06-15 16:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-10 23:24 - 2014-06-15 16:29 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 23:24 - 2014-06-15 16:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-10 23:18 - 2014-06-15 19:13 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 23:17 - 2014-06-15 19:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 22:41 - 2014-06-17 19:32 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-06 13:40 - 2009-07-14 07:08 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-05 04:10 - 2014-09-10 14:12 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 14:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-31 10:39 - 2014-06-15 19:53 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-08-28 17:02 - 2009-07-14 06:45 - 00435512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 16:39 - 2014-08-27 16:39 - 00001053 _____ () C:\Users\Adi\Desktop\Notepad++.lnk
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-08-27 16:39 - 2014-08-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-23 04:07 - 2014-08-27 21:33 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:33 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:33 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 20:05 - 2014-09-10 23:28 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-10 23:28 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 19:22 - 2014-06-15 15:37 - 00002850 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Adi)
2014-08-19 15:50 - 2014-08-19 15:50 - 00001030 _____ () C:\Users\Adi\Desktop\age3y – zástupce.lnk
2014-08-19 01:01 - 2014-09-10 23:28 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-10 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-10 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-10 23:28 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-10 23:28 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-10 23:28 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-10 23:28 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-10 23:28 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-10 23:28 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-10 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-10 23:28 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-10 23:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-10 23:28 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-10 23:28 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-10 23:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-10 23:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-10 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-10 23:28 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-10 23:28 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-10 23:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-10 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-10 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-10 23:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-10 23:28 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-10 23:28 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-10 23:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-10 23:28 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-10 23:28 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-10 23:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-10 23:28 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-10 23:28 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-10 23:28 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-10 23:28 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-10 23:28 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-10 23:28 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-10 23:28 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-10 23:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-10 23:28 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-10 23:28 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-10 23:28 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-10 23:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-10 23:28 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-10 23:28 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-10 23:28 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-10 23:28 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-10 23:28 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-10 23:28 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-10 23:28 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-18 21:30 - 2014-07-04 14:35 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-18 21:28 - 2014-06-27 14:49 - 00000000 ____D () C:\Users\Adi\Documents\My Games
2014-08-17 23:33 - 2014-08-17 23:33 - 00000000 ____D () C:\Users\Adi\AppData\Local\Adobe
2014-08-17 23:15 - 2014-08-17 23:15 - 00000518 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-08-17 23:15 - 2014-08-17 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-17 22:29 - 2014-07-14 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2014-08-17 12:38 - 2014-06-15 16:35 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-17 12:38 - 2014-06-15 16:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 21:43 - 2014-06-15 15:37 - 00000000 ____D () C:\Users\Adi\AppData\Roaming\IObit

Files to move or delete:
====================
C:\Users\Adi\IP_Log_Data.js
C:\Users\Adi\Network_Meter_Data.js


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-14 14:01

==================== End Of Log ============================

[Ondrys66]

Takze podle toho logu,je ten soubor zpet mcxsvc.exe,i kdyz jej combofix,vymazal. Slozka v appdata\roaming\user je taky zpatky.
Sice to chybu nehaze ,ale nevim?


Prave ted vyskocilo zase chybove okno.