prosím o mrknutí

Zpráva

ondrejs · #1 Příspěvek od **ondrejs** » 20 pro 2014 15:45

Taky jsem už něco nachytal.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by oletadelku (administrator) on OLETADELKU-PC on 20-12-2014 15:32:25
Running from C:\Users\oletadelku\Desktop
Loaded Profile: oletadelku (Available profiles: OEM & oletadelku)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
() C:\ProgramData\ASGvis\Dongle Utilities\startvrlservice.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Gaijin Entertainment) C:\Program Files (x86)\WarThunder\launcher.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(forum.viry.cz) C:\Users\oletadelku\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2014-03-04] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-04-23] (Analog Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [uTorrent] => C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\RunOnce: [Adobe Speed Launcher] => 1419084337
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\MountPoints2: {884d6d15-7e96-11e3-9b04-806e6f6e6963} - D:\install.exe
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\MountPoints2: {e2ee61ba-b338-11e3-bb05-b8ac6f4b3c43} - F:\Setup.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: S-Foxer - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} [2014-11-26]
FF Extension: Adblock Plus - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-23]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] ()
R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-11-13] (Robert McNeel & Associates)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2513752 2014-03-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [1908520 2007-09-07] (Wacom Technology, Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 VRLService; C:\ProgramData\ASGvis\Dongle Utilities\startvrlservice.exe [209408 2013-12-07] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2014-08-21] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2014-08-21] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2014-08-21] (BitDefender)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2014-07-10] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2014-07-10] (BitDefender LLC)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-03-25] (DT Soft Ltd)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-07-10] (BitDefender LLC)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 15:32 - 2014-12-20 15:33 - 00013372 _____ () C:\Users\oletadelku\Desktop\FRST.txt
2014-12-20 15:32 - 2014-12-20 15:32 - 00000000 ____D () C:\FRST
2014-12-20 15:31 - 2014-12-20 15:31 - 00112640 _____ (forum.viry.cz) C:\Users\oletadelku\Desktop\FRSTLauncher.exe
2014-12-20 15:30 - 2014-12-20 15:30 - 02122240 _____ (Farbar) C:\Users\oletadelku\Desktop\FRST64.exe
2014-12-20 15:11 - 2014-12-20 15:15 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-12-20 15:11 - 2014-12-20 15:11 - 00001105 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-12-20 15:11 - 2014-12-20 15:11 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-12-20 15:08 - 2014-12-20 15:10 - 04700448 _____ (Gaijin Entertainment ) C:\Users\oletadelku\Downloads\wt_launcher_1.0.1.467.exe
2014-12-19 15:11 - 2014-12-19 15:11 - 02891074 _____ () C:\Users\oletadelku\Downloads\2pudorysy.3dm
2014-12-19 11:14 - 2014-12-19 11:14 - 01582167 _____ () C:\Users\oletadelku\Downloads\frani_sramka_20141202.dwg
2014-12-15 15:24 - 2014-12-15 15:31 - 00001177 _____ () C:\Users\oletadelku\Desktop\plot.log
2014-12-15 14:59 - 2014-12-15 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-15 14:43 - 2014-12-15 16:23 - 00164942 _____ () C:\Users\oletadelku\Desktop\kuchyne.dwg
2014-12-15 14:43 - 2014-12-15 14:43 - 00105629 _____ () C:\Users\oletadelku\Desktop\kuchyne.bak
2014-12-14 20:51 - 2014-12-15 17:58 - 00000000 ____D () C:\Users\oletadelku\Desktop\šrámci_interier
2014-12-14 20:46 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\oletadelku\Downloads\adwcleaner_4.105.exe
2014-12-14 20:45 - 2014-12-14 20:46 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-14 20:38 - 2014-12-14 20:38 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Lavasoft
2014-12-14 20:36 - 2014-12-14 20:49 - 00001372 _____ () C:\Windows\PFRO.log
2014-12-14 20:36 - 2014-12-14 20:36 - 00000000 ____D () C:\WTablet
2014-12-14 20:26 - 2014-12-14 20:26 - 00000000 ____D () C:\ProgramData\BitDefender
2014-12-14 20:17 - 2014-12-20 15:06 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-12-14 20:17 - 2014-12-14 20:17 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 20:17 - 2014-12-14 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-12-14 20:17 - 2014-07-10 14:09 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2014-12-14 20:16 - 2014-12-20 15:04 - 00000691 _____ () C:\Windows\setupact.log
2014-12-14 20:16 - 2014-12-14 20:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-12-14 20:16 - 2014-12-14 20:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-14 20:15 - 2014-12-14 20:15 - 00000000 ____D () C:\Program Files\Lavasoft
2014-12-14 20:15 - 2014-12-14 20:15 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-12-14 20:14 - 2014-12-14 20:14 - 01754248 _____ () C:\Users\oletadelku\Downloads\Adaware_Installer.exe
2014-12-14 20:14 - 2014-12-14 20:14 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-12-14 20:06 - 2014-12-14 20:09 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-14 20:06 - 2014-12-14 20:06 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-14 20:06 - 2014-12-14 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-14 20:06 - 2014-12-14 20:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-14 20:05 - 2014-12-14 20:05 - 05162080 _____ (Piriform Ltd) C:\Users\oletadelku\Downloads\ccsetup500.exe
2014-12-13 16:19 - 2014-12-13 16:19 - 05116284 _____ () C:\Users\oletadelku\Downloads\Roots_and_Leaves___Tree_Brush_by_Winerla.rar
2014-12-13 15:33 - 2014-12-13 18:15 - 46183191 _____ () C:\Users\oletadelku\Downloads\model_5.3dm
2014-12-13 15:33 - 2014-12-13 15:35 - 46061284 _____ () C:\Users\oletadelku\Downloads\model_5.3dmbak
2014-12-13 13:25 - 2014-12-13 13:25 - 00000203 ____H () C:\Users\oletadelku\Downloads\dobratice_20141125.dwl2
2014-12-13 13:25 - 2014-12-13 13:25 - 00000053 ____H () C:\Users\oletadelku\Downloads\dobratice_20141125.dwl
2014-12-13 13:22 - 2014-12-13 13:22 - 00232048 _____ () C:\Users\oletadelku\Downloads\SL_03_098 (1).dwg
2014-12-12 20:32 - 2014-12-12 20:21 - 02778565 _____ () C:\Users\oletadelku\Downloads\dobratice_20141125.bak
2014-12-12 20:21 - 2014-12-12 20:32 - 02939708 _____ () C:\Users\oletadelku\Downloads\dobratice_20141125.dwg
2014-12-12 08:41 - 2014-12-12 08:41 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 01:01 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 01:01 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 01:01 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 01:01 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 01:01 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 01:01 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 01:01 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 01:01 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 01:01 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 01:01 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 23:49 - 2014-12-12 01:00 - 01633383 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1211_axonometrie_4.3dm
2014-12-11 23:49 - 2014-12-11 23:49 - 01652449 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1211_axonometrie_4.3dm.bak
2014-12-11 23:30 - 2014-12-15 16:27 - 00000000 ____D () C:\AdwCleaner
2014-12-11 23:30 - 2014-12-11 23:30 - 02166272 _____ () C:\Users\oletadelku\Desktop\adwcleaner_4.105.exe
2014-12-11 22:31 - 2014-12-11 22:31 - 00628496 _____ (CMI Limited) C:\Users\oletadelku\AppData\Local\nse7D08.tmp
2014-12-11 21:49 - 2014-12-11 21:50 - 18119856 _____ (Adobe Systems Incorporated) C:\Users\oletadelku\Downloads\install_flash_player.exe
2014-12-11 21:47 - 2014-12-11 21:47 - 00000000 ____D () C:\Windows\Sun
2014-12-11 21:43 - 2014-12-11 21:43 - 00000057 ____H () C:\Users\oletadelku\Downloads\DOBRATICE_1124_axonometrie_5.3dm.rhl
2014-12-11 21:42 - 2014-12-11 21:43 - 01479357 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1124_axonometrie_5.3dm
2014-12-11 21:42 - 2014-12-11 21:42 - 00244264 _____ () C:\Users\oletadelku\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-11 21:20 - 2014-12-11 21:20 - 00638888 _____ (Oracle Corporation) C:\Users\oletadelku\Downloads\jxpiinstall(1).exe
2014-12-11 21:19 - 2014-12-11 21:19 - 00000000 ____D () C:\Users\oletadelku\Documents\Java
2014-12-11 21:18 - 2014-12-11 21:18 - 00640392 _____ () C:\Users\oletadelku\Downloads\setup(1).exe
2014-12-11 20:13 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 20:13 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 20:13 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 20:13 - 2014-11-21 09:37 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 20:13 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 20:13 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 20:13 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 20:13 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 20:13 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 20:13 - 2014-11-21 07:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 20:13 - 2014-11-21 07:24 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 20:13 - 2014-11-21 07:05 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-11 20:13 - 2014-11-21 06:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-11 20:11 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 20:11 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 20:11 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 20:11 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 20:11 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 20:11 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 20:11 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 20:11 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 20:11 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 20:11 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 20:11 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 20:11 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 20:11 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 20:11 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-11-27 15:36 - 2014-11-27 15:36 - 04005770 _____ () C:\Users\oletadelku\Desktop\pohledB.psd
2014-11-27 15:36 - 2014-11-27 15:36 - 03842162 _____ () C:\Users\oletadelku\Desktop\pohledA.psd
2014-11-27 12:44 - 2014-11-27 15:36 - 46061284 _____ () C:\Users\oletadelku\Desktop\model_5.3dm
2014-11-27 12:44 - 2014-11-27 15:03 - 36485053 _____ () C:\Users\oletadelku\Desktop\model_5.3dmbak
2014-11-27 12:26 - 2014-11-27 12:26 - 00364170 _____ () C:\Users\oletadelku\Downloads\golden-maple.zip
2014-11-27 12:26 - 2014-11-27 12:26 - 00000000 ____D () C:\Users\oletadelku\Downloads\golden-maple
2014-11-27 12:26 - 2014-11-27 12:26 - 00000000 ____D () C:\Users\oletadelku\Desktop\golde
2014-11-27 12:24 - 2014-11-27 12:24 - 00000000 ____D () C:\Users\oletadelku\Desktop\plywood
2014-11-27 12:24 - 2010-02-25 18:30 - 00000000 ____D () C:\Users\oletadelku\Desktop\Veneer-Betulla
2014-11-27 12:20 - 2014-11-27 12:20 - 01417542 _____ () C:\Users\oletadelku\Downloads\plywood-light.zip
2014-11-27 12:19 - 2014-11-27 12:19 - 00816320 _____ () C:\Users\oletadelku\Downloads\veneer-betulla.zip
2014-11-27 11:26 - 2014-11-27 11:43 - 33826037 _____ () C:\Users\oletadelku\Desktop\model_4.3dm.bak
2014-11-27 11:12 - 2014-11-27 11:12 - 81365999 _____ () C:\Users\oletadelku\Desktop\3D FM model_5.3dm
2014-11-27 10:58 - 2014-11-27 10:59 - 82927139 _____ () C:\Users\oletadelku\Desktop\3D FM model_4.3dmbak
2014-11-27 10:54 - 2014-12-19 14:30 - 00000000 ____D () C:\Users\oletadelku\Desktop\Interiér RD Fráni Šrámka Idea.pdf - Disk Google_soubory
2014-11-27 10:54 - 2014-11-27 10:54 - 00037591 _____ () C:\Users\oletadelku\Desktop\Interiér RD Fráni Šrámka Idea.pdf - Disk Google.htm
2014-11-27 10:36 - 2014-11-27 10:36 - 00000000 ____D () C:\Users\oletadelku\Documents\WB Games
2014-11-27 10:36 - 2014-11-27 10:36 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\SKIDROW
2014-11-27 10:22 - 2014-11-27 09:23 - 67693288 _____ () C:\Users\oletadelku\Desktop\3D FM model.3dm
2014-11-26 23:10 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-11-26 23:10 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-11-26 23:10 - 2014-11-26 23:10 - 00000000 ____D () C:\Program Files\Application Verifier
2014-11-26 23:10 - 2014-11-26 23:10 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-11-26 23:10 - 2014-11-26 23:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-11-26 23:10 - 2014-11-26 23:10 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-11-26 22:56 - 2014-11-26 22:56 - 00991536 _____ (Microsoft Corporation) C:\Users\oletadelku\Downloads\sdksetup.exe
2014-11-26 21:59 - 2014-11-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (April 2007)
2014-11-26 21:59 - 2007-03-15 16:57 - 00555880 _____ (Microsoft Corporation) C:\Windows\system32\D3DX10d_33.dll
2014-11-26 21:59 - 2007-03-15 16:57 - 00485736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX10d_33.dll
2014-11-26 21:59 - 2007-03-05 12:41 - 01267472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8d.dll
2014-11-26 21:59 - 2007-03-05 12:40 - 01426736 _____ (Microsoft Corporation) C:\Windows\system32\d3d10d.dll
2014-11-26 21:59 - 2007-03-05 12:40 - 01160496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10d.dll
2014-11-26 21:58 - 2014-11-26 21:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft DirectX SDK (April 2007)
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\WebTest
2014-11-26 21:57 - 2014-11-26 21:58 - 01269840 _____ () C:\Users\oletadelku\Downloads\frani_sramka_20140926.dwg
2014-11-26 21:05 - 2014-11-26 21:05 - 00371016 _____ () C:\Users\oletadelku\Downloads\SoftonicDownloader_for_directx.exe
2014-11-26 20:22 - 2014-11-26 20:22 - 00001369 _____ () C:\Users\Public\Desktop\Middle-earth. Shadow of Mordor.lnk
2014-11-26 20:22 - 2014-11-26 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle-earth. Shadow of Mordor
2014-11-26 20:17 - 2014-11-26 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010)
2014-11-26 20:17 - 2010-06-02 13:23 - 04830552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9d_33.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 03795800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9d_33.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 02947416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9d.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 02719064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9d.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 02686808 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 02261336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3dx9d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 01931608 _____ (Microsoft Corporation) C:\Windows\system32\D3DCSXd_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 01883992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCSXd_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00964440 _____ (Microsoft Corporation) C:\Windows\system32\XAudioD2_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00954200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudioD2_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00568664 _____ (Microsoft Corporation) C:\Windows\system32\D3DX10d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00514392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX10d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00435032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineA3_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineA3_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00349528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineD3_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineD3_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00308056 _____ (Microsoft Corporation) C:\Windows\system32\D3DX11d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00268120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX11d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00139608 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFXD1_5.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00131928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFXD1_5.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00053080 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudioD1_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00045400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudioD1_7.dll
2014-11-26 20:15 - 2014-11-26 20:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
2014-11-26 19:14 - 2014-11-26 19:38 - 599452800 _____ (Microsoft Corporation) C:\Users\oletadelku\Downloads\DXSDK_Jun10.exe
2014-11-26 19:10 - 2014-11-26 20:22 - 00000000 ____D () C:\Program Files (x86)\Middle-earth. Shadow of Mordor
2014-11-26 18:04 - 2014-11-26 18:04 - 00397862 _____ () C:\Users\oletadelku\Downloads\Beckett_Molloy.txt
2014-11-26 15:54 - 2014-11-26 15:55 - 03943987 _____ () C:\Users\oletadelku\Downloads\Deus-Ex-Human-Revolution----čeština.zip
2014-11-26 15:39 - 2014-11-26 15:46 - 216521408 _____ (NVIDIA Corporation) C:\Users\oletadelku\Downloads\341.05-quadro-grid-desktop-notebook-win8-win7-64bit-international-whql.exe
2014-11-26 14:31 - 2014-12-13 16:19 - 00000000 ____D () C:\jamor
2014-11-25 14:42 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-25 14:37 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-25 14:37 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-25 14:37 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-25 14:37 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-25 14:37 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-25 14:37 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-25 14:37 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-25 14:37 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-25 14:37 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-25 14:37 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-25 14:37 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-25 14:37 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-25 14:37 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-25 14:37 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-25 14:37 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-25 14:37 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-25 14:37 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-25 14:37 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-25 14:37 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-25 14:37 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-25 14:37 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-25 14:37 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-25 14:37 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-25 14:37 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-25 14:37 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-25 14:37 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-25 14:37 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-25 14:28 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-25 14:28 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-25 14:28 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-25 14:28 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-25 14:28 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-25 14:28 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-25 14:28 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-25 14:16 - 2014-11-25 14:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-11-25 14:16 - 2014-11-25 14:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-11-25 13:55 - 2014-11-26 13:48 - 00000000 ____D () C:\Users\oletadelku\Downloads\Middle-earth. Shadow of Mordor_RePack by SEYTER
2014-11-25 13:55 - 2013-06-27 10:59 - 00000000 ____D () C:\Users\oletadelku\Downloads\firefox
2014-11-25 13:54 - 2014-12-20 15:31 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\uTorrent
2014-11-25 13:54 - 2014-11-25 13:54 - 01936208 _____ (BitTorrent Inc.) C:\Users\oletadelku\Downloads\uTorrent.exe
2014-11-25 13:54 - 2014-11-25 13:54 - 00000841 _____ () C:\Users\oletadelku\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-11-25 13:53 - 2014-11-25 13:53 - 00733344 _____ () C:\Users\oletadelku\Downloads\utorrent-lista-centrumcz.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 15:33 - 2014-06-30 17:03 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Skype
2014-12-20 15:26 - 2014-01-13 10:01 - 01825441 _____ () C:\Windows\WindowsUpdate.log
2014-12-20 15:13 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-20 15:13 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-20 15:11 - 2014-03-24 16:18 - 00000000 ____D () C:\Users\oletadelku\Documents\My Games
2014-12-20 15:10 - 2014-01-13 18:56 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-12-20 15:10 - 2014-01-13 18:56 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-12-20 15:10 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 15:09 - 2014-04-14 06:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-20 15:06 - 2014-09-11 11:02 - 00000000 ___RD () C:\Users\oletadelku\Disk Google
2014-12-20 15:05 - 2014-10-01 17:12 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\WTablet
2014-12-20 15:05 - 2014-09-11 10:44 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-20 15:04 - 2014-01-14 06:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-20 15:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 14:56 - 2014-09-11 10:44 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 11:57 - 2014-04-23 17:27 - 00000000 ____D () C:\Users\oletadelku\Desktop\frani sramka
2014-12-19 11:14 - 2014-06-04 10:35 - 00651395 _____ () C:\Windows\system32\webservice4.log
2014-12-19 11:14 - 2014-03-24 18:14 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\cache
2014-12-19 10:58 - 2014-04-14 06:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-15 17:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 21:06 - 2014-06-24 10:41 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-12-14 20:51 - 2014-03-25 09:33 - 00022935 _____ () C:\Users\oletadelku\rgmnr
2014-12-14 20:37 - 2014-08-27 19:24 - 00000000 ____D () C:\Users\oletadelku\Desktop\Dobratice
2014-12-14 20:32 - 2014-04-23 17:27 - 00000000 ____D () C:\Users\oletadelku\Desktop\tisnov
2014-12-14 20:25 - 2014-05-28 19:52 - 00000000 ____D () C:\Users\oletadelku\Desktop\baru port
2014-12-14 20:09 - 2014-04-23 22:54 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-12-14 20:09 - 2014-03-24 11:47 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\DAEMON Tools Lite
2014-12-14 20:09 - 2014-01-13 18:57 - 00000000 ____D () C:\Windows\Panther
2014-12-13 14:17 - 2014-07-17 12:53 - 00002632 _____ () C:\Users\oletadelku\Downloads\plot.log
2014-12-12 08:41 - 2014-05-18 17:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 08:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 01:03 - 2014-01-14 06:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 01:02 - 2014-01-14 06:50 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 23:34 - 2014-10-10 13:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-11 23:34 - 2014-06-30 17:02 - 00000000 ____D () C:\ProgramData\Skype
2014-12-11 22:09 - 2014-04-14 06:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 22:09 - 2014-04-14 06:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 22:09 - 2014-04-14 06:50 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 21:47 - 2014-08-27 23:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-11 21:42 - 2014-08-27 23:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-11 21:42 - 2014-08-27 23:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-11 20:14 - 2014-04-25 11:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-28 00:08 - 2014-03-24 12:38 - 00000000 ____D () C:\ProgramData\ASGvis
2014-11-26 23:10 - 2014-11-02 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-26 21:59 - 2014-04-15 11:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-26 19:51 - 2014-06-11 19:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-26 18:16 - 2014-06-11 19:46 - 00000000 ____D () C:\ProgramData\Origin
2014-11-26 16:02 - 2014-04-14 16:24 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\dxhr
2014-11-26 03:28 - 2009-07-14 05:45 - 05046792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 14:17 - 2014-09-11 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-25 13:54 - 2014-09-12 12:07 - 00384529 _____ () C:\Users\oletadelku\Downloads\Lista_centrum.exe
2014-11-25 13:50 - 2014-09-11 10:44 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-25 13:50 - 2014-09-11 10:44 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\OEM\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\oletadelku\AppData\Local\Temp\sfamcc00001.dll
C:\Users\oletadelku\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\oletadelku\Desktop" je 25547 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Márty84** » 20 pro 2014 17:03

Zdravim

Odinstaloval bych Ad-Aware Antivirus

ondrejs píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\oletadelku\Desktop" je 25547 MB.

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

ondrejs · #3 Příspěvek od **ondrejs** » 23 pro 2014 18:02

Děkuju, antivir smazán, plocha pročištěna.

Zde log:

# AdwCleaner v4.106 - Report created 23/12/2014 at 17:58:39
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : oletadelku - OLETADELKU-PC
# Running from : C:\Users\oletadelku\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

-\\ Mozilla Firefox v34.0.5 (x86 cs)

*************************

AdwCleaner[R0].txt - [1769 octets] - [11/12/2014 23:30:34]
AdwCleaner[R1].txt - [945 octets] - [14/12/2014 20:46:10]
AdwCleaner[R2].txt - [1064 octets] - [15/12/2014 16:26:48]
AdwCleaner[R3].txt - [1124 octets] - [20/12/2014 16:50:08]
AdwCleaner[R4].txt - [1183 octets] - [23/12/2014 17:57:23]
AdwCleaner[S0].txt - [1776 octets] - [11/12/2014 23:31:35]
AdwCleaner[S1].txt - [1007 octets] - [14/12/2014 20:47:31]
AdwCleaner[S2].txt - [1107 octets] - [23/12/2014 17:58:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1167 octets] ##########

#4 Příspěvek od **Márty84** » 23 pro 2014 18:46

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

ondrejs · #5 Příspěvek od **ondrejs** » 23 pro 2014 20:51

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.12.2014
Čas skenování: 20:04:33
Protokol: log_mbam.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.23.07
Databáze rootkitů: v2014.12.23.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: oletadelku

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 633314
Uplynulý čas: 44 min, 48 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 2
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\bitstreams, , [fb48fa6cd5a70f270e285bcba3606997],

Soubory: 17
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll, , [95ae085ee29a86b0cca3eb8c857de41c],
PUP.Optional.Softonic, C:\Users\oletadelku\Downloads\SoftonicDownloader_for_directx.exe, , [d86b81e5403c211510a0005a89770af6],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll, , [f54e2f371864191ddc94086ff1114fb1],
Trojan.Agent.CK, C:\Program Files\Autodesk\AutoCAD 2014\xf-adsk64.exe, , [bd860066fe7e6ec817b96548b44eb24e],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\diablo130302.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\diakgcn121016.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\libcurl-4.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\libeay32.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\libidn-11.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\librtmp.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\libssh2.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\phatk121016.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\poclbm130302.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\scrypt130511.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\ssleay32.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\zlib1.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [fb48fa6cd5a70f270e285bcba3606997],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#6 Příspěvek od **Márty84** » 23 pro 2014 22:13

Nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

ondrejs · #7 Příspěvek od **ondrejs** » 23 pro 2014 23:45

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.12.2014
Čas skenování: 22:29:43
Protokol:
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.23.07
Databáze rootkitů: v2014.12.23.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: oletadelku

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 641114
Uplynulý čas: 48 min, 28 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#8 Příspěvek od **Márty84** » 24 pro 2014 08:40

MBAM muzete odinstalovat.

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ondrejs · #9 Příspěvek od **ondrejs** » 24 pro 2014 13:51

ComboFix 14-12-23.01 - oletadelku 24.12.2014 12:31:53.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.12286.10036 [GMT 1:00]
Spuštěný z: c:\users\oletadelku\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_ctypes.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_elementtree.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_hashlib.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_multiprocessing.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_socket.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_ssl.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\hashobjs_ext.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\pyexpat.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\pysqlite2._sqlite.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\python27.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\pythoncom27.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\PyWinTypes27.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\select.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\unicodedata.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32api.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32com.shell.shell.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32crypt.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32event.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32file.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32gui.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32inet.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32pdh.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32pipe.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32process.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32profile.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32security.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32ts.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\windows._lib_cacheinvalidation.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._animate.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._controls_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._core_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._gdi_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._html2.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._misc_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._windows_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._wizard.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxbase294u_net_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxbase294u_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxmsw294u_adv_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxmsw294u_core_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxmsw294u_html_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxmsw294u_webview_vc90.dll
c:\users\oletadelku\AppData\Local\nse7D08.tmp
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_ctypes.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_elementtree.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_hashlib.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_multiprocessing.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_socket.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_ssl.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\hashobjs_ext.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\pyexpat.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\pysqlite2._sqlite.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\python27.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\pythoncom27.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\PyWinTypes27.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\select.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\unicodedata.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32api.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32com.shell.shell.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32crypt.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32event.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32file.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32gui.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32inet.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32pdh.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32pipe.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32process.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32profile.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32security.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32ts.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\windows._lib_cacheinvalidation.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._animate.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._controls_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._core_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._gdi_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._html2.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._misc_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._windows_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._wizard.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxbase294u_net_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxbase294u_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxmsw294u_adv_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxmsw294u_core_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxmsw294u_html_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxmsw294u_webview_vc90.dll
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-24 do 2014-12-24 )))))))))))))))))))))))))))))))
.
.
2014-12-24 12:22 . 2014-12-24 12:22 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3BE0A9A-F629-47AF-954A-96500AF8686E}\offreg.dll
2014-12-23 19:03 . 2014-12-23 19:03 -------- d-----w- c:\programdata\Malwarebytes
2014-12-23 10:42 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3BE0A9A-F629-47AF-954A-96500AF8686E}\mpengine.dll
2014-12-23 09:11 . 2014-12-23 10:16 -------- d-----w- c:\windows\SysWow64\.launcher_log
2014-12-20 14:32 . 2014-12-23 16:54 -------- d-----w- C:\FRST
2014-12-20 14:11 . 2014-12-23 10:58 -------- d-----w- c:\program files (x86)\WarThunder
2014-12-14 19:36 . 2014-12-14 19:36 -------- d-----w- C:\WTablet
2014-12-14 19:17 . 2014-12-23 16:44 -------- d-----w- c:\users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 19:06 . 2014-12-14 19:06 -------- d-----w- c:\program files\CCleaner
2014-12-12 07:41 . 2014-12-12 07:41 -------- d-----w- c:\windows\system32\appraiser
2014-12-12 00:01 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-12 00:01 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-12 00:01 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-12 00:01 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-12 00:01 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-12 00:01 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-12 00:01 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-12 00:01 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-12 00:01 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-12 00:01 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-11 22:30 . 2014-12-23 16:58 -------- d-----w- C:\AdwCleaner
2014-12-11 20:47 . 2014-12-11 20:47 -------- d-----w- c:\windows\Sun
2014-12-11 20:42 . 2014-12-11 20:42 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-12-11 19:11 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-03 06:31 . 2014-12-03 06:31 227048 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-11-27 09:36 . 2014-11-27 09:36 -------- d-----w- c:\users\oletadelku\AppData\Local\SKIDROW
2014-11-26 22:10 . 2014-11-26 22:11 -------- d-----w- c:\programdata\Windows App Certification Kit
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files\Application Verifier
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Application Verifier
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Windows Kits
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2014-11-26 20:59 . 2007-03-15 15:57 555880 ----a-w- c:\windows\system32\D3DX10d_33.dll
2014-11-26 20:59 . 2007-03-05 11:40 1426736 ----a-w- c:\windows\system32\d3d10d.dll
2014-11-26 20:59 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Common Files\aliaswavefront shared
2014-11-26 20:59 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Common Files\Alias Shared
2014-11-26 20:59 . 2007-03-15 15:57 485736 ----a-w- c:\windows\SysWow64\D3DX10d_33.dll
2014-11-26 20:59 . 2007-03-05 11:41 1267472 ----a-w- c:\windows\SysWow64\d3d8d.dll
2014-11-26 20:59 . 2007-03-05 11:40 1160496 ----a-w- c:\windows\SysWow64\d3d10d.dll
2014-11-26 20:58 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Microsoft DirectX SDK (April 2007)
2014-11-26 20:58 . 2014-11-26 20:58 -------- d-----w- c:\users\oletadelku\AppData\Roaming\WebTest
2014-11-26 18:10 . 2014-11-26 19:22 -------- d-----w- c:\program files (x86)\Middle-earth. Shadow of Mordor
2014-11-26 13:31 . 2014-12-23 16:51 -------- d-----w- C:\jamor
2014-11-25 13:42 . 2014-09-19 09:42 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-11-25 13:42 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-25 13:42 . 2014-09-19 09:42 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-11-25 13:42 . 2014-09-19 09:42 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-11-25 13:42 . 2014-09-19 09:23 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-11-25 13:42 . 2014-09-19 09:23 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-11-25 13:42 . 2014-09-19 09:23 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-11-25 13:42 . 2014-09-19 09:42 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-11-25 13:42 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-25 13:42 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-25 13:42 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-25 13:42 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-25 13:28 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-25 13:28 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-25 13:28 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-25 13:28 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-25 13:28 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-25 13:28 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-25 13:28 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-25 13:16 . 2014-11-25 13:16 -------- d-----w- c:\users\Default\AppData\Local\Google
2014-11-25 12:54 . 2014-12-24 12:47 -------- d-----w- c:\users\oletadelku\AppData\Roaming\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-12 00:02 . 2014-01-14 05:50 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-11 21:09 . 2014-04-14 05:50 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 21:09 . 2014-04-14 05:50 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 20:42 . 2014-08-27 22:17 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-30 02:03 . 2014-12-11 19:11 165888 ----a-w- c:\windows\system32\charmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-11-27 30524520]
"uTorrent"="c:\users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe" [2014-11-25 1385808]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"="1419425241" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-04-23 1314816]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2014-4-25 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 McNeelUpdate;McNeel Update Service 5.0;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [x]
S2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe;c:\windows\SYSNATIVE\Wacom_Tablet.exe [x]
S2 VRLService;VRLService;c:\progra~3\ASGvis\DONGLE~1\STARTV~1.EXE;c:\progra~3\ASGvis\DONGLE~1\STARTV~1.EXE [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14 21:09]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 09:44]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 09:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2014-03-04 2728736]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\
.
.
------- Asociace souborů -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Celkový čas: 2014-12-24 13:49:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-24 12:49
.
Před spuštěním: Volných bajtů: 52 529 250 304
Po spuštění: Volných bajtů: 49 341 599 744
.
- - End Of File - - 81B0524BB0F3BDAE0455956BE297F366
A36C5E4F47E84449FF07ED3517B43A31

#10 Příspěvek od **Márty84** » 24 pro 2014 14:02

Vypnete trvale Windows Defender

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"GoogleDriveSync"=-
"Skype"=-
"uTorrent"=-
"CCleaner Monitoring"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"Adobe ARM"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate
SwitchBoard

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Nainstalujte nejaky free antivir. Za sebe doporucuji Avast free, pouzivam jej uz radu let.

ondrejs · #11 Příspěvek od **ondrejs** » 24 pro 2014 14:30

ComboFix 14-12-23.01 - oletadelku 24.12.2014 14:17:57.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.12286.10022 [GMT 1:00]
Spuštěný z: c:\users\oletadelku\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\oletadelku\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_SwitchBoard
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-24 do 2014-12-24 )))))))))))))))))))))))))))))))
.
.
2014-12-24 13:20 . 2014-12-24 13:20 -------- d-----w- c:\users\OEM\AppData\Local\temp
2014-12-23 19:03 . 2014-12-23 19:03 -------- d-----w- c:\programdata\Malwarebytes
2014-12-23 10:42 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3BE0A9A-F629-47AF-954A-96500AF8686E}\mpengine.dll
2014-12-23 09:11 . 2014-12-23 10:16 -------- d-----w- c:\windows\SysWow64\.launcher_log
2014-12-20 14:32 . 2014-12-23 16:54 -------- d-----w- C:\FRST
2014-12-20 14:11 . 2014-12-23 10:58 -------- d-----w- c:\program files (x86)\WarThunder
2014-12-14 19:36 . 2014-12-14 19:36 -------- d-----w- C:\WTablet
2014-12-14 19:17 . 2014-12-23 16:44 -------- d-----w- c:\users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 19:06 . 2014-12-14 19:06 -------- d-----w- c:\program files\CCleaner
2014-12-12 07:41 . 2014-12-12 07:41 -------- d-----w- c:\windows\system32\appraiser
2014-12-12 00:01 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-12 00:01 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-12 00:01 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-12 00:01 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-12 00:01 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-12 00:01 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-12 00:01 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-12 00:01 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-12 00:01 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-12 00:01 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-11 22:30 . 2014-12-23 16:58 -------- d-----w- C:\AdwCleaner
2014-12-11 20:47 . 2014-12-11 20:47 -------- d-----w- c:\windows\Sun
2014-12-11 20:42 . 2014-12-11 20:42 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-12-11 19:11 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-03 06:31 . 2014-12-03 06:31 227048 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-11-27 09:36 . 2014-11-27 09:36 -------- d-----w- c:\users\oletadelku\AppData\Local\SKIDROW
2014-11-26 22:10 . 2014-11-26 22:11 -------- d-----w- c:\programdata\Windows App Certification Kit
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files\Application Verifier
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Application Verifier
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Windows Kits
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2014-11-26 20:59 . 2007-03-15 15:57 555880 ----a-w- c:\windows\system32\D3DX10d_33.dll
2014-11-26 20:59 . 2007-03-05 11:40 1426736 ----a-w- c:\windows\system32\d3d10d.dll
2014-11-26 20:59 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Common Files\aliaswavefront shared
2014-11-26 20:59 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Common Files\Alias Shared
2014-11-26 20:59 . 2007-03-15 15:57 485736 ----a-w- c:\windows\SysWow64\D3DX10d_33.dll
2014-11-26 20:59 . 2007-03-05 11:41 1267472 ----a-w- c:\windows\SysWow64\d3d8d.dll
2014-11-26 20:59 . 2007-03-05 11:40 1160496 ----a-w- c:\windows\SysWow64\d3d10d.dll
2014-11-26 20:58 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Microsoft DirectX SDK (April 2007)
2014-11-26 20:58 . 2014-11-26 20:58 -------- d-----w- c:\users\oletadelku\AppData\Roaming\WebTest
2014-11-26 18:10 . 2014-11-26 19:22 -------- d-----w- c:\program files (x86)\Middle-earth. Shadow of Mordor
2014-11-26 13:31 . 2014-12-23 16:51 -------- d-----w- C:\jamor
2014-11-25 13:42 . 2014-09-19 09:42 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-11-25 13:42 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-25 13:42 . 2014-09-19 09:42 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-11-25 13:42 . 2014-09-19 09:42 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-11-25 13:42 . 2014-09-19 09:23 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-11-25 13:42 . 2014-09-19 09:23 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-11-25 13:42 . 2014-09-19 09:23 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-11-25 13:42 . 2014-09-19 09:42 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-11-25 13:42 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-25 13:42 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-25 13:42 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-25 13:42 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-25 13:28 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-25 13:28 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-25 13:28 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-25 13:28 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-25 13:28 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-25 13:28 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-25 13:28 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-25 13:16 . 2014-11-25 13:16 -------- d-----w- c:\users\Default\AppData\Local\Google
2014-11-25 12:54 . 2014-12-24 13:12 -------- d-----w- c:\users\oletadelku\AppData\Roaming\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-12 00:02 . 2014-01-14 05:50 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-11 21:09 . 2014-04-14 05:50 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 21:09 . 2014-04-14 05:50 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 20:42 . 2014-08-27 22:17 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-30 02:03 . 2014-12-11 19:11 165888 ----a-w- c:\windows\system32\charmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-04-23 1314816]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2014-4-25 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 McNeelUpdate;McNeel Update Service 5.0;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [x]
S2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe;c:\windows\SYSNATIVE\Wacom_Tablet.exe [x]
S2 VRLService;VRLService;c:\progra~3\ASGvis\DONGLE~1\STARTV~1.EXE;c:\progra~3\ASGvis\DONGLE~1\STARTV~1.EXE [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14 21:09]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 09:44]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 09:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2014-03-04 2728736]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Celkový čas: 2014-12-24 14:25:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-24 13:25
ComboFix2.txt 2014-12-24 12:49
.
Před spuštěním: Volných bajtů: 49 406 836 736
Po spuštění: Volných bajtů: 49 085 005 824
.
- - End Of File - - D91F250942B23A7B3712CDB41A1299A3
A36C5E4F47E84449FF07ED3517B43A31

Pár let už antivir nepoužívám, na PC ani notebooku, ale po tédle zkušenosti začnu. Díky za tip na avast.

#12 Příspěvek od **Márty84** » 24 pro 2014 16:37

No jo, antivir sice neni vselek, ale pred necim ochranit umi a kdyz uz se neco chytne, aspon mirni nasledky

Dejte novy log z FRST

ondrejs · #13 Příspěvek od **ondrejs** » 31 pro 2014 12:17

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by oletadelku (administrator) on OLETADELKU-PC on 31-12-2014 12:15:49
Running from C:\Users\oletadelku\Desktop
Loaded Profile: oletadelku (Available profiles: OEM & oletadelku)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
() C:\ProgramData\ASGvis\Dongle Utilities\startvrlservice.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(BitTorrent Inc.) C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\AutoCAD 2014\acad.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Autodesk, Inc.) C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\AutoCAD 2014\AdExchange\AcBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2014-03-04] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-04-23] (Analog Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [uTorrent] => C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: S-Foxer - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} [2014-11-26]
FF Extension: Adblock Plus - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-23]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2014-09-25] (Dassault Systèmes) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-11-13] (Robert McNeel & Associates)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2513752 2014-03-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] ()
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [1908520 2007-09-07] (Wacom Technology, Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 VRLService; C:\ProgramData\ASGvis\Dongle Utilities\startvrlservice.exe [209408 2013-12-07] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-03-25] (DT Soft Ltd)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 12:15 - 2014-12-31 12:15 - 00000000 ____D () C:\Users\oletadelku\Desktop\FRST-OlderVersion
2014-12-31 11:51 - 2014-12-31 12:15 - 00000000 ____D () C:\Users\oletadelku\Desktop\KPB
2014-12-30 10:04 - 2014-12-30 09:21 - 04470128 _____ () C:\Users\oletadelku\Downloads\20141229xx.bak
2014-12-30 09:21 - 2014-12-30 10:04 - 02596665 _____ () C:\Users\oletadelku\Downloads\20141229xx.dwg
2014-12-30 09:21 - 2014-12-30 10:03 - 02350167 _____ () C:\Users\oletadelku\Downloads\20141229xx2007.dwg
2014-12-30 09:21 - 2014-12-30 09:21 - 02581664 _____ () C:\Users\oletadelku\Downloads\20141229xx2007.bak
2014-12-25 15:06 - 2014-12-25 15:06 - 00442201 _____ () C:\Users\oletadelku\Downloads\Sout
2014-12-25 15:06 - 2014-12-25 15:06 - 00000000 _____ () C:\Windows\SysWOW64\debug.log
2014-12-25 13:03 - 2014-12-25 13:03 - 00000000 ____D () C:\Users\oletadelku\Downloads\Anamanaguchi - 2009 - Dawn Metropolis (V0)
2014-12-25 12:23 - 2014-12-25 15:43 - 00025671 _____ () C:\Users\oletadelku\Desktop\mamka.dwg
2014-12-25 12:23 - 2014-12-25 15:43 - 00025671 _____ () C:\Users\oletadelku\Desktop\mamka.bak
2014-12-25 12:12 - 2014-12-25 12:12 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\CrashRpt
2014-12-25 12:11 - 2014-12-25 12:11 - 00000000 ____D () C:\Users\oletadelku\Documents\My Drawings
2014-12-25 12:11 - 2014-12-25 12:11 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\Dassault Systemes
2014-12-25 12:07 - 2014-12-25 12:11 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\DraftSight
2014-12-25 12:07 - 2014-12-25 12:07 - 00002761 _____ () C:\Users\Public\Desktop\DraftSight x64.lnk
2014-12-25 12:07 - 2014-12-25 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dassault Systemes
2014-12-25 12:07 - 2014-12-25 12:07 - 00000000 ____D () C:\ProgramData\Dassault Systemes
2014-12-25 12:07 - 2014-12-25 12:07 - 00000000 ____D () C:\Program Files\Dassault Systemes
2014-12-25 11:52 - 2014-12-25 11:56 - 190106912 _____ (Microsoft Corporation) C:\Users\oletadelku\Downloads\DraftSight64.exe
2014-12-24 20:39 - 2014-12-24 20:39 - 00000000 ____D () C:\Users\oletadelku\Downloads\Flo Rida - Wild Ones (2012). butchT Latest Albums
2014-12-24 20:31 - 2014-12-24 22:32 - 1117478330 _____ () C:\Users\oletadelku\Downloads\Princezna-nevesta-by-Taipan-DVDrip-CZdub.avi
2014-12-24 16:51 - 2014-12-31 12:15 - 02123264 _____ (Farbar) C:\Users\oletadelku\Desktop\FRST64.exe
2014-12-24 14:33 - 2014-12-24 14:33 - 05006864 _____ (AVAST Software) C:\Users\oletadelku\Downloads\avast_free_antivirus_setup_online.exe
2014-12-24 14:25 - 2014-12-24 14:25 - 00016451 _____ () C:\ComboFix.txt
2014-12-24 12:30 - 2014-12-24 14:25 - 00000000 ____D () C:\Qoobox
2014-12-24 12:30 - 2014-12-24 14:20 - 00000000 ____D () C:\Windows\erdnt
2014-12-24 12:30 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-24 12:30 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-24 12:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-24 12:26 - 2014-12-24 12:26 - 05603465 ____R (Swearware) C:\Users\oletadelku\Desktop\ComboFix.exe
2014-12-24 01:39 - 2014-12-24 01:49 - 183611392 _____ () C:\Users\oletadelku\Downloads\The-Inbetweeners-s01e02-cz-titulky.avi
2014-12-24 01:37 - 2014-12-24 01:37 - 00237220 _____ () C:\Users\oletadelku\Downloads\cool_shutdown(1).zip
2014-12-23 23:40 - 2014-12-23 23:56 - 00918016 _____ () C:\Users\oletadelku\Documents\Rescue.asd
2014-12-23 21:57 - 2014-12-23 22:13 - 284780544 _____ () C:\Users\oletadelku\Downloads\The-Inbetweeners-s01e01-cz-titulky.avi
2014-12-23 21:47 - 2014-12-23 21:48 - 00280344 _____ () C:\Users\oletadelku\Downloads\MobileHeart.com-FreeFlight-2069-316.jar
2014-12-23 21:47 - 2014-12-23 21:47 - 00023996 _____ () C:\Users\oletadelku\Downloads\MobileHeart.com-Battle-tanker-3114-5265.sis
2014-12-23 20:03 - 2014-12-23 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-23 20:02 - 2014-12-23 20:02 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028(1).exe
2014-12-23 18:00 - 2014-12-24 14:22 - 00006746 _____ () C:\Windows\PFRO.log
2014-12-23 17:50 - 2014-12-23 17:50 - 02173952 _____ () C:\Users\oletadelku\Desktop\adwcleaner_4.106.exe
2014-12-23 17:34 - 2014-12-31 11:47 - 00000784 _____ () C:\Windows\setupact.log
2014-12-23 17:34 - 2014-12-23 17:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-23 10:11 - 2014-12-23 11:16 - 00000000 ____D () C:\Windows\SysWOW64\.launcher_log
2014-12-22 16:45 - 2014-12-22 16:45 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-20 15:34 - 2014-12-20 15:34 - 00008850 _____ () C:\Users\oletadelku\Desktop\Addition.rar
2014-12-20 15:33 - 2014-12-23 17:54 - 00029779 _____ () C:\Users\oletadelku\Desktop\Addition.txt
2014-12-20 15:32 - 2014-12-31 12:15 - 00010836 _____ () C:\Users\oletadelku\Desktop\FRST.txt
2014-12-20 15:32 - 2014-12-31 12:15 - 00000000 ____D () C:\FRST
2014-12-20 15:31 - 2014-12-20 15:31 - 00015327 _____ () C:\Users\oletadelku\Desktop\LM.bat
2014-12-20 15:11 - 2014-12-25 14:01 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-12-20 15:11 - 2014-12-20 15:11 - 00001105 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-12-20 15:11 - 2014-12-20 15:11 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-12-20 15:08 - 2014-12-20 15:10 - 04700448 _____ (Gaijin Entertainment ) C:\Users\oletadelku\Downloads\wt_launcher_1.0.1.467.exe
2014-12-19 15:11 - 2014-12-19 15:11 - 02891074 _____ () C:\Users\oletadelku\Downloads\2pudorysy.3dm
2014-12-19 11:14 - 2014-12-19 11:14 - 01582167 _____ () C:\Users\oletadelku\Downloads\frani_sramka_20141202.dwg
2014-12-15 15:24 - 2014-12-20 16:29 - 00001498 _____ () C:\Users\oletadelku\Desktop\plot.log
2014-12-15 14:59 - 2014-12-15 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-15 14:43 - 2014-12-20 16:15 - 00291549 _____ () C:\Users\oletadelku\Desktop\kuchyne.dwg
2014-12-15 14:43 - 2014-12-20 16:06 - 00255122 _____ () C:\Users\oletadelku\Desktop\kuchyne.bak
2014-12-14 20:46 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\oletadelku\Downloads\adwcleaner_4.105.exe
2014-12-14 20:45 - 2014-12-14 20:46 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-14 20:36 - 2014-12-14 20:36 - 00000000 ____D () C:\WTablet
2014-12-14 20:17 - 2014-12-23 17:44 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 20:16 - 2014-12-14 20:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-12-14 20:14 - 2014-12-14 20:14 - 01754248 _____ () C:\Users\oletadelku\Downloads\Adaware_Installer.exe
2014-12-14 20:06 - 2014-12-14 20:09 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-14 20:06 - 2014-12-14 20:06 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-14 20:06 - 2014-12-14 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-14 20:06 - 2014-12-14 20:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-14 20:05 - 2014-12-14 20:05 - 05162080 _____ (Piriform Ltd) C:\Users\oletadelku\Downloads\ccsetup500.exe
2014-12-13 16:19 - 2014-12-13 16:19 - 05116284 _____ () C:\Users\oletadelku\Downloads\Roots_and_Leaves___Tree_Brush_by_Winerla.rar
2014-12-13 15:33 - 2014-12-13 18:15 - 46183191 _____ () C:\Users\oletadelku\Downloads\model_5.3dm
2014-12-13 15:33 - 2014-12-13 15:35 - 46061284 _____ () C:\Users\oletadelku\Downloads\model_5.3dmbak
2014-12-13 13:25 - 2014-12-13 13:25 - 00000203 ____H () C:\Users\oletadelku\Downloads\dobratice_20141125.dwl2
2014-12-13 13:25 - 2014-12-13 13:25 - 00000053 ____H () C:\Users\oletadelku\Downloads\dobratice_20141125.dwl
2014-12-13 13:22 - 2014-12-13 13:22 - 00232048 _____ () C:\Users\oletadelku\Downloads\SL_03_098 (1).dwg
2014-12-12 20:32 - 2014-12-12 20:21 - 02778565 _____ () C:\Users\oletadelku\Downloads\dobratice_20141125.bak
2014-12-12 20:21 - 2014-12-12 20:32 - 02939708 _____ () C:\Users\oletadelku\Downloads\dobratice_20141125.dwg
2014-12-12 08:41 - 2014-12-12 08:41 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 01:01 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 01:01 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 01:01 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 01:01 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 01:01 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 01:01 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 01:01 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 01:01 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 01:01 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 01:01 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 23:49 - 2014-12-12 01:00 - 01633383 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1211_axonometrie_4.3dm
2014-12-11 23:49 - 2014-12-11 23:49 - 01652449 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1211_axonometrie_4.3dm.bak
2014-12-11 23:30 - 2014-12-23 17:58 - 00000000 ____D () C:\AdwCleaner
2014-12-11 21:49 - 2014-12-11 21:50 - 18119856 _____ (Adobe Systems Incorporated) C:\Users\oletadelku\Downloads\install_flash_player.exe
2014-12-11 21:47 - 2014-12-11 21:47 - 00000000 ____D () C:\Windows\Sun
2014-12-11 21:43 - 2014-12-11 21:43 - 00000057 ____H () C:\Users\oletadelku\Downloads\DOBRATICE_1124_axonometrie_5.3dm.rhl
2014-12-11 21:42 - 2014-12-11 21:43 - 01479357 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1124_axonometrie_5.3dm
2014-12-11 21:42 - 2014-12-11 21:42 - 00244264 _____ () C:\Users\oletadelku\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-11 21:20 - 2014-12-11 21:20 - 00638888 _____ (Oracle Corporation) C:\Users\oletadelku\Downloads\jxpiinstall(1).exe
2014-12-11 21:19 - 2014-12-11 21:19 - 00000000 ____D () C:\Users\oletadelku\Documents\Java
2014-12-11 21:18 - 2014-12-11 21:18 - 00640392 _____ () C:\Users\oletadelku\Downloads\setup(1).exe
2014-12-11 20:13 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 20:13 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 20:13 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 20:13 - 2014-11-21 09:37 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 20:13 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 20:13 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 20:13 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 20:13 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 20:13 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 20:13 - 2014-11-21 07:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 20:13 - 2014-11-21 07:24 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 20:13 - 2014-11-21 07:05 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-11 20:13 - 2014-11-21 06:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-11 20:11 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 20:11 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 20:11 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 20:11 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 20:11 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 20:11 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 20:11 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 20:11 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 20:11 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 20:11 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 20:11 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 20:11 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 20:11 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 20:11 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 12:15 - 2014-11-25 13:54 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\uTorrent
2014-12-31 12:09 - 2014-06-30 17:03 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Skype
2014-12-31 12:09 - 2014-04-14 06:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-31 11:57 - 2014-03-24 18:14 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\cache
2014-12-31 11:56 - 2014-09-11 10:44 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-31 11:54 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-31 11:54 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-31 11:51 - 2014-01-13 18:56 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-12-31 11:51 - 2014-01-13 18:56 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-12-31 11:51 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-31 11:49 - 2014-10-01 17:12 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\WTablet
2014-12-31 11:49 - 2014-09-11 10:44 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-31 11:47 - 2014-01-14 06:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-31 11:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-30 10:04 - 2014-01-13 10:01 - 01115787 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 09:22 - 2014-06-04 10:35 - 00703295 _____ () C:\Windows\system32\webservice4.log
2014-12-25 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-25 15:06 - 2014-03-24 10:55 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Adobe
2014-12-24 14:23 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-24 14:21 - 2009-07-14 03:34 - 90439680 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-12-24 14:21 - 2009-07-14 03:34 - 16515072 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-12-24 14:21 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-12-24 14:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-12-24 14:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-12-24 13:49 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-24 11:57 - 2014-09-11 11:02 - 00000000 ___RD () C:\Users\oletadelku\Disk Google
2014-12-23 22:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2014-12-23 17:51 - 2014-11-26 14:31 - 00000000 ____D () C:\jamor
2014-12-20 15:11 - 2014-03-24 16:18 - 00000000 ____D () C:\Users\oletadelku\Documents\My Games
2014-12-19 10:58 - 2014-04-14 06:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-15 17:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 21:06 - 2014-06-24 10:41 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-12-14 20:51 - 2014-03-25 09:33 - 00022935 _____ () C:\Users\oletadelku\rgmnr
2014-12-14 20:09 - 2014-04-23 22:54 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-12-14 20:09 - 2014-03-24 11:47 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\DAEMON Tools Lite
2014-12-14 20:09 - 2014-01-13 18:57 - 00000000 ____D () C:\Windows\Panther
2014-12-13 14:17 - 2014-07-17 12:53 - 00002632 _____ () C:\Users\oletadelku\Downloads\plot.log
2014-12-12 08:41 - 2014-05-18 17:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 08:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 01:03 - 2014-01-14 06:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 01:02 - 2014-01-14 06:50 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 23:34 - 2014-10-10 13:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-11 23:34 - 2014-06-30 17:02 - 00000000 ____D () C:\ProgramData\Skype
2014-12-11 22:09 - 2014-04-14 06:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 22:09 - 2014-04-14 06:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 22:09 - 2014-04-14 06:50 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 21:47 - 2014-08-27 23:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-11 21:42 - 2014-08-27 23:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-11 21:42 - 2014-08-27 23:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-11 20:14 - 2014-04-25 11:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-15 17:45

==================== End Of Log ============================

#14 Příspěvek od **Márty84** » 31 pro 2014 15:23

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [uTorrent] => C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Policies\Explorer: []

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

FF Extension: S-Foxer - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} [2014-11-26]

S3 avchv; system32\DRIVERS\avchv.sys [X]

2014-12-23 20:02 - 2014-12-23 20:02 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028(1).exe
2014-12-14 20:17 - 2014-12-23 17:44 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 20:14 - 2014-12-14 20:14 - 01754248 _____ () C:\Users\oletadelku\Downloads\Adaware_Installer.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

ondrejs · #15 Příspěvek od **ondrejs** » 31 pro 2014 16:43

Dobrý den, já ani nepozdravil.

tady ten log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by oletadelku at 2014-12-31 16:38:04 Run:1
Running from C:\Users\oletadelku\Desktop
Loaded Profile: oletadelku (Available profiles: OEM & oletadelku)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [uTorrent] => C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Policies\Explorer: []

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

FF Extension: S-Foxer - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} [2014-11-26]

S3 avchv; system32\DRIVERS\avchv.sys [X]

2014-12-23 20:02 - 2014-12-23 20:02 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028(1).exe
2014-12-14 20:17 - 2014-12-23 17:44 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 20:14 - 2014-12-14 20:14 - 01754248 _____ () C:\Users\oletadelku\Downloads\Adaware_Installer.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} => Moved successfully.
avchv => Service deleted successfully.
C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028(1).exe => Moved successfully.
C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics => Moved successfully.
C:\Users\oletadelku\Downloads\Adaware_Installer.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1 GB temporary data.

The system needed a reboot.

==== End of Fixlog 16:38:30 ====

VIRY.CZ

prosím o mrknutí

prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí

Re: prosím o mrknutí