VIRY.CZ

Taky jsem už něco nachytal.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by oletadelku (administrator) on OLETADELKU-PC on 20-12-2014 15:32:25
Running from C:\Users\oletadelku\Desktop
Loaded Profile: oletadelku (Available profiles: OEM & oletadelku)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
() C:\ProgramData\ASGvis\Dongle Utilities\startvrlservice.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Gaijin Entertainment) C:\Program Files (x86)\WarThunder\launcher.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(forum.viry.cz) C:\Users\oletadelku\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2014-03-04] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-04-23] (Analog Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [uTorrent] => C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\RunOnce: [Adobe Speed Launcher] => 1419084337
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\MountPoints2: {884d6d15-7e96-11e3-9b04-806e6f6e6963} - D:\install.exe
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\MountPoints2: {e2ee61ba-b338-11e3-bb05-b8ac6f4b3c43} - F:\Setup.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: S-Foxer - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} [2014-11-26]
FF Extension: Adblock Plus - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-23]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] ()
R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-11-13] (Robert McNeel & Associates)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2513752 2014-03-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [1908520 2007-09-07] (Wacom Technology, Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 VRLService; C:\ProgramData\ASGvis\Dongle Utilities\startvrlservice.exe [209408 2013-12-07] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2014-08-21] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2014-08-21] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2014-08-21] (BitDefender)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2014-07-10] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2014-07-10] (BitDefender LLC)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-03-25] (DT Soft Ltd)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-07-10] (BitDefender LLC)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 15:32 - 2014-12-20 15:33 - 00013372 _____ () C:\Users\oletadelku\Desktop\FRST.txt
2014-12-20 15:32 - 2014-12-20 15:32 - 00000000 ____D () C:\FRST
2014-12-20 15:31 - 2014-12-20 15:31 - 00112640 _____ (forum.viry.cz) C:\Users\oletadelku\Desktop\FRSTLauncher.exe
2014-12-20 15:30 - 2014-12-20 15:30 - 02122240 _____ (Farbar) C:\Users\oletadelku\Desktop\FRST64.exe
2014-12-20 15:11 - 2014-12-20 15:15 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-12-20 15:11 - 2014-12-20 15:11 - 00001105 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-12-20 15:11 - 2014-12-20 15:11 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-12-20 15:08 - 2014-12-20 15:10 - 04700448 _____ (Gaijin Entertainment ) C:\Users\oletadelku\Downloads\wt_launcher_1.0.1.467.exe
2014-12-19 15:11 - 2014-12-19 15:11 - 02891074 _____ () C:\Users\oletadelku\Downloads\2pudorysy.3dm
2014-12-19 11:14 - 2014-12-19 11:14 - 01582167 _____ () C:\Users\oletadelku\Downloads\frani_sramka_20141202.dwg
2014-12-15 15:24 - 2014-12-15 15:31 - 00001177 _____ () C:\Users\oletadelku\Desktop\plot.log
2014-12-15 14:59 - 2014-12-15 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-15 14:43 - 2014-12-15 16:23 - 00164942 _____ () C:\Users\oletadelku\Desktop\kuchyne.dwg
2014-12-15 14:43 - 2014-12-15 14:43 - 00105629 _____ () C:\Users\oletadelku\Desktop\kuchyne.bak
2014-12-14 20:51 - 2014-12-15 17:58 - 00000000 ____D () C:\Users\oletadelku\Desktop\šrámci_interier
2014-12-14 20:46 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\oletadelku\Downloads\adwcleaner_4.105.exe
2014-12-14 20:45 - 2014-12-14 20:46 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-14 20:38 - 2014-12-14 20:38 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Lavasoft
2014-12-14 20:36 - 2014-12-14 20:49 - 00001372 _____ () C:\Windows\PFRO.log
2014-12-14 20:36 - 2014-12-14 20:36 - 00000000 ____D () C:\WTablet
2014-12-14 20:26 - 2014-12-14 20:26 - 00000000 ____D () C:\ProgramData\BitDefender
2014-12-14 20:17 - 2014-12-20 15:06 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-12-14 20:17 - 2014-12-14 20:17 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 20:17 - 2014-12-14 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-12-14 20:17 - 2014-07-10 14:09 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2014-12-14 20:17 - 2014-07-10 14:08 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2014-12-14 20:16 - 2014-12-20 15:04 - 00000691 _____ () C:\Windows\setupact.log
2014-12-14 20:16 - 2014-12-14 20:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-12-14 20:16 - 2014-12-14 20:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-14 20:15 - 2014-12-14 20:15 - 00000000 ____D () C:\Program Files\Lavasoft
2014-12-14 20:15 - 2014-12-14 20:15 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-12-14 20:14 - 2014-12-14 20:14 - 01754248 _____ () C:\Users\oletadelku\Downloads\Adaware_Installer.exe
2014-12-14 20:14 - 2014-12-14 20:14 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-12-14 20:06 - 2014-12-14 20:09 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-14 20:06 - 2014-12-14 20:06 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-14 20:06 - 2014-12-14 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-14 20:06 - 2014-12-14 20:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-14 20:05 - 2014-12-14 20:05 - 05162080 _____ (Piriform Ltd) C:\Users\oletadelku\Downloads\ccsetup500.exe
2014-12-13 16:19 - 2014-12-13 16:19 - 05116284 _____ () C:\Users\oletadelku\Downloads\Roots_and_Leaves___Tree_Brush_by_Winerla.rar
2014-12-13 15:33 - 2014-12-13 18:15 - 46183191 _____ () C:\Users\oletadelku\Downloads\model_5.3dm
2014-12-13 15:33 - 2014-12-13 15:35 - 46061284 _____ () C:\Users\oletadelku\Downloads\model_5.3dmbak
2014-12-13 13:25 - 2014-12-13 13:25 - 00000203 ____H () C:\Users\oletadelku\Downloads\dobratice_20141125.dwl2
2014-12-13 13:25 - 2014-12-13 13:25 - 00000053 ____H () C:\Users\oletadelku\Downloads\dobratice_20141125.dwl
2014-12-13 13:22 - 2014-12-13 13:22 - 00232048 _____ () C:\Users\oletadelku\Downloads\SL_03_098 (1).dwg
2014-12-12 20:32 - 2014-12-12 20:21 - 02778565 _____ () C:\Users\oletadelku\Downloads\dobratice_20141125.bak
2014-12-12 20:21 - 2014-12-12 20:32 - 02939708 _____ () C:\Users\oletadelku\Downloads\dobratice_20141125.dwg
2014-12-12 08:41 - 2014-12-12 08:41 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 01:01 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 01:01 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 01:01 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 01:01 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 01:01 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 01:01 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 01:01 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 01:01 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 01:01 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 01:01 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 23:49 - 2014-12-12 01:00 - 01633383 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1211_axonometrie_4.3dm
2014-12-11 23:49 - 2014-12-11 23:49 - 01652449 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1211_axonometrie_4.3dm.bak
2014-12-11 23:30 - 2014-12-15 16:27 - 00000000 ____D () C:\AdwCleaner
2014-12-11 23:30 - 2014-12-11 23:30 - 02166272 _____ () C:\Users\oletadelku\Desktop\adwcleaner_4.105.exe
2014-12-11 22:31 - 2014-12-11 22:31 - 00628496 _____ (CMI Limited) C:\Users\oletadelku\AppData\Local\nse7D08.tmp
2014-12-11 21:49 - 2014-12-11 21:50 - 18119856 _____ (Adobe Systems Incorporated) C:\Users\oletadelku\Downloads\install_flash_player.exe
2014-12-11 21:47 - 2014-12-11 21:47 - 00000000 ____D () C:\Windows\Sun
2014-12-11 21:43 - 2014-12-11 21:43 - 00000057 ____H () C:\Users\oletadelku\Downloads\DOBRATICE_1124_axonometrie_5.3dm.rhl
2014-12-11 21:42 - 2014-12-11 21:43 - 01479357 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1124_axonometrie_5.3dm
2014-12-11 21:42 - 2014-12-11 21:42 - 00244264 _____ () C:\Users\oletadelku\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-11 21:20 - 2014-12-11 21:20 - 00638888 _____ (Oracle Corporation) C:\Users\oletadelku\Downloads\jxpiinstall(1).exe
2014-12-11 21:19 - 2014-12-11 21:19 - 00000000 ____D () C:\Users\oletadelku\Documents\Java
2014-12-11 21:18 - 2014-12-11 21:18 - 00640392 _____ () C:\Users\oletadelku\Downloads\setup(1).exe
2014-12-11 20:13 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 20:13 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 20:13 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 20:13 - 2014-11-21 09:37 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 20:13 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 20:13 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 20:13 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 20:13 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 20:13 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 20:13 - 2014-11-21 07:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 20:13 - 2014-11-21 07:24 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 20:13 - 2014-11-21 07:05 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-11 20:13 - 2014-11-21 06:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-11 20:11 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 20:11 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 20:11 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 20:11 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 20:11 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 20:11 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 20:11 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 20:11 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 20:11 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 20:11 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 20:11 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 20:11 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 20:11 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 20:11 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-11-27 15:36 - 2014-11-27 15:36 - 04005770 _____ () C:\Users\oletadelku\Desktop\pohledB.psd
2014-11-27 15:36 - 2014-11-27 15:36 - 03842162 _____ () C:\Users\oletadelku\Desktop\pohledA.psd
2014-11-27 12:44 - 2014-11-27 15:36 - 46061284 _____ () C:\Users\oletadelku\Desktop\model_5.3dm
2014-11-27 12:44 - 2014-11-27 15:03 - 36485053 _____ () C:\Users\oletadelku\Desktop\model_5.3dmbak
2014-11-27 12:26 - 2014-11-27 12:26 - 00364170 _____ () C:\Users\oletadelku\Downloads\golden-maple.zip
2014-11-27 12:26 - 2014-11-27 12:26 - 00000000 ____D () C:\Users\oletadelku\Downloads\golden-maple
2014-11-27 12:26 - 2014-11-27 12:26 - 00000000 ____D () C:\Users\oletadelku\Desktop\golde
2014-11-27 12:24 - 2014-11-27 12:24 - 00000000 ____D () C:\Users\oletadelku\Desktop\plywood
2014-11-27 12:24 - 2010-02-25 18:30 - 00000000 ____D () C:\Users\oletadelku\Desktop\Veneer-Betulla
2014-11-27 12:20 - 2014-11-27 12:20 - 01417542 _____ () C:\Users\oletadelku\Downloads\plywood-light.zip
2014-11-27 12:19 - 2014-11-27 12:19 - 00816320 _____ () C:\Users\oletadelku\Downloads\veneer-betulla.zip
2014-11-27 11:26 - 2014-11-27 11:43 - 33826037 _____ () C:\Users\oletadelku\Desktop\model_4.3dm.bak
2014-11-27 11:12 - 2014-11-27 11:12 - 81365999 _____ () C:\Users\oletadelku\Desktop\3D FM model_5.3dm
2014-11-27 10:58 - 2014-11-27 10:59 - 82927139 _____ () C:\Users\oletadelku\Desktop\3D FM model_4.3dmbak
2014-11-27 10:54 - 2014-12-19 14:30 - 00000000 ____D () C:\Users\oletadelku\Desktop\Interiér RD Fráni Šrámka Idea.pdf - Disk Google_soubory
2014-11-27 10:54 - 2014-11-27 10:54 - 00037591 _____ () C:\Users\oletadelku\Desktop\Interiér RD Fráni Šrámka Idea.pdf - Disk Google.htm
2014-11-27 10:36 - 2014-11-27 10:36 - 00000000 ____D () C:\Users\oletadelku\Documents\WB Games
2014-11-27 10:36 - 2014-11-27 10:36 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\SKIDROW
2014-11-27 10:22 - 2014-11-27 09:23 - 67693288 _____ () C:\Users\oletadelku\Desktop\3D FM model.3dm
2014-11-26 23:10 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-11-26 23:10 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-11-26 23:10 - 2014-11-26 23:10 - 00000000 ____D () C:\Program Files\Application Verifier
2014-11-26 23:10 - 2014-11-26 23:10 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-11-26 23:10 - 2014-11-26 23:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-11-26 23:10 - 2014-11-26 23:10 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-11-26 22:56 - 2014-11-26 22:56 - 00991536 _____ (Microsoft Corporation) C:\Users\oletadelku\Downloads\sdksetup.exe
2014-11-26 21:59 - 2014-11-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (April 2007)
2014-11-26 21:59 - 2007-03-15 16:57 - 00555880 _____ (Microsoft Corporation) C:\Windows\system32\D3DX10d_33.dll
2014-11-26 21:59 - 2007-03-15 16:57 - 00485736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX10d_33.dll
2014-11-26 21:59 - 2007-03-05 12:41 - 01267472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8d.dll
2014-11-26 21:59 - 2007-03-05 12:40 - 01426736 _____ (Microsoft Corporation) C:\Windows\system32\d3d10d.dll
2014-11-26 21:59 - 2007-03-05 12:40 - 01160496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10d.dll
2014-11-26 21:58 - 2014-11-26 21:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft DirectX SDK (April 2007)
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\WebTest
2014-11-26 21:57 - 2014-11-26 21:58 - 01269840 _____ () C:\Users\oletadelku\Downloads\frani_sramka_20140926.dwg
2014-11-26 21:05 - 2014-11-26 21:05 - 00371016 _____ () C:\Users\oletadelku\Downloads\SoftonicDownloader_for_directx.exe
2014-11-26 20:22 - 2014-11-26 20:22 - 00001369 _____ () C:\Users\Public\Desktop\Middle-earth. Shadow of Mordor.lnk
2014-11-26 20:22 - 2014-11-26 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle-earth. Shadow of Mordor
2014-11-26 20:17 - 2014-11-26 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010)
2014-11-26 20:17 - 2010-06-02 13:23 - 04830552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9d_33.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 03795800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9d_33.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 02947416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9d.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 02719064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9d.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 02686808 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 02261336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3dx9d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 01931608 _____ (Microsoft Corporation) C:\Windows\system32\D3DCSXd_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 01883992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCSXd_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00964440 _____ (Microsoft Corporation) C:\Windows\system32\XAudioD2_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00954200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudioD2_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00568664 _____ (Microsoft Corporation) C:\Windows\system32\D3DX10d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00514392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX10d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00435032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineA3_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineA3_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00349528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineD3_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineD3_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00308056 _____ (Microsoft Corporation) C:\Windows\system32\D3DX11d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00268120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX11d_43.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00139608 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFXD1_5.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00131928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFXD1_5.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00053080 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudioD1_7.dll
2014-11-26 20:17 - 2010-06-02 13:23 - 00045400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudioD1_7.dll
2014-11-26 20:15 - 2014-11-26 20:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
2014-11-26 19:14 - 2014-11-26 19:38 - 599452800 _____ (Microsoft Corporation) C:\Users\oletadelku\Downloads\DXSDK_Jun10.exe
2014-11-26 19:10 - 2014-11-26 20:22 - 00000000 ____D () C:\Program Files (x86)\Middle-earth. Shadow of Mordor
2014-11-26 18:04 - 2014-11-26 18:04 - 00397862 _____ () C:\Users\oletadelku\Downloads\Beckett_Molloy.txt
2014-11-26 15:54 - 2014-11-26 15:55 - 03943987 _____ () C:\Users\oletadelku\Downloads\Deus-Ex-Human-Revolution----čeština.zip
2014-11-26 15:39 - 2014-11-26 15:46 - 216521408 _____ (NVIDIA Corporation) C:\Users\oletadelku\Downloads\341.05-quadro-grid-desktop-notebook-win8-win7-64bit-international-whql.exe
2014-11-26 14:31 - 2014-12-13 16:19 - 00000000 ____D () C:\jamor
2014-11-25 14:42 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-25 14:42 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-25 14:42 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-25 14:37 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-25 14:37 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-25 14:37 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-25 14:37 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-25 14:37 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-25 14:37 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-25 14:37 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-25 14:37 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-25 14:37 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-25 14:37 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-25 14:37 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-25 14:37 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-25 14:37 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-25 14:37 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-25 14:37 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-25 14:37 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-25 14:37 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-25 14:37 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-25 14:37 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-25 14:37 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-25 14:37 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-25 14:37 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-25 14:37 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-25 14:37 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-25 14:37 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-25 14:37 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-25 14:37 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-25 14:28 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-25 14:28 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-25 14:28 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-25 14:28 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-25 14:28 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-25 14:28 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-25 14:28 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-25 14:16 - 2014-11-25 14:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-11-25 14:16 - 2014-11-25 14:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-11-25 13:55 - 2014-11-26 13:48 - 00000000 ____D () C:\Users\oletadelku\Downloads\Middle-earth. Shadow of Mordor_RePack by SEYTER
2014-11-25 13:55 - 2013-06-27 10:59 - 00000000 ____D () C:\Users\oletadelku\Downloads\firefox
2014-11-25 13:54 - 2014-12-20 15:31 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\uTorrent
2014-11-25 13:54 - 2014-11-25 13:54 - 01936208 _____ (BitTorrent Inc.) C:\Users\oletadelku\Downloads\uTorrent.exe
2014-11-25 13:54 - 2014-11-25 13:54 - 00000841 _____ () C:\Users\oletadelku\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-11-25 13:53 - 2014-11-25 13:53 - 00733344 _____ () C:\Users\oletadelku\Downloads\utorrent-lista-centrumcz.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-20 15:33 - 2014-06-30 17:03 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Skype
2014-12-20 15:26 - 2014-01-13 10:01 - 01825441 _____ () C:\Windows\WindowsUpdate.log
2014-12-20 15:13 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-20 15:13 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-20 15:11 - 2014-03-24 16:18 - 00000000 ____D () C:\Users\oletadelku\Documents\My Games
2014-12-20 15:10 - 2014-01-13 18:56 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-12-20 15:10 - 2014-01-13 18:56 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-12-20 15:10 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 15:09 - 2014-04-14 06:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-20 15:06 - 2014-09-11 11:02 - 00000000 ___RD () C:\Users\oletadelku\Disk Google
2014-12-20 15:05 - 2014-10-01 17:12 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\WTablet
2014-12-20 15:05 - 2014-09-11 10:44 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-20 15:04 - 2014-01-14 06:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-20 15:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 14:56 - 2014-09-11 10:44 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 11:57 - 2014-04-23 17:27 - 00000000 ____D () C:\Users\oletadelku\Desktop\frani sramka
2014-12-19 11:14 - 2014-06-04 10:35 - 00651395 _____ () C:\Windows\system32\webservice4.log
2014-12-19 11:14 - 2014-03-24 18:14 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\cache
2014-12-19 10:58 - 2014-04-14 06:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-15 17:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 21:06 - 2014-06-24 10:41 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-12-14 20:51 - 2014-03-25 09:33 - 00022935 _____ () C:\Users\oletadelku\rgmnr
2014-12-14 20:37 - 2014-08-27 19:24 - 00000000 ____D () C:\Users\oletadelku\Desktop\Dobratice
2014-12-14 20:32 - 2014-04-23 17:27 - 00000000 ____D () C:\Users\oletadelku\Desktop\tisnov
2014-12-14 20:25 - 2014-05-28 19:52 - 00000000 ____D () C:\Users\oletadelku\Desktop\baru port
2014-12-14 20:09 - 2014-04-23 22:54 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-12-14 20:09 - 2014-03-24 11:47 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\DAEMON Tools Lite
2014-12-14 20:09 - 2014-01-13 18:57 - 00000000 ____D () C:\Windows\Panther
2014-12-13 14:17 - 2014-07-17 12:53 - 00002632 _____ () C:\Users\oletadelku\Downloads\plot.log
2014-12-12 08:41 - 2014-05-18 17:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 08:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 01:03 - 2014-01-14 06:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 01:02 - 2014-01-14 06:50 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 23:34 - 2014-10-10 13:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-11 23:34 - 2014-06-30 17:02 - 00000000 ____D () C:\ProgramData\Skype
2014-12-11 22:09 - 2014-04-14 06:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 22:09 - 2014-04-14 06:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 22:09 - 2014-04-14 06:50 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 21:47 - 2014-08-27 23:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-11 21:42 - 2014-08-27 23:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-11 21:42 - 2014-08-27 23:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-11 20:14 - 2014-04-25 11:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-28 00:08 - 2014-03-24 12:38 - 00000000 ____D () C:\ProgramData\ASGvis
2014-11-26 23:10 - 2014-11-02 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-26 21:59 - 2014-04-15 11:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-26 19:51 - 2014-06-11 19:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-26 18:16 - 2014-06-11 19:46 - 00000000 ____D () C:\ProgramData\Origin
2014-11-26 16:02 - 2014-04-14 16:24 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\dxhr
2014-11-26 03:28 - 2009-07-14 05:45 - 05046792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 14:17 - 2014-09-11 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-25 13:54 - 2014-09-12 12:07 - 00384529 _____ () C:\Users\oletadelku\Downloads\Lista_centrum.exe
2014-11-25 13:50 - 2014-09-11 10:44 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-25 13:50 - 2014-09-11 10:44 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\OEM\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\oletadelku\AppData\Local\Temp\sfamcc00001.dll
C:\Users\oletadelku\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\oletadelku\Desktop" je 25547 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Odinstaloval bych Ad-Aware Antivirus

ondrejs píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\oletadelku\Desktop" je 25547 MB.

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Děkuju, antivir smazán, plocha pročištěna.

Zde log:

# AdwCleaner v4.106 - Report created 23/12/2014 at 17:58:39
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : oletadelku - OLETADELKU-PC
# Running from : C:\Users\oletadelku\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183


-\\ Mozilla Firefox v34.0.5 (x86 cs)


*************************

AdwCleaner[R0].txt - [1769 octets] - [11/12/2014 23:30:34]
AdwCleaner[R1].txt - [945 octets] - [14/12/2014 20:46:10]
AdwCleaner[R2].txt - [1064 octets] - [15/12/2014 16:26:48]
AdwCleaner[R3].txt - [1124 octets] - [20/12/2014 16:50:08]
AdwCleaner[R4].txt - [1183 octets] - [23/12/2014 17:57:23]
AdwCleaner[S0].txt - [1776 octets] - [11/12/2014 23:31:35]
AdwCleaner[S1].txt - [1007 octets] - [14/12/2014 20:47:31]
AdwCleaner[S2].txt - [1107 octets] - [23/12/2014 17:58:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1167 octets] ##########

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.12.2014
Čas skenování: 20:04:33
Protokol: log_mbam.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.23.07
Databáze rootkitů: v2014.12.23.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: oletadelku

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 633314
Uplynulý čas: 44 min, 48 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 2
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\bitstreams, , [fb48fa6cd5a70f270e285bcba3606997],

Soubory: 17
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\amtlib.dll, , [95ae085ee29a86b0cca3eb8c857de41c],
PUP.Optional.Softonic, C:\Users\oletadelku\Downloads\SoftonicDownloader_for_directx.exe, , [d86b81e5403c211510a0005a89770af6],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll, , [f54e2f371864191ddc94086ff1114fb1],
Trojan.Agent.CK, C:\Program Files\Autodesk\AutoCAD 2014\xf-adsk64.exe, , [bd860066fe7e6ec817b96548b44eb24e],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\diablo130302.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\diakgcn121016.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\libcurl-4.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\libeay32.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\libidn-11.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\librtmp.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\libssh2.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\phatk121016.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\poclbm130302.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\scrypt130511.cl, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\ssleay32.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\zlib1.dll, , [fb48fa6cd5a70f270e285bcba3606997],
Trojan.Agent.BCM, C:\Windows\inf\mncwrgtp\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [fb48fa6cd5a70f270e285bcba3606997],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.12.2014
Čas skenování: 22:29:43
Protokol:
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.23.07
Databáze rootkitů: v2014.12.23.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: oletadelku

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 641114
Uplynulý čas: 48 min, 28 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

MBAM muzete odinstalovat.


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 14-12-23.01 - oletadelku 24.12.2014 12:31:53.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.12286.10036 [GMT 1:00]
Spuštěný z: c:\users\oletadelku\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_ctypes.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_elementtree.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_hashlib.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_multiprocessing.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_socket.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\_ssl.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\hashobjs_ext.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\pyexpat.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\pysqlite2._sqlite.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\python27.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\pythoncom27.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\PyWinTypes27.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\select.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\unicodedata.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32api.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32com.shell.shell.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32crypt.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32event.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32file.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32gui.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32inet.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32pdh.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32pipe.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32process.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32profile.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32security.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\win32ts.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\windows._lib_cacheinvalidation.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._animate.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._controls_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._core_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._gdi_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._html2.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._misc_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._windows_.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wx._wizard.pyd
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxbase294u_net_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxbase294u_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxmsw294u_adv_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxmsw294u_core_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxmsw294u_html_vc90.dll
c:\users\OLETAD~1\AppData\Local\Temp\_MEI31042\wxmsw294u_webview_vc90.dll
c:\users\oletadelku\AppData\Local\nse7D08.tmp
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_ctypes.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_elementtree.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_hashlib.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_multiprocessing.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_socket.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\_ssl.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\hashobjs_ext.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\pyexpat.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\pysqlite2._sqlite.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\python27.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\pythoncom27.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\PyWinTypes27.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\select.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\unicodedata.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32api.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32com.shell.shell.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32crypt.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32event.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32file.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32gui.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32inet.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32pdh.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32pipe.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32process.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32profile.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32security.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\win32ts.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\windows._lib_cacheinvalidation.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._animate.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._controls_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._core_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._gdi_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._html2.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._misc_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._windows_.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wx._wizard.pyd
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxbase294u_net_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxbase294u_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxmsw294u_adv_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxmsw294u_core_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxmsw294u_html_vc90.dll
c:\users\oletadelku\AppData\Local\Temp\_MEI31042\wxmsw294u_webview_vc90.dll
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-24 do 2014-12-24 )))))))))))))))))))))))))))))))
.
.
2014-12-24 12:22 . 2014-12-24 12:22 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3BE0A9A-F629-47AF-954A-96500AF8686E}\offreg.dll
2014-12-23 19:03 . 2014-12-23 19:03 -------- d-----w- c:\programdata\Malwarebytes
2014-12-23 10:42 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3BE0A9A-F629-47AF-954A-96500AF8686E}\mpengine.dll
2014-12-23 09:11 . 2014-12-23 10:16 -------- d-----w- c:\windows\SysWow64\.launcher_log
2014-12-20 14:32 . 2014-12-23 16:54 -------- d-----w- C:\FRST
2014-12-20 14:11 . 2014-12-23 10:58 -------- d-----w- c:\program files (x86)\WarThunder
2014-12-14 19:36 . 2014-12-14 19:36 -------- d-----w- C:\WTablet
2014-12-14 19:17 . 2014-12-23 16:44 -------- d-----w- c:\users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 19:06 . 2014-12-14 19:06 -------- d-----w- c:\program files\CCleaner
2014-12-12 07:41 . 2014-12-12 07:41 -------- d-----w- c:\windows\system32\appraiser
2014-12-12 00:01 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-12 00:01 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-12 00:01 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-12 00:01 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-12 00:01 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-12 00:01 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-12 00:01 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-12 00:01 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-12 00:01 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-12 00:01 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-11 22:30 . 2014-12-23 16:58 -------- d-----w- C:\AdwCleaner
2014-12-11 20:47 . 2014-12-11 20:47 -------- d-----w- c:\windows\Sun
2014-12-11 20:42 . 2014-12-11 20:42 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-12-11 19:11 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-03 06:31 . 2014-12-03 06:31 227048 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-11-27 09:36 . 2014-11-27 09:36 -------- d-----w- c:\users\oletadelku\AppData\Local\SKIDROW
2014-11-26 22:10 . 2014-11-26 22:11 -------- d-----w- c:\programdata\Windows App Certification Kit
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files\Application Verifier
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Application Verifier
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Windows Kits
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2014-11-26 20:59 . 2007-03-15 15:57 555880 ----a-w- c:\windows\system32\D3DX10d_33.dll
2014-11-26 20:59 . 2007-03-05 11:40 1426736 ----a-w- c:\windows\system32\d3d10d.dll
2014-11-26 20:59 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Common Files\aliaswavefront shared
2014-11-26 20:59 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Common Files\Alias Shared
2014-11-26 20:59 . 2007-03-15 15:57 485736 ----a-w- c:\windows\SysWow64\D3DX10d_33.dll
2014-11-26 20:59 . 2007-03-05 11:41 1267472 ----a-w- c:\windows\SysWow64\d3d8d.dll
2014-11-26 20:59 . 2007-03-05 11:40 1160496 ----a-w- c:\windows\SysWow64\d3d10d.dll
2014-11-26 20:58 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Microsoft DirectX SDK (April 2007)
2014-11-26 20:58 . 2014-11-26 20:58 -------- d-----w- c:\users\oletadelku\AppData\Roaming\WebTest
2014-11-26 18:10 . 2014-11-26 19:22 -------- d-----w- c:\program files (x86)\Middle-earth. Shadow of Mordor
2014-11-26 13:31 . 2014-12-23 16:51 -------- d-----w- C:\jamor
2014-11-25 13:42 . 2014-09-19 09:42 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-11-25 13:42 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-25 13:42 . 2014-09-19 09:42 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-11-25 13:42 . 2014-09-19 09:42 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-11-25 13:42 . 2014-09-19 09:23 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-11-25 13:42 . 2014-09-19 09:23 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-11-25 13:42 . 2014-09-19 09:23 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-11-25 13:42 . 2014-09-19 09:42 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-11-25 13:42 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-25 13:42 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-25 13:42 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-25 13:42 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-25 13:28 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-25 13:28 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-25 13:28 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-25 13:28 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-25 13:28 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-25 13:28 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-25 13:28 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-25 13:16 . 2014-11-25 13:16 -------- d-----w- c:\users\Default\AppData\Local\Google
2014-11-25 12:54 . 2014-12-24 12:47 -------- d-----w- c:\users\oletadelku\AppData\Roaming\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-12 00:02 . 2014-01-14 05:50 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-11 21:09 . 2014-04-14 05:50 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 21:09 . 2014-04-14 05:50 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 20:42 . 2014-08-27 22:17 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-30 02:03 . 2014-12-11 19:11 165888 ----a-w- c:\windows\system32\charmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-11-27 30524520]
"uTorrent"="c:\users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe" [2014-11-25 1385808]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"="1419425241" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-04-23 1314816]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2014-4-25 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 McNeelUpdate;McNeel Update Service 5.0;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [x]
S2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe;c:\windows\SYSNATIVE\Wacom_Tablet.exe [x]
S2 VRLService;VRLService;c:\progra~3\ASGvis\DONGLE~1\STARTV~1.EXE;c:\progra~3\ASGvis\DONGLE~1\STARTV~1.EXE [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14 21:09]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 09:44]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 09:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2014-03-04 2728736]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\
.
.
------- Asociace souborů -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Celkový čas: 2014-12-24 13:49:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-24 12:49
.
Před spuštěním: Volných bajtů: 52 529 250 304
Po spuštění: Volných bajtů: 49 341 599 744
.
- - End Of File - - 81B0524BB0F3BDAE0455956BE297F366
A36C5E4F47E84449FF07ED3517B43A31

Vypnete trvale Windows Defender


Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku



Nainstalujte nejaky free antivir. Za sebe doporucuji Avast free, pouzivam jej uz radu let.

ComboFix 14-12-23.01 - oletadelku 24.12.2014 14:17:57.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.12286.10022 [GMT 1:00]
Spuštěný z: c:\users\oletadelku\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\oletadelku\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_SwitchBoard
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-24 do 2014-12-24 )))))))))))))))))))))))))))))))
.
.
2014-12-24 13:20 . 2014-12-24 13:20 -------- d-----w- c:\users\OEM\AppData\Local\temp
2014-12-23 19:03 . 2014-12-23 19:03 -------- d-----w- c:\programdata\Malwarebytes
2014-12-23 10:42 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3BE0A9A-F629-47AF-954A-96500AF8686E}\mpengine.dll
2014-12-23 09:11 . 2014-12-23 10:16 -------- d-----w- c:\windows\SysWow64\.launcher_log
2014-12-20 14:32 . 2014-12-23 16:54 -------- d-----w- C:\FRST
2014-12-20 14:11 . 2014-12-23 10:58 -------- d-----w- c:\program files (x86)\WarThunder
2014-12-14 19:36 . 2014-12-14 19:36 -------- d-----w- C:\WTablet
2014-12-14 19:17 . 2014-12-23 16:44 -------- d-----w- c:\users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 19:06 . 2014-12-14 19:06 -------- d-----w- c:\program files\CCleaner
2014-12-12 07:41 . 2014-12-12 07:41 -------- d-----w- c:\windows\system32\appraiser
2014-12-12 00:01 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-12 00:01 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-12 00:01 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-12 00:01 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-12 00:01 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-12 00:01 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-12 00:01 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-12 00:01 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-12 00:01 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-12 00:01 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-11 22:30 . 2014-12-23 16:58 -------- d-----w- C:\AdwCleaner
2014-12-11 20:47 . 2014-12-11 20:47 -------- d-----w- c:\windows\Sun
2014-12-11 20:42 . 2014-12-11 20:42 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-12-11 19:11 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-03 06:31 . 2014-12-03 06:31 227048 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-11-27 09:36 . 2014-11-27 09:36 -------- d-----w- c:\users\oletadelku\AppData\Local\SKIDROW
2014-11-26 22:10 . 2014-11-26 22:11 -------- d-----w- c:\programdata\Windows App Certification Kit
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files\Application Verifier
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Application Verifier
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Windows Kits
2014-11-26 22:10 . 2014-11-26 22:10 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2014-11-26 20:59 . 2007-03-15 15:57 555880 ----a-w- c:\windows\system32\D3DX10d_33.dll
2014-11-26 20:59 . 2007-03-05 11:40 1426736 ----a-w- c:\windows\system32\d3d10d.dll
2014-11-26 20:59 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Common Files\aliaswavefront shared
2014-11-26 20:59 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Common Files\Alias Shared
2014-11-26 20:59 . 2007-03-15 15:57 485736 ----a-w- c:\windows\SysWow64\D3DX10d_33.dll
2014-11-26 20:59 . 2007-03-05 11:41 1267472 ----a-w- c:\windows\SysWow64\d3d8d.dll
2014-11-26 20:59 . 2007-03-05 11:40 1160496 ----a-w- c:\windows\SysWow64\d3d10d.dll
2014-11-26 20:58 . 2014-11-26 20:59 -------- d-----w- c:\program files (x86)\Microsoft DirectX SDK (April 2007)
2014-11-26 20:58 . 2014-11-26 20:58 -------- d-----w- c:\users\oletadelku\AppData\Roaming\WebTest
2014-11-26 18:10 . 2014-11-26 19:22 -------- d-----w- c:\program files (x86)\Middle-earth. Shadow of Mordor
2014-11-26 13:31 . 2014-12-23 16:51 -------- d-----w- C:\jamor
2014-11-25 13:42 . 2014-09-19 09:42 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-11-25 13:42 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-25 13:42 . 2014-09-19 09:42 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-11-25 13:42 . 2014-09-19 09:42 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-11-25 13:42 . 2014-09-19 09:23 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-11-25 13:42 . 2014-09-19 09:23 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-11-25 13:42 . 2014-09-19 09:23 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-11-25 13:42 . 2014-09-19 09:42 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-11-25 13:42 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-25 13:42 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-25 13:42 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-25 13:42 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-25 13:28 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-25 13:28 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-25 13:28 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-25 13:28 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-25 13:28 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-25 13:28 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-25 13:28 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-25 13:16 . 2014-11-25 13:16 -------- d-----w- c:\users\Default\AppData\Local\Google
2014-11-25 12:54 . 2014-12-24 13:12 -------- d-----w- c:\users\oletadelku\AppData\Roaming\uTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-12 00:02 . 2014-01-14 05:50 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-11 21:09 . 2014-04-14 05:50 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 21:09 . 2014-04-14 05:50 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 20:42 . 2014-08-27 22:17 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-30 02:03 . 2014-12-11 19:11 165888 ----a-w- c:\windows\system32\charmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-04-23 1314816]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-05 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2014-4-25 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 McNeelUpdate;McNeel Update Service 5.0;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [x]
S2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe;c:\windows\SYSNATIVE\Wacom_Tablet.exe [x]
S2 VRLService;VRLService;c:\progra~3\ASGvis\DONGLE~1\STARTV~1.EXE;c:\progra~3\ASGvis\DONGLE~1\STARTV~1.EXE [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14 21:09]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 09:44]
.
2014-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-11 09:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2014-03-04 2728736]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Celkový čas: 2014-12-24 14:25:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-24 13:25
ComboFix2.txt 2014-12-24 12:49
.
Před spuštěním: Volných bajtů: 49 406 836 736
Po spuštění: Volných bajtů: 49 085 005 824
.
- - End Of File - - D91F250942B23A7B3712CDB41A1299A3
A36C5E4F47E84449FF07ED3517B43A31




Pár let už antivir nepoužívám, na PC ani notebooku, ale po tédle zkušenosti začnu. Díky za tip na avast.

No jo, antivir sice neni vselek, ale pred necim ochranit umi a kdyz uz se neco chytne, aspon mirni nasledky


Dejte novy log z FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by oletadelku (administrator) on OLETADELKU-PC on 31-12-2014 12:15:49
Running from C:\Users\oletadelku\Desktop
Loaded Profile: oletadelku (Available profiles: OEM & oletadelku)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
() C:\ProgramData\ASGvis\Dongle Utilities\startvrlservice.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(BitTorrent Inc.) C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\AutoCAD 2014\acad.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Autodesk, Inc.) C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\AutoCAD 2014\AdExchange\AcBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2014-03-04] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-04-23] (Analog Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [uTorrent] => C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: S-Foxer - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} [2014-11-26]
FF Extension: Adblock Plus - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-23]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2014-09-25] (Dassault Systèmes) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-11-13] (Robert McNeel & Associates)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2513752 2014-03-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] ()
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [1908520 2007-09-07] (Wacom Technology, Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 VRLService; C:\ProgramData\ASGvis\Dongle Utilities\startvrlservice.exe [209408 2013-12-07] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-03-25] (DT Soft Ltd)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 12:15 - 2014-12-31 12:15 - 00000000 ____D () C:\Users\oletadelku\Desktop\FRST-OlderVersion
2014-12-31 11:51 - 2014-12-31 12:15 - 00000000 ____D () C:\Users\oletadelku\Desktop\KPB
2014-12-30 10:04 - 2014-12-30 09:21 - 04470128 _____ () C:\Users\oletadelku\Downloads\20141229xx.bak
2014-12-30 09:21 - 2014-12-30 10:04 - 02596665 _____ () C:\Users\oletadelku\Downloads\20141229xx.dwg
2014-12-30 09:21 - 2014-12-30 10:03 - 02350167 _____ () C:\Users\oletadelku\Downloads\20141229xx2007.dwg
2014-12-30 09:21 - 2014-12-30 09:21 - 02581664 _____ () C:\Users\oletadelku\Downloads\20141229xx2007.bak
2014-12-25 15:06 - 2014-12-25 15:06 - 00442201 _____ () C:\Users\oletadelku\Downloads\Sout
2014-12-25 15:06 - 2014-12-25 15:06 - 00000000 _____ () C:\Windows\SysWOW64\debug.log
2014-12-25 13:03 - 2014-12-25 13:03 - 00000000 ____D () C:\Users\oletadelku\Downloads\Anamanaguchi - 2009 - Dawn Metropolis (V0)
2014-12-25 12:23 - 2014-12-25 15:43 - 00025671 _____ () C:\Users\oletadelku\Desktop\mamka.dwg
2014-12-25 12:23 - 2014-12-25 15:43 - 00025671 _____ () C:\Users\oletadelku\Desktop\mamka.bak
2014-12-25 12:12 - 2014-12-25 12:12 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\CrashRpt
2014-12-25 12:11 - 2014-12-25 12:11 - 00000000 ____D () C:\Users\oletadelku\Documents\My Drawings
2014-12-25 12:11 - 2014-12-25 12:11 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\Dassault Systemes
2014-12-25 12:07 - 2014-12-25 12:11 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\DraftSight
2014-12-25 12:07 - 2014-12-25 12:07 - 00002761 _____ () C:\Users\Public\Desktop\DraftSight x64.lnk
2014-12-25 12:07 - 2014-12-25 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dassault Systemes
2014-12-25 12:07 - 2014-12-25 12:07 - 00000000 ____D () C:\ProgramData\Dassault Systemes
2014-12-25 12:07 - 2014-12-25 12:07 - 00000000 ____D () C:\Program Files\Dassault Systemes
2014-12-25 11:52 - 2014-12-25 11:56 - 190106912 _____ (Microsoft Corporation) C:\Users\oletadelku\Downloads\DraftSight64.exe
2014-12-24 20:39 - 2014-12-24 20:39 - 00000000 ____D () C:\Users\oletadelku\Downloads\Flo Rida - Wild Ones (2012). butchT Latest Albums
2014-12-24 20:31 - 2014-12-24 22:32 - 1117478330 _____ () C:\Users\oletadelku\Downloads\Princezna-nevesta-by-Taipan-DVDrip-CZdub.avi
2014-12-24 16:51 - 2014-12-31 12:15 - 02123264 _____ (Farbar) C:\Users\oletadelku\Desktop\FRST64.exe
2014-12-24 14:33 - 2014-12-24 14:33 - 05006864 _____ (AVAST Software) C:\Users\oletadelku\Downloads\avast_free_antivirus_setup_online.exe
2014-12-24 14:25 - 2014-12-24 14:25 - 00016451 _____ () C:\ComboFix.txt
2014-12-24 12:30 - 2014-12-24 14:25 - 00000000 ____D () C:\Qoobox
2014-12-24 12:30 - 2014-12-24 14:20 - 00000000 ____D () C:\Windows\erdnt
2014-12-24 12:30 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-24 12:30 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-24 12:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-24 12:30 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-24 12:26 - 2014-12-24 12:26 - 05603465 ____R (Swearware) C:\Users\oletadelku\Desktop\ComboFix.exe
2014-12-24 01:39 - 2014-12-24 01:49 - 183611392 _____ () C:\Users\oletadelku\Downloads\The-Inbetweeners-s01e02-cz-titulky.avi
2014-12-24 01:37 - 2014-12-24 01:37 - 00237220 _____ () C:\Users\oletadelku\Downloads\cool_shutdown(1).zip
2014-12-23 23:40 - 2014-12-23 23:56 - 00918016 _____ () C:\Users\oletadelku\Documents\Rescue.asd
2014-12-23 21:57 - 2014-12-23 22:13 - 284780544 _____ () C:\Users\oletadelku\Downloads\The-Inbetweeners-s01e01-cz-titulky.avi
2014-12-23 21:47 - 2014-12-23 21:48 - 00280344 _____ () C:\Users\oletadelku\Downloads\MobileHeart.com-FreeFlight-2069-316.jar
2014-12-23 21:47 - 2014-12-23 21:47 - 00023996 _____ () C:\Users\oletadelku\Downloads\MobileHeart.com-Battle-tanker-3114-5265.sis
2014-12-23 20:03 - 2014-12-23 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-23 20:02 - 2014-12-23 20:02 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028(1).exe
2014-12-23 18:00 - 2014-12-24 14:22 - 00006746 _____ () C:\Windows\PFRO.log
2014-12-23 17:50 - 2014-12-23 17:50 - 02173952 _____ () C:\Users\oletadelku\Desktop\adwcleaner_4.106.exe
2014-12-23 17:34 - 2014-12-31 11:47 - 00000784 _____ () C:\Windows\setupact.log
2014-12-23 17:34 - 2014-12-23 17:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-23 10:11 - 2014-12-23 11:16 - 00000000 ____D () C:\Windows\SysWOW64\.launcher_log
2014-12-22 16:45 - 2014-12-22 16:45 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-20 15:34 - 2014-12-20 15:34 - 00008850 _____ () C:\Users\oletadelku\Desktop\Addition.rar
2014-12-20 15:33 - 2014-12-23 17:54 - 00029779 _____ () C:\Users\oletadelku\Desktop\Addition.txt
2014-12-20 15:32 - 2014-12-31 12:15 - 00010836 _____ () C:\Users\oletadelku\Desktop\FRST.txt
2014-12-20 15:32 - 2014-12-31 12:15 - 00000000 ____D () C:\FRST
2014-12-20 15:31 - 2014-12-20 15:31 - 00015327 _____ () C:\Users\oletadelku\Desktop\LM.bat
2014-12-20 15:11 - 2014-12-25 14:01 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-12-20 15:11 - 2014-12-20 15:11 - 00001105 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-12-20 15:11 - 2014-12-20 15:11 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-12-20 15:08 - 2014-12-20 15:10 - 04700448 _____ (Gaijin Entertainment ) C:\Users\oletadelku\Downloads\wt_launcher_1.0.1.467.exe
2014-12-19 15:11 - 2014-12-19 15:11 - 02891074 _____ () C:\Users\oletadelku\Downloads\2pudorysy.3dm
2014-12-19 11:14 - 2014-12-19 11:14 - 01582167 _____ () C:\Users\oletadelku\Downloads\frani_sramka_20141202.dwg
2014-12-15 15:24 - 2014-12-20 16:29 - 00001498 _____ () C:\Users\oletadelku\Desktop\plot.log
2014-12-15 14:59 - 2014-12-15 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-15 14:43 - 2014-12-20 16:15 - 00291549 _____ () C:\Users\oletadelku\Desktop\kuchyne.dwg
2014-12-15 14:43 - 2014-12-20 16:06 - 00255122 _____ () C:\Users\oletadelku\Desktop\kuchyne.bak
2014-12-14 20:46 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\oletadelku\Downloads\adwcleaner_4.105.exe
2014-12-14 20:45 - 2014-12-14 20:46 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-14 20:36 - 2014-12-14 20:36 - 00000000 ____D () C:\WTablet
2014-12-14 20:17 - 2014-12-23 17:44 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 20:16 - 2014-12-14 20:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-12-14 20:14 - 2014-12-14 20:14 - 01754248 _____ () C:\Users\oletadelku\Downloads\Adaware_Installer.exe
2014-12-14 20:06 - 2014-12-14 20:09 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-14 20:06 - 2014-12-14 20:06 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-14 20:06 - 2014-12-14 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-14 20:06 - 2014-12-14 20:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-14 20:05 - 2014-12-14 20:05 - 05162080 _____ (Piriform Ltd) C:\Users\oletadelku\Downloads\ccsetup500.exe
2014-12-13 16:19 - 2014-12-13 16:19 - 05116284 _____ () C:\Users\oletadelku\Downloads\Roots_and_Leaves___Tree_Brush_by_Winerla.rar
2014-12-13 15:33 - 2014-12-13 18:15 - 46183191 _____ () C:\Users\oletadelku\Downloads\model_5.3dm
2014-12-13 15:33 - 2014-12-13 15:35 - 46061284 _____ () C:\Users\oletadelku\Downloads\model_5.3dmbak
2014-12-13 13:25 - 2014-12-13 13:25 - 00000203 ____H () C:\Users\oletadelku\Downloads\dobratice_20141125.dwl2
2014-12-13 13:25 - 2014-12-13 13:25 - 00000053 ____H () C:\Users\oletadelku\Downloads\dobratice_20141125.dwl
2014-12-13 13:22 - 2014-12-13 13:22 - 00232048 _____ () C:\Users\oletadelku\Downloads\SL_03_098 (1).dwg
2014-12-12 20:32 - 2014-12-12 20:21 - 02778565 _____ () C:\Users\oletadelku\Downloads\dobratice_20141125.bak
2014-12-12 20:21 - 2014-12-12 20:32 - 02939708 _____ () C:\Users\oletadelku\Downloads\dobratice_20141125.dwg
2014-12-12 08:41 - 2014-12-12 08:41 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 01:01 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 01:01 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 01:01 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 01:01 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 01:01 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 01:01 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 01:01 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 01:01 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 01:01 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 01:01 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 23:49 - 2014-12-12 01:00 - 01633383 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1211_axonometrie_4.3dm
2014-12-11 23:49 - 2014-12-11 23:49 - 01652449 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1211_axonometrie_4.3dm.bak
2014-12-11 23:30 - 2014-12-23 17:58 - 00000000 ____D () C:\AdwCleaner
2014-12-11 21:49 - 2014-12-11 21:50 - 18119856 _____ (Adobe Systems Incorporated) C:\Users\oletadelku\Downloads\install_flash_player.exe
2014-12-11 21:47 - 2014-12-11 21:47 - 00000000 ____D () C:\Windows\Sun
2014-12-11 21:43 - 2014-12-11 21:43 - 00000057 ____H () C:\Users\oletadelku\Downloads\DOBRATICE_1124_axonometrie_5.3dm.rhl
2014-12-11 21:42 - 2014-12-11 21:43 - 01479357 _____ () C:\Users\oletadelku\Downloads\DOBRATICE_1124_axonometrie_5.3dm
2014-12-11 21:42 - 2014-12-11 21:42 - 00244264 _____ () C:\Users\oletadelku\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-11 21:20 - 2014-12-11 21:20 - 00638888 _____ (Oracle Corporation) C:\Users\oletadelku\Downloads\jxpiinstall(1).exe
2014-12-11 21:19 - 2014-12-11 21:19 - 00000000 ____D () C:\Users\oletadelku\Documents\Java
2014-12-11 21:18 - 2014-12-11 21:18 - 00640392 _____ () C:\Users\oletadelku\Downloads\setup(1).exe
2014-12-11 20:13 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 20:13 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 20:13 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 20:13 - 2014-11-21 09:37 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 20:13 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 20:13 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 20:13 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 20:13 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 20:13 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 20:13 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 20:13 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 20:13 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 20:13 - 2014-11-21 07:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 20:13 - 2014-11-21 07:24 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 20:13 - 2014-11-21 07:05 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-11 20:13 - 2014-11-21 06:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-11 20:11 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 20:11 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 20:11 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 20:11 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 20:11 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 20:11 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 20:11 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 20:11 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 20:11 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 20:11 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 20:11 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 20:11 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 20:11 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 20:11 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 20:11 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 20:11 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 20:11 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 12:15 - 2014-11-25 13:54 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\uTorrent
2014-12-31 12:09 - 2014-06-30 17:03 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Skype
2014-12-31 12:09 - 2014-04-14 06:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-31 11:57 - 2014-03-24 18:14 - 00000000 ____D () C:\Users\oletadelku\AppData\Local\cache
2014-12-31 11:56 - 2014-09-11 10:44 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-31 11:54 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-31 11:54 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-31 11:51 - 2014-01-13 18:56 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-12-31 11:51 - 2014-01-13 18:56 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-12-31 11:51 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-31 11:49 - 2014-10-01 17:12 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\WTablet
2014-12-31 11:49 - 2014-09-11 10:44 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-31 11:47 - 2014-01-14 06:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-31 11:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-30 10:04 - 2014-01-13 10:01 - 01115787 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 09:22 - 2014-06-04 10:35 - 00703295 _____ () C:\Windows\system32\webservice4.log
2014-12-25 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-25 15:06 - 2014-03-24 10:55 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\Adobe
2014-12-24 14:23 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-24 14:21 - 2009-07-14 03:34 - 90439680 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-12-24 14:21 - 2009-07-14 03:34 - 16515072 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-12-24 14:21 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-12-24 14:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-12-24 14:21 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-12-24 13:49 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-24 11:57 - 2014-09-11 11:02 - 00000000 ___RD () C:\Users\oletadelku\Disk Google
2014-12-23 22:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2014-12-23 17:51 - 2014-11-26 14:31 - 00000000 ____D () C:\jamor
2014-12-20 15:11 - 2014-03-24 16:18 - 00000000 ____D () C:\Users\oletadelku\Documents\My Games
2014-12-19 10:58 - 2014-04-14 06:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-15 17:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 21:06 - 2014-06-24 10:41 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-12-14 20:51 - 2014-03-25 09:33 - 00022935 _____ () C:\Users\oletadelku\rgmnr
2014-12-14 20:09 - 2014-04-23 22:54 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-12-14 20:09 - 2014-03-24 11:47 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\DAEMON Tools Lite
2014-12-14 20:09 - 2014-01-13 18:57 - 00000000 ____D () C:\Windows\Panther
2014-12-13 14:17 - 2014-07-17 12:53 - 00002632 _____ () C:\Users\oletadelku\Downloads\plot.log
2014-12-12 08:41 - 2014-05-18 17:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 08:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 01:03 - 2014-01-14 06:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 01:02 - 2014-01-14 06:50 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 23:34 - 2014-10-10 13:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-11 23:34 - 2014-06-30 17:02 - 00000000 ____D () C:\ProgramData\Skype
2014-12-11 22:09 - 2014-04-14 06:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 22:09 - 2014-04-14 06:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 22:09 - 2014-04-14 06:50 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 21:47 - 2014-08-27 23:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-11 21:42 - 2014-08-27 23:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-11 21:42 - 2014-08-27 23:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-11 20:14 - 2014-04-25 11:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 17:45

==================== End Of Log ============================

Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Dobrý den, já ani nepozdravil.

tady ten log:



Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by oletadelku at 2014-12-31 16:38:04 Run:1
Running from C:\Users\oletadelku\Desktop
Loaded Profile: oletadelku (Available profiles: OEM & oletadelku)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Run: [uTorrent] => C:\Users\oletadelku\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-11-25] (BitTorrent Inc.)
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\...\Policies\Explorer: []

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

FF Extension: S-Foxer - C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} [2014-11-26]

S3 avchv; system32\DRIVERS\avchv.sys [X]

2014-12-23 20:02 - 2014-12-23 20:02 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028(1).exe
2014-12-14 20:17 - 2014-12-23 17:44 - 00000000 ____D () C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics
2014-12-14 20:14 - 2014-12-14 20:14 - 01754248 _____ () C:\Users\oletadelku\Downloads\Adaware_Installer.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3195871368-2672936481-4290339880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Users\oletadelku\AppData\Roaming\Mozilla\Firefox\Profiles\wx848tm8.default\Extensions\{52808eeb-0d9f-4591-a030-e09f231d5342} => Moved successfully.
avchv => Service deleted successfully.
C:\Users\oletadelku\Downloads\mbam-setup-2.0.4.1028(1).exe => Moved successfully.
C:\Users\oletadelku\AppData\Roaming\LavasoftStatistics => Moved successfully.
C:\Users\oletadelku\Downloads\Adaware_Installer.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1 GB temporary data.


The system needed a reboot.

==== End of Fixlog 16:38:30 ====