VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu pls

https://forum.viry.cz:443/viewtopic.php?t=143720

Stránka 1 z 2

kontrola logu pls

Napsal: 29 bře 2015 14:35
od LTREVOR
Zdravím bratr mi přinesl notas a přestože se snažím ho pročistit myslím,že není vše uplně cajk...prosím o kontrolu ,děkuji vřele.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:14, on 29.3.2015
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\O2 Internet\O2 Internet.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\uzivatel\Downloads\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Envy Guides AutoPlay] C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [servant] C:\Users\uzivatel\AppData\Roaming\servant.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4EB1147B-D2CF-4920-92FB-8FC0E2595912}: NameServer = 194.228.211.33 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{5DF6E4AB-BBCA-4C87-9DBC-A4617AB84D50}: NameServer = 194.228.211.33 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C7349CD-6E0C-462F-928D-D8FCEDFDDB17}: NameServer = 160.218.167.5 160.218.161.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8705438-6C68-45F3-9CF2-DF5CC4A2F0AC}: NameServer = 194.228.211.33 160.218.161.60
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Documention Flash Card Detection Service (hpdoccardsvc) - Hewlett-Packard Developement Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\doccardsvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12891 bytes

Re: kontrola logu pls

Napsal: 29 bře 2015 15:22
od vyosek
Zdravim :)

:arrow: HJT je uz tak skoro 10 let zcela nedostacujici

:arrow: Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: kontrola logu pls

Napsal: 29 bře 2015 15:35
od LTREVOR
aha jsem kapku zabržděn :)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by uzivatel (administrator) on HP on 29-03-2015 16:30:02
Running from C:\Users\uzivatel\Downloads
Loaded Profiles: uzivatel (Available profiles: uzivatel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Users\uzivatel\AppData\Roaming\servant.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
() C:\Users\uzivatel\AppData\Roaming\servant.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\O2 Internet\O2 Internet.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(BitTorrent, Inc.) C:\Users\uzivatel\AppData\Roaming\uTorrent\utorrent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2014-03-28] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-12-16] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-14] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Envy Guides AutoPlay] => C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe [76584 2010-03-24] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-09-10] (Macrovision Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [68096 2012-04-25] (Hewlett-Packard Company)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [servant] => C:\Users\uzivatel\AppData\Roaming\servant.exe [8360430 2015-03-26] ()
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d758ff9-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759008-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759043-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759059-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d2520a-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d25376-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d253c6-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {19850438-7090-11e3-b6b2-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {23a42247-f694-11e2-b25f-c80aa9b2c6d4} - H:\starter.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {499dffd0-7c2d-11e2-a993-70f3952c1078} - G:\autorun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {4df3c412-62ad-11e3-8b22-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {82da5bc3-7769-11e2-924e-70f3952c1078} - G:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {ab28db37-c8b5-11e3-8b6f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {c4843db6-62a7-11e3-bdec-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {d43cbb60-d610-11e4-90b5-70f3952c1078} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {e281691b-670a-11e3-9a7c-c80aa9b2c6d4} - I:\AutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.yandex.ru/?win=75&clid=1976631
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebsearch.com/mywebsear ... earchTerms}
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> yandex.ru-230832 URL = http://start.myplaycity.com/results.php ... earchTerms}
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://yandex.ru/yandsearch?win=75&clid ... earchTerms}
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebsearch.com/mywebsear ... earchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-30] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2013-01-29] (Sun Microsystems, Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2013-01-29] (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-05-30] (EasyBits Software Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{4EB1147B-D2CF-4920-92FB-8FC0E2595912}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{5DF6E4AB-BBCA-4C87-9DBC-A4617AB84D50}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{6C7349CD-6E0C-462F-928D-D8FCEDFDDB17}: [NameServer] 160.218.167.5 160.218.161.60
Tcpip\..\Interfaces\{F8705438-6C68-45F3-9CF2-DF5CC4A2F0AC}: [NameServer] 194.228.211.33 160.218.161.60

FireFox:
========
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://home.mywebsearch.com/index.jhtml?ptb=6DE1D034-F3DE-4F86-B23D-7CD6BE06A2C7&n=77fc46e0&p2=^Z7^xdm487^S04371^cz
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=6DE1D034-F3DE-4F86-B23D-7CD6BE06A2C7&n=77fc46e0&ind=2013021920&p2=^Z7^xdm487^S04371^cz&searchfor=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_38 -> C:\Windows\SysWOW64\npdeployJava1.dll [2013-01-29] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2013-01-29] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin\NP4zStub.dll [2013-02-19] (MindSpark)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\my-web-search.xml [2013-02-19]
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\myplaycity.xml [2013-01-22]
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\yandex.ru-230832.xml [2013-06-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2013-10-17]
FF Extension: VideoDownloadConverter - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2013-03-21]
FF Extension: Xmarks - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\Extensions\foxmarks@kei.com [2014-05-31]
FF Extension: InstantFox - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\Extensions\searchy@searchy.xpi [2013-02-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [4zffxtbr@VideoDownloadConverter_4z.com] - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin
FF Extension: VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\2.bin [2013-02-19]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2014-03-28]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> askws
CHR DefaultSearchURL: Default -> http://search.tb.ask.com/search/GGmain. ... pconverter
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?q={searchTer ... ype=prefix
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb [2015-03-29]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\llfmkjppmncfcgdebajkjnopgodlcaoe [2014-11-24]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbfhailolkhiipdcbindehaaglcbnnn [2015-03-28]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nglnnifljabmkcecofpnlokcgnmbecia [2014-07-12]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\njbcfghpoodhahbegndmbojmgkibhiol [2015-03-29]
CHR Extension: (Google Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-02-08] (DeviceVM, Inc.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-07] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 hpdoccardsvc; C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\doccardsvc.exe [83240 2010-03-24] (Hewlett-Packard Developement Company, L.P.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe [244736 2010-01-14] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-21] (DT Soft Ltd)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2010-01-29] (DeviceVM, Inc.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Huawei Tech. Co., Ltd.)
R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [244736 2013-02-17] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-07-15] () [File not signed]
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 16:30 - 2015-03-29 16:30 - 00025832 _____ () C:\Users\uzivatel\Downloads\FRST.txt
2015-03-29 16:28 - 2015-03-29 16:30 - 00000000 ____D () C:\FRST
2015-03-29 16:27 - 2015-03-29 16:27 - 02095616 _____ (Farbar) C:\Users\uzivatel\Downloads\FRST64.exe
2015-03-29 16:26 - 2015-03-29 16:28 - 00000000 ____D () C:\Users\uzivatel\Downloads\Vikings.S03E06.HDTV.x264-KILLERS[ettv]
2015-03-29 16:26 - 2015-03-29 16:26 - 00000000 ____D () C:\Users\uzivatel\Downloads\King Diamond - Dreams of Horror (2014)
2015-03-29 16:13 - 2015-03-29 16:13 - 00000953 _____ () C:\Users\uzivatel\Desktop\µTorrent.lnk
2015-03-29 16:13 - 2015-03-29 16:13 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-03-29 16:12 - 2015-03-29 16:30 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\uTorrent
2015-03-29 16:12 - 2015-03-29 16:12 - 02168592 _____ (emc) C:\Users\uzivatel\Downloads\uTorrent221.exe
2015-03-29 16:01 - 2015-03-29 16:02 - 01761992 _____ (ESET) C:\Users\uzivatel\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-03-29 15:56 - 2015-03-29 16:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-29 15:56 - 2015-03-29 16:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-29 15:56 - 2015-03-29 15:56 - 00001351 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-03-29 15:56 - 2015-03-29 15:56 - 00001339 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-29 15:56 - 2015-03-29 15:56 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-29 15:56 - 2015-03-29 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-03-29 15:56 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-03-29 15:45 - 2015-03-29 15:46 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\uzivatel\Downloads\spybot-2.4.exe
2015-03-29 15:28 - 2015-03-29 15:35 - 00012893 _____ () C:\Users\uzivatel\Downloads\hijackthis.log
2015-03-29 15:28 - 2015-03-29 15:28 - 00401720 _____ (Trend Micro Inc.) C:\Users\uzivatel\Downloads\HijackThis.exe
2015-03-29 15:24 - 2015-03-29 15:24 - 00276900 _____ () C:\Users\uzivatel\Documents\cc_20150329_152423.reg
2015-03-29 14:55 - 2015-03-29 14:55 - 05344528 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504.exe
2015-03-29 14:55 - 2015-03-29 14:55 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-03-29 14:55 - 2015-03-29 14:55 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-29 14:55 - 2015-03-29 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-29 14:55 - 2015-03-29 14:55 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-29 14:51 - 2015-03-29 14:51 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-03-28 17:14 - 2015-03-28 17:14 - 02007336 _____ (Crawler, LLC ) C:\Users\uzivatel\Downloads\24x7help.exe
2015-03-28 17:05 - 2015-03-28 17:06 - 08402592 _____ (Crawler Group ) C:\Users\uzivatel\Downloads\SpywareTerminatorSetup.exe
2015-03-27 21:31 - 2015-03-27 21:33 - 05346704 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504pro (1).exe
2015-03-27 21:31 - 2015-03-27 21:32 - 05346704 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504pro.exe
2015-03-26 20:28 - 2015-03-26 20:28 - 00003220 _____ () C:\Windows\System32\Tasks\winoperatesysschedule
2015-03-26 20:24 - 2015-03-26 20:28 - 08360430 _____ () C:\Users\uzivatel\AppData\Roaming\servant.exe
2015-03-26 20:24 - 2015-03-26 20:27 - 06134856 _____ () C:\Users\uzivatel\AppData\Roaming\updater999.exe
2015-03-26 20:23 - 2015-03-26 20:23 - 06296198 _____ () C:\Users\uzivatel\Downloads\YoutubePlayer7.exe
2015-03-26 03:38 - 2015-03-29 14:54 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForuzivatel
2015-03-26 03:38 - 2015-03-29 14:54 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForuzivatel.job
2015-03-25 16:10 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 16:10 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 16:10 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 16:10 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 16:10 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 16:10 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 16:10 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 16:10 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-11 16:54 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 16:54 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 16:54 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 16:54 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 16:54 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 16:54 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 16:54 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 16:54 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 16:54 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 16:54 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 16:54 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:54 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 16:54 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 16:54 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 16:54 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 16:54 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 16:54 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 16:54 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 16:54 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 16:54 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 16:54 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 16:54 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 16:54 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 16:54 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 16:54 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 16:53 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 16:53 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 16:53 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 16:53 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 16:53 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 16:53 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 16:53 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 16:53 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 16:53 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 16:53 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 16:53 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 16:51 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 16:51 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 16:51 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 16:51 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 16:50 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 16:50 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 16:50 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 16:50 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 16:50 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 16:50 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 16:50 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 16:50 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 16:50 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 16:50 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 16:50 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 16:50 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 16:50 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 16:50 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 16:50 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:50 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:50 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 16:50 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 16:50 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 16:49 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 16:49 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 16:49 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 16:49 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 16:49 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 16:49 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 16:49 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 16:49 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 16:49 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 16:49 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 16:49 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 16:49 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 16:49 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 16:49 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 16:49 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 16:49 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:49 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 16:49 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 16:49 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 16:49 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 16:49 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 16:49 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 16:49 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 16:49 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 16:49 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 16:49 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 16:49 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 16:49 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 16:49 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 16:49 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 16:49 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 16:49 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:49 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 16:49 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 16:49 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 16:49 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 16:49 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 16:49 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 16:49 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 16:49 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 16:49 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 16:49 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 16:49 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 16:49 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 16:49 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 16:49 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 16:49 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 16:49 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 16:49 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 16:49 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 16:49 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 16:49 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 16:49 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 16:49 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 16:49 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 16:49 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 16:49 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 16:49 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 16:21 - 2013-12-12 07:11 - 01656320 ___SH () C:\Users\uzivatel\Downloads\Thumbs.db
2015-03-29 16:20 - 2014-01-10 21:33 - 00096256 ___SH () C:\Users\uzivatel\Documents\Thumbs.db
2015-03-29 16:18 - 2013-01-29 16:58 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-29 16:16 - 2010-05-18 01:45 - 01059289 _____ () C:\Windows\WindowsUpdate.log
2015-03-29 16:14 - 2013-02-21 18:49 - 00000000 ____D () C:\Program Files (x86)\3do
2015-03-29 15:54 - 2013-06-09 23:08 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2015-03-29 15:44 - 2013-02-15 19:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 15:18 - 2013-01-29 16:58 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-29 14:56 - 2010-05-30 14:07 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2015-03-29 14:56 - 2010-05-30 14:07 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2015-03-29 14:56 - 2009-07-14 07:13 - 00833938 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-29 14:54 - 2013-04-28 21:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Skype
2015-03-29 14:54 - 2013-01-29 15:39 - 00000000 ____D () C:\Users\uzivatel
2015-03-29 14:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-29 14:48 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-29 14:48 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-29 14:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-29 14:30 - 2010-05-30 04:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-29 14:00 - 2013-03-05 22:26 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Unity
2015-03-29 13:57 - 2014-10-21 21:07 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\BitTorrent
2015-03-29 13:52 - 2013-02-21 19:05 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-03-29 13:51 - 2013-08-16 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-03-26 03:32 - 2014-12-11 14:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 03:32 - 2014-05-07 14:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-23 19:34 - 2013-04-06 10:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-23 16:13 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-21 11:19 - 2013-01-29 16:58 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-15 21:11 - 2013-01-29 16:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\VirtualStore
2015-03-14 19:52 - 2013-05-29 18:57 - 00000000 ____D () C:\Users\uzivatel\Documents\Thief - Deadly Shadows
2015-03-14 03:14 - 2013-01-30 01:22 - 00000000 ____D () C:\ProgramData\Recovery
2015-03-14 03:12 - 2013-12-08 15:45 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Codemasters
2015-03-14 03:12 - 2013-11-22 22:01 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Faerie Solitaire
2015-03-14 03:12 - 2013-11-16 15:15 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\FUEL
2015-03-14 03:12 - 2013-10-26 13:19 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\kaneandlynch
2015-03-14 03:12 - 2013-05-18 13:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Device Doctor
2015-03-14 03:12 - 2013-04-28 21:28 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\InstallShield
2015-03-14 03:12 - 2013-02-20 00:44 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\TrafficSpaceLLC
2015-03-14 03:12 - 2013-02-16 02:00 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\funkitron
2015-03-14 03:12 - 2013-01-29 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-14 03:12 - 2013-01-29 16:57 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Apps\2.0
2015-03-14 03:12 - 2013-01-29 16:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Hewlett-Packard
2015-03-14 03:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-14 03:11 - 2014-11-09 20:38 - 00000000 ____D () C:\Users\uzivatel\Documents\Bus Driver
2015-03-14 03:11 - 2014-09-02 17:49 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dungeon Keeper 2 CZ ver.1.0
2015-03-14 03:11 - 2014-08-15 16:31 - 00000000 ____D () C:\Users\uzivatel\Documents\GF
2015-03-14 03:11 - 2013-09-29 12:55 - 00000000 ____D () C:\Users\uzivatel\Fairy Tale
2015-03-14 03:11 - 2013-09-27 16:25 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\WildTangentv1002
2015-03-14 03:11 - 2013-09-20 16:57 - 00000000 ____D () C:\Users\uzivatel\Documents\Chaos A.D
2015-03-14 03:11 - 2013-09-20 16:54 - 00000000 ____D () C:\Users\uzivatel\Documents\Roots
2015-03-14 03:11 - 2013-09-20 16:54 - 00000000 ____D () C:\Users\uzivatel\Documents\Aganist
2015-03-14 03:11 - 2013-09-20 16:33 - 00000000 ____D () C:\Users\uzivatel\Documents\skins-song
2015-03-14 03:11 - 2013-06-24 16:48 - 00000000 ____D () C:\Users\uzivatel\Documents\Inquisitor_SaveGames
2015-03-14 03:11 - 2013-05-16 19:17 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Ulozto File Manager
2015-03-14 03:11 - 2013-04-09 06:23 - 00000000 ____D () C:\Users\uzivatel\FreeRapid-0.9u1
2015-03-14 03:11 - 2013-02-21 17:34 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-14 03:11 - 2013-02-16 00:58 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-14 03:11 - 2013-02-15 16:10 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\WildTangent
2015-03-14 03:11 - 2013-01-29 15:39 - 00000000 ___RD () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-14 03:11 - 2013-01-29 15:39 - 00000000 ___RD () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-14 03:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-14 03:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-14 03:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-13 18:16 - 2013-11-22 18:04 - 00345248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:03 - 2013-09-21 16:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 15:48 - 2013-01-30 10:53 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-03 15:17 - 2013-01-29 16:57 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-02-17 15:09 - 2013-01-29 16:53 - 0178728 _____ () C:\Program Files (x86)\4zres.dll
2013-02-17 15:09 - 2013-01-29 16:53 - 0707728 _____ (MindSpark) C:\Program Files (x86)\4zUninstall VideoDownloadConverter.dll
2015-03-26 20:24 - 2015-03-26 20:28 - 8360430 _____ () C:\Users\uzivatel\AppData\Roaming\servant.exe
2015-03-26 20:24 - 2015-03-26 20:27 - 6134856 _____ () C:\Users\uzivatel\AppData\Roaming\updater999.exe
2013-02-20 20:52 - 2013-04-10 21:12 - 0024247 _____ () C:\Users\uzivatel\AppData\Roaming\UserTile.png
2013-07-16 18:55 - 2013-07-16 18:55 - 0007607 _____ () C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg
2013-06-09 23:08 - 2013-06-09 23:08 - 0000003 _____ () C:\Users\uzivatel\AppData\Local\updater.log
2013-06-09 23:08 - 2014-12-20 23:02 - 0000425 _____ () C:\Users\uzivatel\AppData\Local\UserProducts.xml
2010-05-18 02:04 - 2010-05-18 02:04 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-05-30 06:42 - 2010-05-30 06:43 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-05-18 02:03 - 2010-05-18 02:03 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-05-30 06:38 - 2010-05-30 06:39 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-05-18 02:03 - 2010-05-18 02:03 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-05-18 02:04 - 2010-05-18 02:04 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-05-30 06:38 - 2010-05-30 06:38 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-05-30 06:39 - 2010-05-30 06:42 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-05-18 02:04 - 2010-05-18 02:04 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 21:49

==================== End Of Log ============================

Re: kontrola logu pls

Napsal: 29 bře 2015 15:41
od vyosek
:arrow: Odinstalujte Spybot - uz ma nejlepsi za sebou a neni schopen reagovat na aktualni havet

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
:arrow: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
  • Ulozte nejlepe na Plochu a rozbalte
  • Spustte kliknutim na mbar
  • Nyni postupne kliknete na Next a Update
  • Po dokonceni update (aktualizace) databaze kliknete opet na Next
  • Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
  • Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
  • Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
  • Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
  • PC bude restartovan
  • Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Re: kontrola logu pls

Napsal: 29 bře 2015 17:02
od LTREVOR
Splněno :oops:


# AdwCleaner v4.113 - Logfile created 29/03/2015 at 17:10:50
# Updated 22/03/2015 by Xplode
# Database : 2015-03-28.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : uzivatel - HP
# Running from : C:\Users\uzivatel\Desktop\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\video download converter
Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter_4z
Folder Deleted : C:\Program Files (x86)\video download converter
Folder Deleted : C:\Users\uzivatel\AppData\Local\VideoDownloadConverter_4z
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\iac
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\VideoDownloadConverter_4z
Folder Deleted : C:\Users\uzivatel\Documents\video download converter
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com
[!] Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\Extensions\searchy@searchy.xpi
Folder Deleted : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nglnnifljabmkcecofpnlokcgnmbecia
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\myplaycity.xml
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\my-web-search.xml

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [4zffxtbr@VideoDownloadConverter_4z.com]
Key Deleted : HKLM\SOFTWARE\Classes\AmiBs.Installer
Key Deleted : HKLM\SOFTWARE\Classes\AmiBs.Installer.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF6E4B1C-DBDE-457E-9CEF-AB8ECAC8A5E8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\yandex.ru-230832
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Deleted : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\VideoDownloadConverter_4z
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (cs)

[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=6DE1D034-F3DE-4F86-B23D-7CD6BE06A2C7&n=77fc46e0&p2=^Z7^xdm487^S04371^cz");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=undefined&n=77fc454c&ptnrS=HJxpi000YY");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.user.defined", true);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013021516");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "HJxpi000YY");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", false);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "undefined");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", false);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", false);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", false);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.searchHistory", "facebook");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=6DE1D034-F3DE-4F86-B23D-7CD6BE06A2C7&n=77fc46e0&p2=^Z7^xdm487^S04371^cz");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.hp.enabled", true);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.hp.lastGuardTime", 1013123847);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.hp.numGuards", 1);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.initialized", true);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.contextKey", "");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.installDate", "2013021920");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.partnerId", "^Z7^xdm487^S04371^cz");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.partnerSubId", "");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.success", true);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.toolbarId", "6DE1D034-F3DE-4F86-B23D-7CD6BE06A2C7");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.lastActivePing", "1367161475054");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.options.defaultSearch", true);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.options.homePageEnabled", true);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.options.keywordEnabled", false);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.options.tabEnabled", false);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.searchHistory", "facebookemanuel toplenny kravitz ill be waitinglenny krawitzfacebook.comPENZION HESTIAseznam.czseznam czshemales[...]
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.weather.location", "10001");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "gamingwonderland@mindspark.com");
[6bdt0eon.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=6DE1D034-F3DE-4F86-B23D-7CD6BE06A2C7&n=77fc46e0&ind=2013021920&p2=^Z7^xdm487^S04371^cz&searchfor=");

-\\ Google Chrome v41.0.2272.101

[C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.myplaycity.com/results.php?category=web&s={searchTerms}
[C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=791F51DF-9871-495E-A58C-DA0755213C5C&n=77fda85a&ind=2013112410&p2=^AYY^xdm095^YYA^cz&si=pconverter
[C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=791F51DF-9871-495E-A58C-DA0755213C5C&n=77fda85a&ind=2013112410&p2=^AYY^xdm095^YYA^cz&si=pconverter

-\\ Chromium v

[C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.myplaycity.com/results.php?category=web&s={searchTerms}
[C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=791F51DF-9871-495E-A58C-DA0755213C5C&n=77fda85a&ind=2013112410&p2=^AYY^xdm095^YYA^cz&si=pconverter
[C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=791F51DF-9871-495E-A58C-DA0755213C5C&n=77fda85a&ind=2013112410&p2=^AYY^xdm095^YYA^cz&si=pconverter

*************************

AdwCleaner[R0].txt - [17136 bytes] - [29/03/2015 17:07:16]
AdwCleaner[S0].txt - [17834 bytes] - [29/03/2015 17:10:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17894 bytes] ##########

---------------------------------------------------------------------------------------------------------------------------------------------------------

Zoek.exe v5.0.0.0 Updated 28-March-2015
Tool run by uzivatel on ne 29.03.2015 at 17:16:59,53.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\uzivatel\Desktop\zoek(1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29.3.2015 17:19:45 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Brany Skeldalu deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\MyPlayCity.com deleted successfully
C:\PROGRA~2\Skillbrains deleted successfully
C:\PROGRA~3\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} deleted successfully
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully
C:\Users\uzivatel\AppData\Roaming\BitTorrent deleted successfully
C:\Users\uzivatel\AppData\Roaming\HpUpdate deleted successfully
C:\Users\uzivatel\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\uzivatel\AppData\Local\HP MediaSmart Video deleted successfully
C:\Users\uzivatel\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF059E31-CC5A-4E2E-BF3B-96E929D65503} deleted successfully
HKEY_USERS\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{395610AE-C624-4F58-B89E-23733EA00F9A} deleted successfully
HKEY_USERS\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{395610AE-C624-4F58-B89E-23733EA00F9A} deleted successfully
HKEY_USERS\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9F6B5CC3-5C7B-4B5C-97AF-19DEC1E380E5} deleted successfully
HKEY_USERS\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95D9ECF5-2A4D-4550-BE49-70D42F71296E} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{395610AE-C624-4F58-B89E-23733EA00F9A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\prefs.js:
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Brany Skeldalu not found
C:\PROGRA~2\MyPlayCity.com not found
C:\PROGRA~2\Skillbrains not found
C:\PROGRA~3\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} not found
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found
C:\PROGRA~2\Alawar deleted
C:\Users\uzivatel\AppData\Roaming\Alawar deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\uzivatel\AppData\Local\updater.log deleted
C:\Users\Public\Documents\iWin deleted
C:\Users\uzivatel\Downloads\iLividSetup.exe deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\uzivatel\AppData\Roaming\updater999.exe deleted
"C:\Users\uzivatel\AppData\Roaming\servant.exe" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt" [28.03.2014 21:30]

==== Firefox Extensions ======================

ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default
- Xmarks - %ProfilePath%\extensions\foxmarks@kei.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
5BF37947AF594EAC3D6F8405405D2541 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 6.0.380.5
F7E675EBDE6DA3A1665F2DCFA683322F - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chromium Look ======================

Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]


==== Chromium Startpages ======================

C:\Users\uzivatel\AppData\Local\Chromium\User Data\Default\Preferences
{"ntp":{"shown_sections":64,"shown_page":1024},"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?win=75&clid=19766 ... on_startup":["http://www.yandex.ru/?win=75&clid=1976631"]},"browser":{"show_home_button":true}}

C:\Users\uzivatel\AppData\Local\Nichrome\User Data\Default\Preferences
{"ntp":{"shown_sections":64,"shown_page":1024},"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?win=75&clid=19766 ... on_startup":["http://www.yandex.ru/?win=75&clid=19766 ... id=1976631"]},"browser":{"show_home_button":true}}

C:\Users\uzivatel\AppData\Local\Xpom\User Data\Default\Preferences
{"ntp":{"shown_sections":64,"shown_page":1024},"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?win=75&clid=19766 ... on_startup":["http://www.yandex.ru/?win=75&clid=1976631"]},"browser":{"show_home_button":true}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.bing.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\y]
@="http://yandex.ru/yandsearch?win=75&clid=1976635&text=%s"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"

==== Reset Google Chrome ======================

C:\Users\uzivatel\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences.lpbak was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences_20130609230828.backup was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Nichrome\User Data\Default\Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Xpom\User Data\Default\Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data_20130609230828.backup was reset successfully
C:\Users\uzivatel\AppData\Local\Nichrome\User Data\Default\Web Data was reset successfully
C:\Users\uzivatel\AppData\Local\Xpom\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\uzivatel\AppData\Local\Mozilla\Firefox\Profiles\6bdt0eon.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=328 folders=39 30138435 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\uzivatel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\uzivatel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on ne 29.03.2015 at 17:38:51,31 ======================

---------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 29.3.2015
Čas skenování: 17:43:53
Protokol: malwares.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.29.06
Databáze rootkitů: v2015.03.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: uzivatel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 354495
Uplynulý čas: 16 min, 5 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 7
PUP.Optional.MindSpark.A, C:\Users\uzivatel\Downloads\EliteUnzipSetup.exe, Žádná akce od uživatele, [15353912157546f0484cfdf4857c43bd],
PUP.Optional.Amonetize, C:\Users\uzivatel\Downloads\FlashPlayer__4369_i648249009_il6.exe, Žádná akce od uživatele, [3d0d99b25c2e181efa110ebd81804bb5],
PUP.Optional.24x7Help.A, C:\Users\uzivatel\Downloads\24x7help.exe, Žádná akce od uživatele, [0545e06b8a0088aee9098629d52c3fc1],
PUP.Optional.MindSpark.A, C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pfkanglmmnniiolknlhaajllgmlgcdkj_0.localstorage, Žádná akce od uživatele, [29210b40d8b2280ef296caffca390df3],
PUP.Optional.MindSpark.A, C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nglnnifljabmkcecofpnlokcgnmbecia_0.localstorage, Žádná akce od uživatele, [bb8fef5c197105313e42241654b17987],
Trojan.Dropper.NS, C:\Users\uzivatel\Downloads\GotClip_Setup.exe, Do karantény, [400aac9fdab045f15f127fe226dfaf51],
Trojan.Downloader, C:\Users\uzivatel\Downloads\YoutubePlayer7.exe, Do karantény, [a1a9222993f73bfb9aad91945aa9ca36],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Re: kontrola logu pls

Napsal: 29 bře 2015 17:04
od vyosek
:arrow: Supr, dobre procisteno

:arrow: Poprosim o novy log z FRST

Re: kontrola logu pls

Napsal: 29 bře 2015 17:16
od LTREVOR
# AdwCleaner v4.113 - Logfile created 29/03/2015 at 18:09:08
# Updated 22/03/2015 by Xplode
# Database : 2015-03-28.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : uzivatel - HP
# Running from : C:\Users\uzivatel\Desktop\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\DeviceVM

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v24.0 (cs)


-\\ Google Chrome v41.0.2272.101


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [17136 bytes] - [29/03/2015 17:07:16]
AdwCleaner[R1].txt - [962 bytes] - [29/03/2015 18:07:46]
AdwCleaner[S0].txt - [18035 bytes] - [29/03/2015 17:10:50]
AdwCleaner[S1].txt - [892 bytes] - [29/03/2015 18:09:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [950 bytes] ##########

Re: kontrola logu pls

Napsal: 29 bře 2015 17:18
od vyosek
To je AdwCleaner, ja chci FRST (ten co jsme delali hned na uvod) http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: kontrola logu pls

Napsal: 29 bře 2015 17:26
od LTREVOR
sorry

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by uzivatel (administrator) on HP on 29-03-2015 18:23:11
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
() C:\Program Files (x86)\O2 Internet\O2 Internet.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\GfxUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Farbar) C:\Users\uzivatel\Desktop\FRST64(1).exe

Re: kontrola logu pls

Napsal: 29 bře 2015 17:30
od vyosek
Log neni cely, pockejte na jeho dokonceni, FRST vyhodi informacni okenka o jeho dokonceni

Re: kontrola logu pls

Napsal: 29 bře 2015 17:33
od LTREVOR
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by uzivatel (administrator) on HP on 29-03-2015 18:23:11
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
() C:\Program Files (x86)\O2 Internet\O2 Internet.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\GfxUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Farbar) C:\Users\uzivatel\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2014-03-28] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-12-16] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-14] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Envy Guides AutoPlay] => C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe [76584 2010-03-24] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-09-10] (Macrovision Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [68096 2012-04-25] (Hewlett-Packard Company)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [servant] => C:\Users\uzivatel\AppData\Roaming\servant.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d758ff9-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759008-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759043-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759059-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d2520a-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d25376-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d253c6-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {19850438-7090-11e3-b6b2-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {23a42247-f694-11e2-b25f-c80aa9b2c6d4} - H:\starter.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {499dffd0-7c2d-11e2-a993-70f3952c1078} - G:\autorun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {4df3c412-62ad-11e3-8b22-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {82da5bc3-7769-11e2-924e-70f3952c1078} - G:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {ab28db37-c8b5-11e3-8b6f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {c4843db6-62a7-11e3-bdec-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {d43cbb60-d610-11e4-90b5-70f3952c1078} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {e281691b-670a-11e3-9a7c-c80aa9b2c6d4} - I:\AutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.yandex.ru/?win=75&clid=1976631
SearchScopes: HKLM-x32 -> {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-30] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2013-01-29] (Sun Microsystems, Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2013-01-29] (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-05-30] (EasyBits Software Corp.)
Tcpip\..\Interfaces\{4EB1147B-D2CF-4920-92FB-8FC0E2595912}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{5DF6E4AB-BBCA-4C87-9DBC-A4617AB84D50}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{6C7349CD-6E0C-462F-928D-D8FCEDFDDB17}: [NameServer] 160.218.167.5 160.218.161.60
Tcpip\..\Interfaces\{F8705438-6C68-45F3-9CF2-DF5CC4A2F0AC}: [NameServer] 194.228.211.33 160.218.161.60

FireFox:
========
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_38 -> C:\Windows\SysWOW64\npdeployJava1.dll [2013-01-29] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2013-01-29] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\yandex.ru-230832.xml [2013-06-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2013-10-17]
FF Extension: Xmarks - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\Extensions\foxmarks@kei.com [2014-05-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2014-03-28]

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb [2015-03-29]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\llfmkjppmncfcgdebajkjnopgodlcaoe [2014-11-24]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbfhailolkhiipdcbindehaaglcbnnn [2015-03-28]
CHR Extension: (No Name) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\njbcfghpoodhahbegndmbojmgkibhiol [2015-03-29]
CHR Extension: (Google Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-02-08] (DeviceVM, Inc.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-07] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 hpdoccardsvc; C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\doccardsvc.exe [83240 2010-03-24] (Hewlett-Packard Developement Company, L.P.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe [244736 2010-01-14] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-21] (DT Soft Ltd)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2010-01-29] (DeviceVM, Inc.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Huawei Tech. Co., Ltd.)
R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [244736 2013-02-17] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-07-15] () [File not signed]
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 18:23 - 2015-03-29 18:23 - 00020994 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2015-03-29 18:22 - 2015-03-29 18:22 - 02095616 _____ (Farbar) C:\Users\uzivatel\Downloads\FRST64(1)(1).exe
2015-03-29 18:22 - 2015-03-29 18:22 - 02095616 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64(1).exe
2015-03-29 18:01 - 2015-03-29 18:01 - 00002219 _____ () C:\Users\uzivatel\Desktop\malwares.txt
2015-03-29 17:39 - 2015-03-29 17:39 - 00012678 _____ () C:\Users\uzivatel\Desktop\zoek-results.txt
2015-03-29 17:39 - 2015-03-29 17:39 - 00000000 ____D () C:\Users\uzivatel\Documents\Nová složka
2015-03-29 17:36 - 2015-03-29 17:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-29 17:19 - 2015-03-29 17:38 - 00012678 _____ () C:\zoek-results.log
2015-03-29 17:18 - 2015-03-29 17:18 - 00018035 _____ () C:\Users\uzivatel\Desktop\AdwCleaner[S0].txt
2015-03-29 17:16 - 2015-03-29 17:37 - 00000000 ____D () C:\zoek_backup
2015-03-29 17:13 - 2015-03-29 18:11 - 00000012 ____H () C:\dvmexp.idx
2015-03-29 17:12 - 2015-03-29 17:13 - 00000000 ____D () C:\temp
2015-03-29 17:12 - 2015-03-29 17:12 - 00000000 ___HD () C:\dvmexp
2015-03-29 17:08 - 2015-03-29 17:08 - 01305600 _____ () C:\Users\uzivatel\Desktop\zoek(1).exe
2015-03-29 17:07 - 2015-03-29 17:07 - 01305600 _____ () C:\Users\uzivatel\Downloads\zoek.exe
2015-03-29 17:06 - 2015-03-29 18:12 - 00000000 ____D () C:\AdwCleaner
2015-03-29 17:05 - 2015-03-29 17:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-29 17:04 - 2015-03-29 17:04 - 02168320 _____ () C:\Users\uzivatel\Desktop\adwcleaner_4.113.exe
2015-03-29 17:04 - 2015-03-29 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-29 17:04 - 2015-03-29 17:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-29 17:04 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-29 17:04 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-29 17:00 - 2015-03-29 17:04 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-29 17:00 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-29 16:58 - 2015-03-29 18:10 - 00006380 _____ () C:\Windows\PFRO.log
2015-03-29 16:58 - 2015-03-29 18:10 - 00001205 _____ () C:\Windows\setupact.log
2015-03-29 16:58 - 2015-03-29 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-29 16:48 - 2015-03-29 16:48 - 00000997 _____ () C:\Users\uzivatel\Desktop\The KMPlayer.lnk
2015-03-29 16:48 - 2015-03-29 16:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-03-29 16:47 - 2015-03-29 16:48 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2015-03-29 16:43 - 2015-03-29 16:46 - 56181787 _____ (RePack by CUTA ) C:\Users\uzivatel\Downloads\The KMPlayer 3.9.1.132 repack by cuta (2.6).exe
2015-03-29 16:31 - 2015-03-29 16:32 - 00045733 _____ () C:\Users\uzivatel\Downloads\Addition.txt
2015-03-29 16:30 - 2015-03-29 16:32 - 00063095 _____ () C:\Users\uzivatel\Downloads\FRST.txt
2015-03-29 16:28 - 2015-03-29 18:23 - 00000000 ____D () C:\FRST
2015-03-29 16:27 - 2015-03-29 16:27 - 02095616 _____ (Farbar) C:\Users\uzivatel\Downloads\FRST64.exe
2015-03-29 16:26 - 2015-03-29 16:44 - 349581062 _____ () C:\Users\uzivatel\Desktop\Vikings.S03E06.HDTV.x264-KILLERS.mp4
2015-03-29 16:26 - 2015-03-29 16:39 - 00000000 ____D () C:\Users\uzivatel\Desktop\King Diamond - Dreams of Horror (2014)
2015-03-29 16:13 - 2015-03-29 16:13 - 00000953 _____ () C:\Users\uzivatel\Desktop\µTorrent.lnk
2015-03-29 16:13 - 2015-03-29 16:13 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-03-29 16:12 - 2015-03-29 16:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\uTorrent
2015-03-29 16:12 - 2015-03-29 16:12 - 02168592 _____ (emc) C:\Users\uzivatel\Downloads\uTorrent221.exe
2015-03-29 16:01 - 2015-03-29 16:02 - 01761992 _____ (ESET) C:\Users\uzivatel\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-03-29 15:56 - 2015-03-29 16:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-29 15:56 - 2015-03-29 16:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-29 15:56 - 2015-03-29 15:56 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-29 15:45 - 2015-03-29 15:46 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\uzivatel\Downloads\spybot-2.4.exe
2015-03-29 15:28 - 2015-03-29 15:35 - 00012893 _____ () C:\Users\uzivatel\Downloads\hijackthis.log
2015-03-29 15:28 - 2015-03-29 15:28 - 00401720 _____ (Trend Micro Inc.) C:\Users\uzivatel\Downloads\HijackThis.exe
2015-03-29 15:24 - 2015-03-29 15:24 - 00276900 _____ () C:\Users\uzivatel\Documents\cc_20150329_152423.reg
2015-03-29 14:55 - 2015-03-29 14:55 - 05344528 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504.exe
2015-03-29 14:55 - 2015-03-29 14:55 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-03-29 14:55 - 2015-03-29 14:55 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-29 14:55 - 2015-03-29 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-29 14:55 - 2015-03-29 14:55 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-29 14:51 - 2015-03-29 14:51 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-03-28 17:14 - 2015-03-28 17:14 - 02007336 _____ (Crawler, LLC ) C:\Users\uzivatel\Downloads\24x7help.exe
2015-03-28 17:05 - 2015-03-28 17:06 - 08402592 _____ (Crawler Group ) C:\Users\uzivatel\Downloads\SpywareTerminatorSetup.exe
2015-03-27 21:31 - 2015-03-27 21:33 - 05346704 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504pro (1).exe
2015-03-27 21:31 - 2015-03-27 21:32 - 05346704 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504pro.exe
2015-03-26 20:28 - 2015-03-26 20:28 - 00003220 _____ () C:\Windows\System32\Tasks\winoperatesysschedule
2015-03-26 03:38 - 2015-03-29 18:15 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForuzivatel
2015-03-26 03:38 - 2015-03-29 18:15 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForuzivatel.job
2015-03-25 16:10 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 16:10 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 16:10 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 16:10 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 16:10 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 16:10 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 16:10 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 16:10 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-11 16:54 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 16:54 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 16:54 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 16:54 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 16:54 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 16:54 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 16:54 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 16:54 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 16:54 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 16:54 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 16:54 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:54 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 16:54 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 16:54 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 16:54 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 16:54 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 16:54 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 16:54 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 16:54 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 16:54 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 16:54 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 16:54 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 16:54 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 16:54 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 16:54 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 16:54 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 16:54 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 16:54 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 16:53 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 16:53 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 16:53 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 16:53 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 16:53 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 16:53 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 16:53 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 16:53 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 16:53 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 16:53 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 16:53 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 16:53 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 16:53 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 16:53 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 16:53 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 16:51 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 16:51 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 16:51 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 16:51 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 16:50 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 16:50 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 16:50 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 16:50 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 16:50 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 16:50 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 16:50 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 16:50 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 16:50 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 16:50 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 16:50 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 16:50 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 16:50 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 16:50 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 16:50 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 16:50 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 16:50 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:50 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:50 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 16:50 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 16:50 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 16:49 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 16:49 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 16:49 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 16:49 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 16:49 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 16:49 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 16:49 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 16:49 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 16:49 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 16:49 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 16:49 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 16:49 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 16:49 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 16:49 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 16:49 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 16:49 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:49 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 16:49 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 16:49 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 16:49 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 16:49 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 16:49 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 16:49 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 16:49 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 16:49 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 16:49 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 16:49 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 16:49 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 16:49 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 16:49 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 16:49 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 16:49 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:49 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 16:49 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 16:49 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 16:49 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 16:49 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 16:49 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 16:49 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 16:49 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 16:49 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 16:49 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 16:49 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 16:49 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 16:49 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 16:49 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 16:49 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 16:49 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 16:49 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 16:49 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 16:49 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 16:49 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 16:49 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 16:49 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 16:49 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 16:49 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 16:49 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 16:49 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 18:18 - 2013-01-29 16:58 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-29 18:17 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-29 18:17 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-29 18:16 - 2010-05-18 01:45 - 01119198 _____ () C:\Windows\WindowsUpdate.log
2015-03-29 18:13 - 2013-04-28 21:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Skype
2015-03-29 18:10 - 2013-01-29 16:58 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-29 18:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-29 17:44 - 2013-02-15 19:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 17:44 - 2010-05-30 14:07 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2015-03-29 17:44 - 2010-05-30 14:07 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2015-03-29 17:44 - 2009-07-14 07:13 - 00833938 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-29 17:04 - 2013-02-17 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-29 16:55 - 2013-02-21 18:49 - 00000000 ____D () C:\Program Files (x86)\3do
2015-03-29 16:21 - 2013-12-12 07:11 - 01656320 ___SH () C:\Users\uzivatel\Downloads\Thumbs.db
2015-03-29 16:20 - 2014-01-10 21:33 - 00096256 ___SH () C:\Users\uzivatel\Documents\Thumbs.db
2015-03-29 14:54 - 2013-01-29 15:39 - 00000000 ____D () C:\Users\uzivatel
2015-03-29 14:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-29 14:30 - 2010-05-30 04:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-29 13:52 - 2013-02-21 19:05 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-03-29 13:51 - 2013-08-16 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-03-26 03:32 - 2014-12-11 14:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 03:32 - 2014-05-07 14:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-23 19:34 - 2013-04-06 10:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-23 16:13 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-21 11:19 - 2013-01-29 16:58 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-15 21:11 - 2013-01-29 16:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\VirtualStore
2015-03-14 19:52 - 2013-05-29 18:57 - 00000000 ____D () C:\Users\uzivatel\Documents\Thief - Deadly Shadows
2015-03-14 03:14 - 2013-01-30 01:22 - 00000000 ____D () C:\ProgramData\Recovery
2015-03-14 03:12 - 2013-12-08 15:45 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Codemasters
2015-03-14 03:12 - 2013-11-22 22:01 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Faerie Solitaire
2015-03-14 03:12 - 2013-11-16 15:15 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\FUEL
2015-03-14 03:12 - 2013-10-26 13:19 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\kaneandlynch
2015-03-14 03:12 - 2013-05-18 13:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Device Doctor
2015-03-14 03:12 - 2013-04-28 21:28 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\InstallShield
2015-03-14 03:12 - 2013-02-20 00:44 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\TrafficSpaceLLC
2015-03-14 03:12 - 2013-02-16 02:00 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\funkitron
2015-03-14 03:12 - 2013-01-29 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-14 03:12 - 2013-01-29 16:57 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Apps\2.0
2015-03-14 03:12 - 2013-01-29 16:48 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Hewlett-Packard
2015-03-14 03:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-14 03:11 - 2014-11-09 20:38 - 00000000 ____D () C:\Users\uzivatel\Documents\Bus Driver
2015-03-14 03:11 - 2014-09-02 17:49 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dungeon Keeper 2 CZ ver.1.0
2015-03-14 03:11 - 2014-08-15 16:31 - 00000000 ____D () C:\Users\uzivatel\Documents\GF
2015-03-14 03:11 - 2013-09-29 12:55 - 00000000 ____D () C:\Users\uzivatel\Fairy Tale
2015-03-14 03:11 - 2013-09-27 16:25 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\WildTangentv1002
2015-03-14 03:11 - 2013-09-20 16:57 - 00000000 ____D () C:\Users\uzivatel\Documents\Chaos A.D
2015-03-14 03:11 - 2013-09-20 16:54 - 00000000 ____D () C:\Users\uzivatel\Documents\Roots
2015-03-14 03:11 - 2013-09-20 16:54 - 00000000 ____D () C:\Users\uzivatel\Documents\Aganist
2015-03-14 03:11 - 2013-09-20 16:33 - 00000000 ____D () C:\Users\uzivatel\Documents\skins-song
2015-03-14 03:11 - 2013-06-24 16:48 - 00000000 ____D () C:\Users\uzivatel\Documents\Inquisitor_SaveGames
2015-03-14 03:11 - 2013-05-16 19:17 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Ulozto File Manager
2015-03-14 03:11 - 2013-04-09 06:23 - 00000000 ____D () C:\Users\uzivatel\FreeRapid-0.9u1
2015-03-14 03:11 - 2013-02-21 17:34 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-14 03:11 - 2013-02-16 00:58 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-14 03:11 - 2013-02-15 16:10 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\WildTangent
2015-03-14 03:11 - 2013-01-29 15:39 - 00000000 ___RD () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-14 03:11 - 2013-01-29 15:39 - 00000000 ___RD () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-14 03:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-14 03:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-14 03:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-13 18:16 - 2013-11-22 18:04 - 00345248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:03 - 2013-09-21 16:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 15:48 - 2013-01-30 10:53 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-03 15:17 - 2013-01-29 16:57 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-02-17 15:09 - 2013-01-29 16:53 - 0178728 _____ () C:\Program Files (x86)\4zres.dll
2013-02-17 15:09 - 2013-01-29 16:53 - 0707728 _____ (MindSpark) C:\Program Files (x86)\4zUninstall VideoDownloadConverter.dll
2013-02-20 20:52 - 2013-04-10 21:12 - 0024247 _____ () C:\Users\uzivatel\AppData\Roaming\UserTile.png
2013-07-16 18:55 - 2013-07-16 18:55 - 0007607 _____ () C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg
2013-06-09 23:08 - 2014-12-20 23:02 - 0000425 _____ () C:\Users\uzivatel\AppData\Local\UserProducts.xml
2010-05-18 02:04 - 2010-05-18 02:04 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-05-30 06:42 - 2010-05-30 06:43 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-05-18 02:03 - 2010-05-18 02:03 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-05-30 06:38 - 2010-05-30 06:39 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-05-18 02:03 - 2010-05-18 02:03 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-05-18 02:04 - 2010-05-18 02:04 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-05-30 06:38 - 2010-05-30 06:38 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-05-30 06:39 - 2010-05-30 06:42 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-05-18 02:04 - 2010-05-18 02:04 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\uzivatel\AppData\Local\Temp\Quarantine.exe
C:\Users\uzivatel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 21:49

==================== End Of Log ============================

Re: kontrola logu pls

Napsal: 29 bře 2015 17:39
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-09-10] (Macrovision Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [servant] => C:\Users\uzivatel\AppData\Roaming\servant.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d758ff9-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759008-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759043-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759059-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d2520a-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d25376-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d253c6-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {19850438-7090-11e3-b6b2-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {23a42247-f694-11e2-b25f-c80aa9b2c6d4} - H:\starter.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {499dffd0-7c2d-11e2-a993-70f3952c1078} - G:\autorun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {4df3c412-62ad-11e3-8b22-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {82da5bc3-7769-11e2-924e-70f3952c1078} - G:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {ab28db37-c8b5-11e3-8b6f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {c4843db6-62a7-11e3-bdec-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {d43cbb60-d610-11e4-90b5-70f3952c1078} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {e281691b-670a-11e3-9a7c-c80aa9b2c6d4} - I:\AutoRun.exe

HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.yandex.ru/?win=75&clid=1976631
SearchScopes: HKLM-x32 -> {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\yandex.ru-230832.xml [2013-06-09]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]

C:\Program Files (x86)\Skype\Toolbars
C:\Users\uzivatel\AppData\Roaming\servant.exe
2015-03-29 18:23 - 2015-03-29 18:23 - 00020994 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2015-03-29 18:01 - 2015-03-29 18:01 - 00002219 _____ () C:\Users\uzivatel\Desktop\malwares.txt
2015-03-29 17:39 - 2015-03-29 17:39 - 00012678 _____ () C:\Users\uzivatel\Desktop\zoek-results.txt
2015-03-29 17:39 - 2015-03-29 17:39 - 00000000 ____D () C:\Users\uzivatel\Documents\Nová složka
2015-03-29 17:36 - 2015-03-29 17:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-29 17:19 - 2015-03-29 17:38 - 00012678 _____ () C:\zoek-results.log
2015-03-29 17:18 - 2015-03-29 17:18 - 00018035 _____ () C:\Users\uzivatel\Desktop\AdwCleaner[S0].txt
2015-03-29 17:16 - 2015-03-29 17:37 - 00000000 ____D () C:\zoek_backup
2015-03-29 17:08 - 2015-03-29 17:08 - 01305600 _____ () C:\Users\uzivatel\Desktop\zoek(1).exe
2015-03-29 17:07 - 2015-03-29 17:07 - 01305600 _____ () C:\Users\uzivatel\Downloads\zoek.exe
2015-03-29 17:06 - 2015-03-29 18:12 - 00000000 ____D () C:\AdwCleaner
2015-03-29 17:04 - 2015-03-29 17:04 - 02168320 _____ () C:\Users\uzivatel\Desktop\adwcleaner_4.113.exe
2015-03-29 16:58 - 2015-03-29 18:10 - 00006380 _____ () C:\Windows\PFRO.log
2015-03-29 16:58 - 2015-03-29 18:10 - 00001205 _____ () C:\Windows\setupact.log
2015-03-29 16:58 - 2015-03-29 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-29 16:31 - 2015-03-29 16:32 - 00045733 _____ () C:\Users\uzivatel\Downloads\Addition.txt
2015-03-29 16:30 - 2015-03-29 16:32 - 00063095 _____ () C:\Users\uzivatel\Downloads\FRST.txt
2015-03-29 16:01 - 2015-03-29 16:02 - 01761992 _____ (ESET) C:\Users\uzivatel\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-03-29 15:56 - 2015-03-29 16:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-29 15:56 - 2015-03-29 16:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-29 15:56 - 2015-03-29 15:56 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-29 15:45 - 2015-03-29 15:46 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\uzivatel\Downloads\spybot-2.4.exe
2015-03-29 15:28 - 2015-03-29 15:35 - 00012893 _____ () C:\Users\uzivatel\Downloads\hijackthis.log
2015-03-29 15:28 - 2015-03-29 15:28 - 00401720 _____ (Trend Micro Inc.) C:\Users\uzivatel\Downloads\HijackThis.exe
2015-03-29 15:24 - 2015-03-29 15:24 - 00276900 _____ () C:\Users\uzivatel\Documents\cc_20150329_152423.reg
2015-03-29 14:55 - 2015-03-29 14:55 - 05344528 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504.exe
2015-03-28 17:14 - 2015-03-28 17:14 - 02007336 _____ (Crawler, LLC ) C:\Users\uzivatel\Downloads\24x7help.exe
2015-03-28 17:05 - 2015-03-28 17:06 - 08402592 _____ (Crawler Group ) C:\Users\uzivatel\Downloads\SpywareTerminatorSetup.exe
2015-03-27 21:31 - 2015-03-27 21:33 - 05346704 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504pro (1).exe
2015-03-27 21:31 - 2015-03-27 21:32 - 05346704 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504pro.exe
2010-05-18 02:04 - 2010-05-18 02:04 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-05-30 06:42 - 2010-05-30 06:43 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-05-18 02:03 - 2010-05-18 02:03 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-05-30 06:38 - 2010-05-30 06:39 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-05-18 02:03 - 2010-05-18 02:03 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-05-18 02:04 - 2010-05-18 02:04 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-05-30 06:38 - 2010-05-30 06:38 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-05-30 06:39 - 2010-05-30 06:42 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-05-18 02:04 - 2010-05-18 02:04 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

2015-03-29 16:18 - 2013-01-29 16:58 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-29 15:44 - 2013-02-15 19:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 15:18 - 2013-01-29 16:58 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-26 03:38 - 2015-03-29 18:15 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForuzivatel.job

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: kontrola logu pls

Napsal: 01 dub 2015 13:57
od LTREVOR
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by uzivatel at 2015-04-01 14:47:57 Run:1
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-09-10] (Macrovision Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [servant] => C:\Users\uzivatel\AppData\Roaming\servant.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d758ff9-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759008-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759043-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {0d759059-6279-11e3-a18f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d2520a-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d25376-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {13d253c6-6321-11e3-8000-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {19850438-7090-11e3-b6b2-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {23a42247-f694-11e2-b25f-c80aa9b2c6d4} - H:\starter.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {499dffd0-7c2d-11e2-a993-70f3952c1078} - G:\autorun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {4df3c412-62ad-11e3-8b22-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {82da5bc3-7769-11e2-924e-70f3952c1078} - G:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {ab28db37-c8b5-11e3-8b6f-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {c4843db6-62a7-11e3-bdec-c80aa9b2c6d4} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {d43cbb60-d610-11e4-90b5-70f3952c1078} - I:\AutoRun.exe
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\...\MountPoints2: {e281691b-670a-11e3-9a7c-c80aa9b2c6d4} - I:\AutoRun.exe

HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.yandex.ru/?win=75&clid=1976631
SearchScopes: HKLM-x32 -> {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-955059855-2321136576-2697043394-1000 -> {41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\yandex.ru-230832.xml [2013-06-09]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]

C:\Program Files (x86)\Skype\Toolbars
C:\Users\uzivatel\AppData\Roaming\servant.exe
2015-03-29 18:23 - 2015-03-29 18:23 - 00020994 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2015-03-29 18:01 - 2015-03-29 18:01 - 00002219 _____ () C:\Users\uzivatel\Desktop\malwares.txt
2015-03-29 17:39 - 2015-03-29 17:39 - 00012678 _____ () C:\Users\uzivatel\Desktop\zoek-results.txt
2015-03-29 17:39 - 2015-03-29 17:39 - 00000000 ____D () C:\Users\uzivatel\Documents\Nová složka
2015-03-29 17:36 - 2015-03-29 17:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-29 17:19 - 2015-03-29 17:38 - 00012678 _____ () C:\zoek-results.log
2015-03-29 17:18 - 2015-03-29 17:18 - 00018035 _____ () C:\Users\uzivatel\Desktop\AdwCleaner[S0].txt
2015-03-29 17:16 - 2015-03-29 17:37 - 00000000 ____D () C:\zoek_backup
2015-03-29 17:08 - 2015-03-29 17:08 - 01305600 _____ () C:\Users\uzivatel\Desktop\zoek(1).exe
2015-03-29 17:07 - 2015-03-29 17:07 - 01305600 _____ () C:\Users\uzivatel\Downloads\zoek.exe
2015-03-29 17:06 - 2015-03-29 18:12 - 00000000 ____D () C:\AdwCleaner
2015-03-29 17:04 - 2015-03-29 17:04 - 02168320 _____ () C:\Users\uzivatel\Desktop\adwcleaner_4.113.exe
2015-03-29 16:58 - 2015-03-29 18:10 - 00006380 _____ () C:\Windows\PFRO.log
2015-03-29 16:58 - 2015-03-29 18:10 - 00001205 _____ () C:\Windows\setupact.log
2015-03-29 16:58 - 2015-03-29 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-29 16:31 - 2015-03-29 16:32 - 00045733 _____ () C:\Users\uzivatel\Downloads\Addition.txt
2015-03-29 16:30 - 2015-03-29 16:32 - 00063095 _____ () C:\Users\uzivatel\Downloads\FRST.txt
2015-03-29 16:01 - 2015-03-29 16:02 - 01761992 _____ (ESET) C:\Users\uzivatel\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-03-29 15:56 - 2015-03-29 16:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-29 15:56 - 2015-03-29 16:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-29 15:56 - 2015-03-29 15:56 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-29 15:45 - 2015-03-29 15:46 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\uzivatel\Downloads\spybot-2.4.exe
2015-03-29 15:28 - 2015-03-29 15:35 - 00012893 _____ () C:\Users\uzivatel\Downloads\hijackthis.log
2015-03-29 15:28 - 2015-03-29 15:28 - 00401720 _____ (Trend Micro Inc.) C:\Users\uzivatel\Downloads\HijackThis.exe
2015-03-29 15:24 - 2015-03-29 15:24 - 00276900 _____ () C:\Users\uzivatel\Documents\cc_20150329_152423.reg
2015-03-29 14:55 - 2015-03-29 14:55 - 05344528 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504.exe
2015-03-28 17:14 - 2015-03-28 17:14 - 02007336 _____ (Crawler, LLC ) C:\Users\uzivatel\Downloads\24x7help.exe
2015-03-28 17:05 - 2015-03-28 17:06 - 08402592 _____ (Crawler Group ) C:\Users\uzivatel\Downloads\SpywareTerminatorSetup.exe
2015-03-27 21:31 - 2015-03-27 21:33 - 05346704 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504pro (1).exe
2015-03-27 21:31 - 2015-03-27 21:32 - 05346704 _____ (Piriform Ltd) C:\Users\uzivatel\Downloads\ccsetup504pro.exe
2010-05-18 02:04 - 2010-05-18 02:04 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-05-30 06:42 - 2010-05-30 06:43 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-05-18 02:03 - 2010-05-18 02:03 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-05-30 06:38 - 2010-05-30 06:39 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-05-18 02:03 - 2010-05-18 02:03 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-05-18 02:04 - 2010-05-18 02:04 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-05-30 06:38 - 2010-05-30 06:38 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-05-30 06:39 - 2010-05-30 06:42 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-05-18 02:04 - 2010-05-18 02:04 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

2015-03-29 16:18 - 2013-01-29 16:58 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-29 15:44 - 2013-02-15 19:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-29 15:18 - 2013-01-29 16:58 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-26 03:38 - 2015-03-29 18:15 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForuzivatel.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value deleted successfully.
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Run\\servant => value deleted successfully.
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => value deleted successfully.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => Key deleted successfully.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d758ff9-6279-11e3-a18f-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{0d758ff9-6279-11e3-a18f-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d759008-6279-11e3-a18f-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{0d759008-6279-11e3-a18f-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d759043-6279-11e3-a18f-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{0d759043-6279-11e3-a18f-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d759059-6279-11e3-a18f-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{0d759059-6279-11e3-a18f-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13d2520a-6321-11e3-8000-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{13d2520a-6321-11e3-8000-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13d25376-6321-11e3-8000-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{13d25376-6321-11e3-8000-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13d253c6-6321-11e3-8000-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{13d253c6-6321-11e3-8000-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19850438-7090-11e3-b6b2-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{19850438-7090-11e3-b6b2-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23a42247-f694-11e2-b25f-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{23a42247-f694-11e2-b25f-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{499dffd0-7c2d-11e2-a993-70f3952c1078}" => Key deleted successfully.
HKCR\CLSID\{499dffd0-7c2d-11e2-a993-70f3952c1078} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4df3c412-62ad-11e3-8b22-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{4df3c412-62ad-11e3-8b22-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82da5bc3-7769-11e2-924e-70f3952c1078}" => Key deleted successfully.
HKCR\CLSID\{82da5bc3-7769-11e2-924e-70f3952c1078} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab28db37-c8b5-11e3-8b6f-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{ab28db37-c8b5-11e3-8b6f-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4843db6-62a7-11e3-bdec-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{c4843db6-62a7-11e3-bdec-c80aa9b2c6d4} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d43cbb60-d610-11e4-90b5-70f3952c1078}" => Key deleted successfully.
HKCR\CLSID\{d43cbb60-d610-11e4-90b5-70f3952c1078} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e281691b-670a-11e3-9a7c-c80aa9b2c6d4}" => Key deleted successfully.
HKCR\CLSID\{e281691b-670a-11e3-9a7c-c80aa9b2c6d4} => Key not found.
HKU\S-1-5-21-955059855-2321136576-2697043394-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{41A4A164-7C88-4512-AEA5-3C4DF43C8A8E}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found.
"HKU\S-1-5-21-955059855-2321136576-2697043394-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{41A4A164-7C88-4512-AEA5-3C4DF43C8A8E}" => Key deleted successfully.
HKCR\CLSID\{41A4A164-7C88-4512-AEA5-3C4DF43C8A8E} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0" => Key deleted successfully.
C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll => Moved successfully.
C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\6bdt0eon.default\searchplugins\yandex.ru-230832.xml => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
CpqDfw => Service deleted successfully.
hwusbdev => Service deleted successfully.
SliceDisk5 => Service deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"C:\Users\uzivatel\AppData\Roaming\servant.exe" => File/Directory not found.
C:\Users\uzivatel\Desktop\FRST.txt => Moved successfully.
C:\Users\uzivatel\Desktop\malwares.txt => Moved successfully.
C:\Users\uzivatel\Desktop\zoek-results.txt => Moved successfully.
C:\Users\uzivatel\Documents\Nová složka => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Users\uzivatel\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\zoek_backup => Moved successfully.
"C:\Users\uzivatel\Desktop\zoek(1).exe" => File/Directory not found.
"C:\Users\uzivatel\Downloads\zoek.exe" => File/Directory not found.
C:\AdwCleaner => Moved successfully.
C:\Users\uzivatel\Desktop\adwcleaner_4.113.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\uzivatel\Downloads\Addition.txt => Moved successfully.
C:\Users\uzivatel\Downloads\FRST.txt => Moved successfully.
C:\Users\uzivatel\Downloads\eset_nod32_antivirus_live_installer_.exe => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Windows\System32\Tasks\Safer-Networking => Moved successfully.
C:\Users\uzivatel\Downloads\spybot-2.4.exe => Moved successfully.
C:\Users\uzivatel\Downloads\hijackthis.log => Moved successfully.
C:\Users\uzivatel\Downloads\HijackThis.exe => Moved successfully.
C:\Users\uzivatel\Documents\cc_20150329_152423.reg => Moved successfully.
C:\Users\uzivatel\Downloads\ccsetup504.exe => Moved successfully.
C:\Users\uzivatel\Downloads\24x7help.exe => Moved successfully.
C:\Users\uzivatel\Downloads\SpywareTerminatorSetup.exe => Moved successfully.
C:\Users\uzivatel\Downloads\ccsetup504pro (1).exe => Moved successfully.
C:\Users\uzivatel\Downloads\ccsetup504pro.exe => Moved successfully.
C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log => Moved successfully.
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log => Moved successfully.
C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log => Moved successfully.
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log => Moved successfully.
C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log => Moved successfully.
C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log => Moved successfully.
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log => Moved successfully.
C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log => Moved successfully.
C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\HPCeeScheduleForuzivatel.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 655.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 14:48:32 ====

Re: kontrola logu pls

Napsal: 01 dub 2015 15:03
od vyosek
Jak se chova PC???

Re: kontrola logu pls

Napsal: 01 dub 2015 15:12
od LTREVOR
Absolutně v pořádku ...děkuji vřele za váš čas a ochotu pomoci.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz