VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2015
Ran by Domco (administrator) on DOMCO-PC on 20-04-2015 21:16:14
Running from C:\Users\Domco\Desktop
Loaded Profiles: Domco (Available profiles: Domco)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\Common Files\77790361-426c-4fa2-8cf3-5994543d685d\updater.exe
() C:\ProgramData\77790361-426c-4fa2-8cf3-5994543d685d\plugincontainer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Domco\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2015-01-28] (ESET)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2332173804-421033819-168198546-1000\...\Run: [Clownfish] => [X]
HKU\S-1-5-21-2332173804-421033819-168198546-1000\...\MountPoints2: {5b73e63e-c68d-11e4-90b2-94de801c4e7b} - F:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-03-07] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2332173804-421033819-168198546-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: Express Find -> {d39539bb-f65e-4088-a9d1-6e5f01a42a3e} -> C:\Program Files\Express Find\Extensions\d39539bb-f65e-4088-a9d1-6e5f01a42a3e.dll [2015-04-03] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-2332173804-421033819-168198546-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Domco\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)

Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Domco\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Domco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-05]
CHR Extension: (Google Search) - C:\Users\Domco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-05]
CHR Extension: (AdBlock) - C:\Users\Domco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-18]
CHR Extension: (Bookmark Manager) - C:\Users\Domco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Google Wallet) - C:\Users\Domco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06]
CHR Extension: (Gmail) - C:\Users\Domco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-05]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280680 2015-01-08] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2015-01-28] (ESET)
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [274536 2015-01-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 Service Mgr ExpressFind; C:\ProgramData\77790361-426c-4fa2-8cf3-5994543d685d\plugincontainer.exe [639216 2015-04-05] ()
R2 Update Mgr ExpressFind; C:\Program Files\Common Files\77790361-426c-4fa2-8cf3-5994543d685d\updater.exe [559856 2015-04-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19608 2012-10-25] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51824 2015-03-10] (ESET)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2014-02-07] (Screaming Bee LLC)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 21:16 - 2015-04-20 21:16 - 00009046 _____ () C:\Users\Domco\Desktop\FRST.txt
2015-04-20 21:15 - 2015-04-20 21:16 - 00000000 ____D () C:\FRST
2015-04-20 21:15 - 2015-04-20 21:15 - 00029696 _____ () C:\Users\Domco\AppData\Local\MSGBOX.EXE
2015-04-20 21:15 - 2015-04-20 21:15 - 00015327 _____ () C:\Users\Domco\Desktop\LM.bat
2015-04-20 21:14 - 2015-04-20 21:14 - 00112640 _____ (forum.viry.cz) C:\Users\Domco\Desktop\FRSTLauncher.exe
2015-04-20 21:13 - 2015-04-20 21:13 - 00112640 _____ (forum.viry.cz) C:\Users\Domco\Downloads\Nepotvrzeno 65095.crdownload
2015-04-20 21:12 - 2015-04-20 21:13 - 01139200 _____ (Farbar) C:\Users\Domco\Desktop\FRST.exe
2015-04-20 20:19 - 2015-04-20 20:19 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\Need for Speed World
2015-04-16 19:57 - 2015-04-16 19:57 - 00000000 ____D () C:\Users\Domco\AppData\Local\Electronic_Arts_Inc
2015-04-16 19:56 - 2015-04-16 19:56 - 00002163 _____ () C:\Users\Public\Desktop\Need For Speed World.lnk
2015-04-16 19:56 - 2015-04-16 19:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-04-16 19:56 - 2015-04-16 19:56 - 00000000 ____D () C:\Program Files\Electronic Arts
2015-04-16 19:54 - 2015-04-16 19:54 - 06400680 _____ (Electronic Arts ) C:\Users\Domco\Downloads\setup_nfsw.exe
2015-04-15 22:42 - 2015-04-15 22:50 - 00000000 ____D () C:\Users\Domco\Downloads\3DMGAME-Grand.Theft.Auto.V.Update.1.and.Crack.v1-3DM
2015-04-15 22:40 - 2015-04-15 23:13 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\uTorrent
2015-04-15 22:40 - 2015-04-15 22:40 - 00000851 _____ () C:\Users\Domco\Desktop\µTorrent.lnk
2015-04-15 22:37 - 2015-04-15 22:39 - 01740112 _____ (BitTorrent Inc.) C:\Users\Domco\Downloads\uTorrent.exe
2015-04-15 22:34 - 2015-04-15 22:34 - 00032048 _____ () C:\Users\Domco\Downloads\[kickass.to]grand.theft.auto.v.update.1.and.crack.v1.3dm.torrent
2015-04-15 16:41 - 2015-04-15 16:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 16:41 - 2015-04-15 16:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 16:09 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 16:09 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 16:09 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 16:09 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 16:09 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 16:09 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 16:09 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 16:09 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 16:09 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 16:09 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 16:09 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 16:09 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 16:09 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 16:09 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 16:09 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 16:09 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 16:09 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 16:09 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 16:09 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 16:09 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 16:09 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 16:09 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 16:09 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 16:09 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 16:09 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 16:09 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 16:09 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 16:09 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 16:09 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 16:09 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 16:09 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 16:08 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 16:08 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 16:08 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 16:08 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 16:08 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 16:08 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 16:08 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 16:08 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 16:08 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 16:08 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 16:08 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 16:08 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 16:08 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 16:08 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 16:08 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 16:08 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 16:07 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 16:07 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 16:07 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 16:07 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 16:07 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 16:07 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 16:07 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 16:07 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 16:07 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 16:07 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 16:07 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 16:07 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 16:07 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 16:07 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 16:07 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 16:06 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 16:06 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 16:06 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-13 23:24 - 2015-04-13 23:25 - 20017087 _____ () C:\Users\Domco\Downloads\Viber.apk
2015-04-10 13:27 - 2015-04-10 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-04-10 13:27 - 2015-04-10 13:27 - 00000000 ____D () C:\ProgramData\ESET
2015-04-10 13:27 - 2015-04-10 13:27 - 00000000 ____D () C:\Program Files\ESET
2015-04-06 21:01 - 2015-04-10 15:10 - 00000000 ____D () C:\Users\Domco\Documents\Euro Truck Simulator 2
2015-04-05 21:28 - 2015-04-05 21:28 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\ESET
2015-04-05 21:28 - 2015-04-05 21:28 - 00000000 ____D () C:\Users\Domco\AppData\Local\ESET
2015-04-05 21:24 - 2015-04-05 21:24 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 21:22 - 2015-04-05 21:22 - 01660616 _____ (ESET) C:\Users\Domco\Downloads\eset_smart_security_live_installer_.exe
2015-04-05 14:57 - 2015-04-05 14:57 - 00007625 _____ () C:\Users\Domco\AppData\Local\Resmon.ResmonCfg
2015-04-05 14:51 - 2015-04-05 14:51 - 00073268 _____ () C:\Users\Domco\Downloads\SaiyajiNconfig 14-12-2014.zip
2015-04-04 00:31 - 2015-04-04 00:35 - 00002143 _____ () C:\Users\Domco\Downloads\sa.m3u
2015-04-04 00:31 - 2015-04-04 00:31 - 00000205 _____ () C:\Users\Domco\Downloads\fwefwe.m3u
2015-04-04 00:30 - 2015-04-04 00:31 - 00001827 _____ () C:\Users\Domco\Downloads\playlist.m3u
2015-04-04 00:28 - 2015-04-04 00:28 - 04405689 _____ (AssistantTools.com ) C:\Users\Domco\Downloads\music_tag_editor_installer.exe
2015-04-04 00:25 - 2015-04-04 00:25 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\FlashIntegro
2015-04-04 00:22 - 2015-04-04 00:22 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\AudioConverter
2015-04-04 00:21 - 2015-04-05 18:05 - 00000000 ____D () C:\ProgramData\77790361-426c-4fa2-8cf3-5994543d685d
2015-04-04 00:21 - 2015-04-05 17:04 - 00000000 ____D () C:\Program Files\Common Files\77790361-426c-4fa2-8cf3-5994543d685d
2015-04-04 00:21 - 2015-04-04 00:21 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\OpenCandy
2015-04-04 00:21 - 2015-04-04 00:21 - 00000000 ____D () C:\Program Files\Express Find
2015-04-04 00:21 - 2015-04-04 00:21 - 00000000 ____D () C:\Program Files\Common Files\FlashIntegro
2015-04-04 00:21 - 2003-05-21 23:50 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-04-04 00:21 - 2003-05-21 23:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3a.dll
2015-04-04 00:21 - 2003-03-18 23:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2015-04-04 00:21 - 2003-02-21 03:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2015-04-04 00:20 - 2015-04-04 00:21 - 15349712 _____ (Flash-Integro LLC ) C:\Users\Domco\Downloads\audio_converter.exe
2015-04-04 00:16 - 2015-04-04 00:16 - 00000170 _____ () C:\Users\Domco\Downloads\n
2015-04-04 00:14 - 2015-04-04 00:14 - 00206522 _____ () C:\Users\Domco\Downloads\M3UCreator_Installer.exe
2015-04-04 00:01 - 2015-04-04 00:01 - 00334311 _____ () C:\Users\Domco\Downloads\soundboard-1.0b5-win32.ts3_plugin
2015-04-03 23:57 - 2015-04-03 23:57 - 00001120 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-04-03 23:57 - 2015-04-03 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-04-03 23:57 - 2015-04-03 23:57 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-04-03 23:56 - 2015-04-03 23:57 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Domco\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2015-04-03 23:53 - 2015-04-03 23:53 - 00228983 _____ () C:\Users\Domco\Downloads\soundboard-0.9.8.4b-win32.ts3_plugin
2015-04-02 20:07 - 2015-04-02 20:07 - 03249480 _____ (Unity Technologies ApS) C:\Users\Domco\Downloads\UnityWebPlayer.exe
2015-04-02 20:07 - 2015-04-02 20:07 - 00000000 ____D () C:\Users\Domco\AppData\Local\Unity
2015-04-02 16:54 - 2015-04-02 16:54 - 00001022 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-04-02 16:54 - 2015-04-02 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-04-02 16:54 - 2015-04-02 16:54 - 00000000 ____D () C:\Program Files\CPUID
2015-04-02 16:53 - 2015-04-02 16:54 - 01582736 _____ ( ) C:\Users\Domco\Downloads\cpu-z_1.72-en.exe
2015-03-29 11:58 - 2015-03-25 13:29 - 00000000 ____D () C:\Users\Domco\Desktop\Kali & Peter Pann - N!kto (2015)
2015-03-29 11:48 - 2015-03-29 11:48 - 159340552 _____ () C:\Users\Domco\Downloads\Kali & Peter Pann - N!kto (2015).rar
2015-03-29 01:48 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-29 01:48 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-29 01:48 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-28 21:42 - 2015-03-28 21:50 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\TeamViewer
2015-03-28 21:41 - 2015-03-28 21:41 - 07972176 _____ (TeamViewer GmbH) C:\Users\Domco\Downloads\TeamViewer_Setup_cs.exe
2015-03-27 00:18 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-27 00:18 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-27 00:18 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-27 00:18 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-27 00:18 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-27 00:18 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-27 00:18 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-27 00:18 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-27 00:18 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-27 00:18 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-27 00:17 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-27 00:17 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-27 00:17 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-27 00:17 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-27 00:17 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-27 00:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-27 00:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-27 00:17 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-27 00:17 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-27 00:17 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-27 00:17 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-27 00:17 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-27 00:17 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-27 00:17 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-27 00:17 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-27 00:17 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-27 00:17 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-27 00:17 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-27 00:17 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-27 00:16 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-24 01:11 - 2015-03-24 01:11 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\Screaming Bee
2015-03-24 01:11 - 2015-03-24 01:11 - 00000000 ____D () C:\ProgramData\Screaming Bee
2015-03-24 01:10 - 2015-03-24 01:10 - 00002040 _____ () C:\Users\Public\Desktop\MorphVOX Pro.lnk
2015-03-24 01:10 - 2015-03-24 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2015-03-24 01:10 - 2015-03-24 01:10 - 00000000 ____D () C:\Program Files\Screaming Bee
2015-03-24 01:09 - 2015-03-24 01:09 - 01945832 _____ () C:\Users\Domco\Downloads\wrar521cz.exe
2015-03-24 01:09 - 2015-03-24 01:09 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\WinRAR
2015-03-24 01:09 - 2015-03-24 01:09 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-24 01:09 - 2015-03-24 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-24 01:09 - 2015-03-24 01:09 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-24 01:08 - 2015-03-24 01:09 - 05150984 _____ () C:\Users\Domco\Downloads\Tutorial---MorphVOX.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 21:04 - 2015-03-05 19:54 - 00000000 ____D () C:\Program Files\Steam
2015-04-20 20:53 - 2015-03-05 19:42 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-20 20:23 - 2015-03-05 21:04 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\TS3Client
2015-04-20 19:58 - 2015-03-05 19:43 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-20 19:58 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-20 19:58 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-20 19:53 - 2015-03-05 19:42 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-20 19:53 - 2015-03-05 19:36 - 01213702 _____ () C:\Windows\WindowsUpdate.log
2015-04-20 19:52 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-20 19:52 - 2009-07-14 06:39 - 00034189 _____ () C:\Windows\setupact.log
2015-04-17 22:01 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 19:56 - 2015-03-05 19:42 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-16 19:56 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-16 14:31 - 2015-03-05 19:49 - 00038020 _____ () C:\Windows\PFRO.log
2015-04-15 23:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 21:07 - 2015-03-05 19:54 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-04-15 16:17 - 2015-03-07 01:44 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 16:13 - 2015-03-07 01:44 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 15:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-04-06 21:21 - 2015-03-05 20:59 - 00000000 ____D () C:\Users\Domco\AppData\Roaming\Skype
2015-04-05 22:15 - 2015-03-05 22:46 - 00015504 _____ () C:\Windows\system32\results.xml
2015-04-05 22:14 - 2015-03-05 22:45 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-05 22:13 - 2015-03-05 22:44 - 00000874 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2015-03-29 01:57 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2015-03-27 00:31 - 2009-07-14 06:33 - 00409608 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-25 00:32 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-24 01:11 - 2015-03-05 22:35 - 00000000 ____D () C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2015-04-20 21:15 - 2015-04-20 21:15 - 0029696 _____ () C:\Users\Domco\AppData\Local\MSGBOX.EXE
2015-04-05 14:57 - 2015-04-05 14:57 - 0007625 _____ () C:\Users\Domco\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Domco\AppData\Local\Temp\InstHelper.exe
C:\Users\Domco\AppData\Local\Temp\_is8C57.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-15 14:52

==================== End Of Log ============================

Adtion.txt --> http://uloz.to/xXToBAny/addition-txt

Zdravim

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

# AdwCleaner v4.201 - Log vytvořen 21/04/2015 v 16:11:30
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-20.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : Domco - DOMCO-PC
# Spuštěno z : C:\Users\Domco\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : Service Mgr ExpressFind
[#] Služba Smazáno : Update Mgr ExpressFind

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Program Files\Express Find
Složka Smazáno : C:\Users\Domco\AppData\Roaming\OpenCandy

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D39539BB-F65E-4088-A9D1-6E5F01A42A3E}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D39539BB-F65E-4088-A9D1-6E5F01A42A3E}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D39539BB-F65E-4088-A9D1-6E5F01A42A3E}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D39539BB-F65E-4088-A9D1-6E5F01A42A3E}
Klíč Smazáno : HKCU\Software\Local AppWizard-Generated Applications
Klíč Smazáno : HKLM\SOFTWARE\ExpressFind
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Express Find

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728

-\\ Google Chrome v42.0.2311.90

[C:\Users\Domco\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [1746 bytů] - [21/04/2015 16:10:45]
AdwCleaner[S0].txt - [1667 bytů] - [21/04/2015 16:11:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1725 bytů] ##########

ESET Smart Security mate radne zakoupeny?

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-2332173804-421033819-168198546-1000\...\Run: [Clownfish] => [X]
HKU\S-1-5-21-2332173804-421033819-168198546-1000\...\MountPoints2: {5b73e63e-c68d-11e4-90b2-94de801c4e7b} - F:\Startme.exe
BHO: Express Find -> {d39539bb-f65e-4088-a9d1-6e5f01a42a3e} -> C:\Program Files\Express Find\Extensions\d39539bb-f65e-4088-a9d1-6e5f01a42a3e.dll [2015-04-03] ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
C:\ProgramData\77790361-426c-4fa2-8cf3-5994543d685d
C:\Program Files\Common Files\77790361-426c-4fa2-8cf3-5994543d685d
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

2015-04-20 21:15 - 2015-04-20 21:15 - 00029696 _____ () C:\Users\Domco\AppData\Local\MSGBOX.EXE
2015-04-20 21:15 - 2015-04-20 21:15 - 00015327 _____ () C:\Users\Domco\Desktop\LM.bat
2015-04-20 21:14 - 2015-04-20 21:14 - 00112640 _____ (forum.viry.cz) C:\Users\Domco\Desktop\FRSTLauncher.exe
2015-04-20 21:13 - 2015-04-20 21:13 - 00112640 _____ (forum.viry.cz) C:\Users\Domco\Downloads\Nepotvrzeno 65095.crdownload
Task: {5C23B780-A62A-4780-90D9-822875D01703} - System32\Tasks\{E5569AF1-025C-4DF2-824F-42E9C90D1344} => G:\jnjnjn\vegas120.exe
Task: {6DFEE44B-429B-4412-88D7-5296E348EDE3} - System32\Tasks\{C91676B0-DB6C-4098-9E8D-4FD51E2E6466} => G:\jnjnjn\vegas120.exe
Task: {A2A025BB-1E41-444F-BDF0-D16BD434B9D7} - System32\Tasks\{9C12D191-6552-4963-A14D-5C889553EC9D} => G:\jnjnjn\vegas120.exe
Task: {AAC6B84C-6F49-45DA-9687-76F543EC8272} - System32\Tasks\{D02A8D6D-A182-4C96-BC10-072EC5F40B30} => C:\Users\Domco\Desktop\jnjnjn\vegas120.exe
Task: {C1A0F34E-C18F-4A0F-98AE-A0E8DF58D226} - System32\Tasks\{FA609D90-D266-494B-ACA1-F6ECCF5881D8} => C:\Users\Domco\Desktop\jnjnjn\vegas120.exe
Task: {CCE5556F-2F53-4FA6-A65E-8D36C0BF9E47} - System32\Tasks\{4E039F2A-7C7A-46B0-8275-24E10EE97477} => G:\jnjnjn\vegas120.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Folder: C:\Program Files\Common Files\FlashIntegro
Hosts:
EmptyTemp:
End

Zatial mám 30 dňovú trial verziu

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-04-2015
Ran by Domco at 2015-04-21 21:44:37 Run:1
Running from C:\Users\Domco\Desktop
Loaded Profiles: Domco (Available profiles: Domco)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2332173804-421033819-168198546-1000\...\Run: [Clownfish] => [X]
HKU\S-1-5-21-2332173804-421033819-168198546-1000\...\MountPoints2: {5b73e63e-c68d-11e4-90b2-94de801c4e7b} - F:\Startme.exe
BHO: Express Find -> {d39539bb-f65e-4088-a9d1-6e5f01a42a3e} -> C:\Program Files\Express Find\Extensions\d39539bb-f65e-4088-a9d1-6e5f01a42a3e.dll [2015-04-03] ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.90\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
C:\ProgramData\77790361-426c-4fa2-8cf3-5994543d685d
C:\Program Files\Common Files\77790361-426c-4fa2-8cf3-5994543d685d
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

2015-04-20 21:15 - 2015-04-20 21:15 - 00029696 _____ () C:\Users\Domco\AppData\Local\MSGBOX.EXE
2015-04-20 21:15 - 2015-04-20 21:15 - 00015327 _____ () C:\Users\Domco\Desktop\LM.bat
2015-04-20 21:14 - 2015-04-20 21:14 - 00112640 _____ (forum.viry.cz) C:\Users\Domco\Desktop\FRSTLauncher.exe
2015-04-20 21:13 - 2015-04-20 21:13 - 00112640 _____ (forum.viry.cz) C:\Users\Domco\Downloads\Nepotvrzeno 65095.crdownload
Task: {5C23B780-A62A-4780-90D9-822875D01703} - System32\Tasks\{E5569AF1-025C-4DF2-824F-42E9C90D1344} => G:\jnjnjn\vegas120.exe
Task: {6DFEE44B-429B-4412-88D7-5296E348EDE3} - System32\Tasks\{C91676B0-DB6C-4098-9E8D-4FD51E2E6466} => G:\jnjnjn\vegas120.exe
Task: {A2A025BB-1E41-444F-BDF0-D16BD434B9D7} - System32\Tasks\{9C12D191-6552-4963-A14D-5C889553EC9D} => G:\jnjnjn\vegas120.exe
Task: {AAC6B84C-6F49-45DA-9687-76F543EC8272} - System32\Tasks\{D02A8D6D-A182-4C96-BC10-072EC5F40B30} => C:\Users\Domco\Desktop\jnjnjn\vegas120.exe
Task: {C1A0F34E-C18F-4A0F-98AE-A0E8DF58D226} - System32\Tasks\{FA609D90-D266-494B-ACA1-F6ECCF5881D8} => C:\Users\Domco\Desktop\jnjnjn\vegas120.exe
Task: {CCE5556F-2F53-4FA6-A65E-8D36C0BF9E47} - System32\Tasks\{4E039F2A-7C7A-46B0-8275-24E10EE97477} => G:\jnjnjn\vegas120.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Folder: C:\Program Files\Common Files\FlashIntegro
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2332173804-421033819-168198546-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Clownfish => value deleted successfully.
"HKU\S-1-5-21-2332173804-421033819-168198546-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b73e63e-c68d-11e4-90b2-94de801c4e7b}" => Key deleted successfully.
HKCR\CLSID\{5b73e63e-c68d-11e4-90b2-94de801c4e7b} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d39539bb-f65e-4088-a9d1-6e5f01a42a3e} => Key not found.
HKCR\CLSID\{d39539bb-f65e-4088-a9d1-6e5f01a42a3e} => Key not found.
C:\Program Files\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll not found.
C:\Program Files\Google\Chrome\Application\42.0.2311.90\pdf.dll not found.
C:\Program Files\Google\Chrome\Application\42.0.2311.90\gcswf32.dll not found.
C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.
C:\ProgramData\77790361-426c-4fa2-8cf3-5994543d685d => Moved successfully.
C:\Program Files\Common Files\77790361-426c-4fa2-8cf3-5994543d685d => Moved successfully.
gdrv => Service deleted successfully.
C:\Users\Domco\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Domco\Desktop\LM.bat => Moved successfully.
C:\Users\Domco\Desktop\FRSTLauncher.exe => Moved successfully.
"C:\Users\Domco\Downloads\Nepotvrzeno 65095.crdownload" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C23B780-A62A-4780-90D9-822875D01703}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C23B780-A62A-4780-90D9-822875D01703}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E5569AF1-025C-4DF2-824F-42E9C90D1344} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5569AF1-025C-4DF2-824F-42E9C90D1344}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DFEE44B-429B-4412-88D7-5296E348EDE3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DFEE44B-429B-4412-88D7-5296E348EDE3}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C91676B0-DB6C-4098-9E8D-4FD51E2E6466} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C91676B0-DB6C-4098-9E8D-4FD51E2E6466}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2A025BB-1E41-444F-BDF0-D16BD434B9D7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2A025BB-1E41-444F-BDF0-D16BD434B9D7}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9C12D191-6552-4963-A14D-5C889553EC9D} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9C12D191-6552-4963-A14D-5C889553EC9D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAC6B84C-6F49-45DA-9687-76F543EC8272}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAC6B84C-6F49-45DA-9687-76F543EC8272}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D02A8D6D-A182-4C96-BC10-072EC5F40B30} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D02A8D6D-A182-4C96-BC10-072EC5F40B30}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1A0F34E-C18F-4A0F-98AE-A0E8DF58D226}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1A0F34E-C18F-4A0F-98AE-A0E8DF58D226}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FA609D90-D266-494B-ACA1-F6ECCF5881D8} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FA609D90-D266-494B-ACA1-F6ECCF5881D8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCE5556F-2F53-4FA6-A65E-8D36C0BF9E47}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCE5556F-2F53-4FA6-A65E-8D36C0BF9E47}" => Key deleted successfully.
C:\Windows\System32\Tasks\{4E039F2A-7C7A-46B0-8275-24E10EE97477} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4E039F2A-7C7A-46B0-8275-24E10EE97477}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========================= Folder: C:\Program Files\Common Files\FlashIntegro ========================

2015-04-04 00:21 - 2015-04-04 00:28 - 0000000 ____D () C:\Program Files\Common Files\FlashIntegro\ActiveX
2015-04-04 00:21 - 2014-09-22 18:32 - 0557440 _____ (Flash-Integro LLC) C:\Program Files\Common Files\FlashIntegro\ActiveX\mslaudiocodecs2.dll
2015-04-04 00:21 - 2014-09-22 18:32 - 0086400 _____ (Flash-Integro LLC) C:\Program Files\Common Files\FlashIntegro\ActiveX\mslaudioplayer2.dll
2015-04-04 00:21 - 2014-09-22 18:32 - 0165240 _____ (Flash-Integro LLC) C:\Program Files\Common Files\FlashIntegro\ActiveX\mslavfile2.dll
2015-04-04 00:21 - 2014-09-22 18:32 - 13159280 _____ (Flash-Integro LLC) C:\Program Files\Common Files\FlashIntegro\ActiveX\mslcore2.dll
2015-04-04 00:21 - 2014-09-22 18:33 - 0573816 _____ (Flash-Integro LLC) C:\Program Files\Common Files\FlashIntegro\ActiveX\mslformats2.dll
2015-04-04 00:21 - 2014-09-22 18:34 - 0241016 _____ (Flash-Integro LLC) C:\Program Files\Common Files\FlashIntegro\ActiveX\mslmediafile2.dll
2015-04-04 00:21 - 2014-09-22 18:33 - 0132984 _____ (Flash-Integro LLC) C:\Program Files\Common Files\FlashIntegro\ActiveX\mslprofiles2.dll
2015-04-04 00:21 - 2014-09-22 18:34 - 0129400 _____ (Flash-Integro LLC) C:\Program Files\Common Files\FlashIntegro\ActiveX\mslwmfile2.dll
2015-04-04 00:21 - 2015-04-04 00:21 - 0000000 ____D () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin
2015-04-04 00:21 - 2002-12-06 14:02 - 0272896 _____ (Progressive Networks) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\pncrt.dll
2015-04-04 00:21 - 2015-04-04 00:21 - 0000000 ____D () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences
2015-04-04 00:21 - 2003-11-21 22:54 - 0002786 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\100% Quality Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002773 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\128k Dual ISDN.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002769 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\12k Substream for 28k Dial-up.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002774 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\150k LAN.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002769 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\16k Substream for 28k Dial-up.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002784 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\1M Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002784 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\1M Multichannel (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002784 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\1M Surround Stereo (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002774 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\256k DSL or Cable.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002769 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\26k Substream for 56k Dial-up.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002769 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\28k Dial-up.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002784 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\2M Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002784 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\2M Multichannel (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002784 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\2M Surround Stereo (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002782 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\350k Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002782 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\350k Multichannel (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002782 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\350k Surround Stereo (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002775 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\384k DSL or Cable.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002782 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\450k Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002782 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\450k Multichannel (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002782 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\450k Surround Stereo (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002775 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\512k DSL or Cable.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002770 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\56k Dial-up.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002786 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\5M Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002786 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\5M Multichannel (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002786 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\5M Surround Stereo (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002771 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\64k Single ISDN.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002783 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\70% Quality Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002783 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\750k Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002783 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\750k Multichannel (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002783 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\750k Surround Stereo (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002776 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\768k DSL or Cable.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002784 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\80% Quality Download (VBR).rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002784 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\90% Quality Download (VBR).rpad
2015-04-04 00:21 - 2004-03-09 19:40 - 0002800 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\General Mobile Local Playback.rpad
2015-04-04 00:21 - 2004-03-09 19:40 - 0002798 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\General Mobile Streaming.rpad
2015-04-04 00:21 - 2003-11-21 22:54 - 0002777 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\Lossless Audio.rpad
2015-04-04 00:21 - 2004-03-09 19:38 - 0002803 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\audiences\PocketPC Local Playback.rpad
2015-04-04 00:21 - 2015-04-04 00:21 - 0000000 ____D () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs
2015-04-04 00:21 - 2003-05-22 01:50 - 0073793 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\atrc.dll
2015-04-04 00:21 - 2004-04-06 00:04 - 0548919 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\colorcvt.dll
2015-04-04 00:21 - 2004-04-06 00:05 - 0065602 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\cook.dll
2015-04-04 00:21 - 2004-07-02 17:33 - 0102464 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\drv1.dll
2015-04-04 00:21 - 2004-07-02 17:33 - 0176195 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\drv2.dll
2015-04-04 00:21 - 2004-07-02 17:33 - 0327749 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\drvc.dll
2015-04-04 00:21 - 2004-04-06 00:07 - 0266306 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\erv3.dll
2015-04-04 00:21 - 2004-04-06 00:08 - 0479298 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\erv4.dll
2015-04-04 00:21 - 2004-04-06 00:05 - 0548940 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\raac.dll
2015-04-04 00:21 - 2004-04-06 00:05 - 0155702 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\ralf.dll
2015-04-04 00:21 - 2004-04-06 00:05 - 0102465 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\codecs\sipr.dll
2015-04-04 00:21 - 2015-04-04 00:21 - 0000000 ____D () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\plugins
2015-04-04 00:21 - 2002-12-06 14:02 - 0049152 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\plugins\auth3260.dll
2015-04-04 00:21 - 2002-12-06 14:02 - 0040960 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\plugins\basc3260.dll
2015-04-04 00:21 - 2004-04-06 00:06 - 0262204 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\plugins\rmwrtr.dll
2015-04-04 00:21 - 2002-12-06 14:02 - 0045056 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\plugins\rn5a3260.dll
2015-04-04 00:21 - 2002-12-06 14:02 - 0061440 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\plugins\sdpp3260.dll
2015-04-04 00:21 - 2004-04-06 00:08 - 0061493 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\plugins\smplfsys.dll
2015-04-04 00:21 - 2015-04-04 00:21 - 0000000 ____D () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools
2015-04-04 00:21 - 2004-04-06 00:01 - 0053341 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\audiofmtconverter.dll
2015-04-04 00:21 - 2004-04-06 00:01 - 0049235 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\audiolimiter.dll
2015-04-04 00:21 - 2004-04-06 00:04 - 0065634 _____ ( ) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\audiolosslesscodec.dll
2015-04-04 00:21 - 2004-04-06 00:01 - 0053327 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\audiometer.dll
2015-04-04 00:21 - 2004-04-06 00:01 - 0327767 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\audioresampler.dll
2015-04-04 00:21 - 2004-02-05 15:02 - 0000489 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\CodecMapping.txt
2015-04-04 00:21 - 2004-04-05 23:59 - 0856132 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\encsession.dll
2015-04-04 00:21 - 2002-12-06 14:02 - 0036864 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\enlv3260.dll
2015-04-04 00:21 - 2004-04-06 00:01 - 0053325 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\eventpack.dll
2015-04-04 00:21 - 2004-04-05 23:59 - 0053321 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\mediasink.dll
2015-04-04 00:21 - 2004-04-06 00:01 - 0057443 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\mpeg4audiopacketizer.dll
2015-04-04 00:21 - 2004-02-24 10:19 - 0548864 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\rmme3260.dll
2015-04-04 00:21 - 2004-04-06 00:02 - 0086110 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\rmsessionformat.dll
2015-04-04 00:21 - 2004-02-24 10:19 - 0356352 _____ (RealNetworks, Inc.) C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\rmto3260.dll
2015-04-04 00:21 - 2004-04-06 00:00 - 0241736 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\rmwriter.dll
2015-04-04 00:21 - 2004-04-06 00:03 - 0069718 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\rnaudiocodec.dll
2015-04-04 00:21 - 2004-04-06 00:03 - 0077920 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\rnaudiopacketizer.dll
2015-04-04 00:21 - 2004-04-06 00:04 - 0106582 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\rnvideocodec.dll
2015-04-04 00:21 - 2004-04-06 00:01 - 0049249 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\videocolorconverter.dll
2015-04-04 00:21 - 2004-04-06 00:01 - 0045139 _____ () C:\Program Files\Common Files\FlashIntegro\ActiveX\RMBin\tools\videolumaadj.dll
2015-04-04 00:21 - 2015-04-04 00:21 - 0000000 ____D () C:\Program Files\Common Files\FlashIntegro\Skins
2015-04-04 00:21 - 2011-09-07 13:21 - 0745976 _____ (Codejock Software) C:\Program Files\Common Files\FlashIntegro\Skins\Vista.cjstyles

====== End of Folder: ======

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.3 GB temporary data.

The system needed a reboot.

==== End of Fixlog 21:45:00 ====

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

# DelFix v10.9 - Logfile created 21/04/2015 at 21:58:07
# Updated 27/02/2015 by Xplode
# Username : Domco - DOMCO-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Domco\Desktop\Addition.txt
Deleted : C:\Users\Domco\Desktop\adwcleaner_4.201.exe
Deleted : C:\Users\Domco\Desktop\Fixlog.txt
Deleted : C:\Users\Domco\Desktop\FRST.exe
Deleted : C:\Users\Domco\Desktop\FRST.txt
Deleted : HKLM\SOFTWARE\AdwCleaner

########## - EOF - ##########

Viry byly uspesne odstraneny, takze by ted melo byt cisto

Tento soubor (C:\DelFix.txt) muzete rucne smazat.

virus sa volal update ?

pretože ked som ho vypol zapol sa znova

ale sranda ž e ho eset nehlásil

inak Ďakujem za pomoc

Domco píše:virus sa volal update ?

Ne. Nevim presne rodinu viru, ale o update niceho se urcite nejednalo.

Domco píše: ked som ho vypol zapol sa znova

Z teto vety som volaky zmeteny... Specifikujte prosim blize, co se znovu zaplo (pripadne v jakem umisteni).

No že mal som v spustenych procesoch predtým čo som sem písal update.exe ked som ho vypol zachvilu tam bol znova a presne to mi vymazal Váš program

tak som sa pýtal či to bol ten vír

ale nechápem ako to že ho nenašiel eset

Ano, updater.exe byl onen virus

Je fakt, ze jsme soubor mohli ESETu poslat k analyze, aby jej proverili a nasledne pridaly jeho detekci...

ani neviem ako sa tam nabral každopadne dakujem už to ide ako ma

To jsem rad

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu