VIRY.CZ

kamarát chytil nejaký fb vírus, malware rovnaký prípad ako tu:
http://forum.viry.cz/viewtopic.php?f=5& ... s#p1393818

dakujem

Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2015-06-12 19:33:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 79 GB (50%) free of 158 GB
Total RAM: 2813 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:07, on 12. 6. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Pro Advanced\DTShellHlp.exe
C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\Downloads\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 17W3702J5X
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 17W3702J5X
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 17W3702J5X
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 17W3702J5X
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=082214 serial=DR12WRX-0514333-ZVU lang=CZ
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [icq] C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [se] C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe /minimized
O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro Advanced\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe

--
End of file - 8817 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default

"fmconverter@gmail.com"=C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-17 495708]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"vProt"=C:\Program Files\AVG Web TuneUp\vprot.exe [2014-09-05 2575896]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"CorelDRAW Graphics Suite 11b"=C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-12-16 5188112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"icq"=C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe [2014-08-30 35224072]
"se"=C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe /minimized []
"LiveSupport"=C:\Program Files\LiveSupport\LiveSupport.exe /noshow /log []
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro Advanced\DTAgent.exe [2013-05-13 3111456]
"Sony PC Companion"=C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2015-04-10 455392]

C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-12 19:33:56 ----D---- C:\rsit
2015-06-12 19:33:56 ----D---- C:\Program Files\trend micro
2015-06-11 19:34:58 ----D---- C:\Windows\system32\MpEngineStore
2015-06-10 20:35:45 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 20:35:40 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 20:24:38 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 20:24:36 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 20:24:36 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 20:24:36 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 20:24:36 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 20:24:36 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 20:24:35 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 20:24:35 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 20:24:35 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 20:17:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-06-10 20:17:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 20:17:36 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 20:17:36 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 20:17:36 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 20:17:35 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 20:17:35 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\smss.exe
2015-06-10 20:17:35 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 20:17:35 ----A---- C:\Windows\system32\relog.exe
2015-06-10 20:17:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 20:17:35 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 20:17:35 ----A---- C:\Windows\system32\logman.exe
2015-06-10 20:17:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 20:17:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 20:17:35 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 20:17:35 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 20:17:34 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 20:17:34 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 20:17:34 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 20:17:34 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 20:17:34 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 20:17:34 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 20:17:34 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 20:17:34 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 20:17:34 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 20:17:34 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 20:17:14 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 20:17:14 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 20:17:14 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 20:17:13 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 20:12:11 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 20:12:11 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 20:12:11 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 20:12:11 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 20:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-07 10:14:07 ----D---- C:\ProgramData\Sony
2015-06-07 10:14:07 ----D---- C:\Program Files\Sony
2015-05-13 19:46:42 ----D---- C:\ProgramData\AVG Web TuneUp
2015-05-13 16:22:12 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:32:51 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 14:32:37 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 14:32:37 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 14:32:33 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 14:32:29 ----A---- C:\Windows\system32\services.exe
2015-05-13 14:32:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 14:32:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-13 14:32:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-13 14:32:27 ----A---- C:\Windows\system32\urlmon.dll
2015-05-13 14:32:27 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 14:32:27 ----A---- C:\Windows\system32\iernonce.dll
2015-05-13 14:32:27 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-13 14:32:27 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-13 14:32:26 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-13 14:32:26 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-13 14:32:26 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-13 14:32:26 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-13 14:32:26 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-13 14:32:25 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-13 14:32:24 ----A---- C:\Windows\system32\msrating.dll
2015-05-13 14:32:24 ----A---- C:\Windows\system32\iesetup.dll
2015-05-13 14:32:23 ----A---- C:\Windows\system32\wininet.dll
2015-05-13 14:32:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 14:32:22 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-13 14:32:21 ----A---- C:\Windows\system32\ieui.dll
2015-05-13 14:32:21 ----A---- C:\Windows\system32\ieframe.dll
2015-05-13 14:32:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-13 14:32:19 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-13 14:32:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-13 14:32:18 ----A---- C:\Windows\system32\iertutil.dll
2015-05-13 14:32:17 ----A---- C:\Windows\system32\mshtml.dll
2015-05-13 14:32:15 ----A---- C:\Windows\system32\jscript9.dll
2015-05-13 14:32:14 ----A---- C:\Windows\system32\vbscript.dll
2015-05-13 14:32:14 ----A---- C:\Windows\system32\jscript.dll
2015-05-13 14:31:45 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 14:31:45 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 14:31:45 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 14:31:45 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-13 14:31:43 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 14:31:43 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 14:31:41 ----A---- C:\Windows\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2015-06-12 19:33:56 ----RD---- C:\Program Files
2015-06-12 19:30:46 ----D---- C:\Windows\Temp
2015-06-12 19:21:42 ----D---- C:\Windows\System32
2015-06-12 19:21:42 ----D---- C:\Windows\inf
2015-06-12 19:21:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-12 19:21:13 ----D---- C:\Program Files\Opera
2015-06-12 19:20:52 ----D---- C:\ProgramData\MFAData
2015-06-11 20:09:32 ----D---- C:\Windows\system32\config
2015-06-11 19:33:57 ----D---- C:\Windows\system32\MRT
2015-06-11 19:33:43 ----A---- C:\Windows\system32\MRT.exe
2015-06-11 19:33:23 ----SHD---- C:\System Volume Information
2015-06-11 19:14:37 ----D---- C:\Windows\winsxs
2015-06-11 19:12:29 ----SD---- C:\Windows\system32\CompatTel
2015-06-11 19:12:29 ----D---- C:\Windows\system32\appraiser
2015-06-11 19:12:28 ----D---- C:\Windows\system32\drivers
2015-06-11 19:12:28 ----D---- C:\Windows\AppPatch
2015-06-11 19:12:27 ----D---- C:\Windows\system32\en-US
2015-06-11 19:12:25 ----D---- C:\Program Files\Windows Media Player
2015-06-10 21:55:37 ----D---- C:\Users\uzivatel\AppData\Roaming\vlc
2015-06-10 20:05:44 ----D---- C:\Windows\system32\catroot2
2015-06-10 17:21:38 ----D---- C:\Windows\system32\Tasks
2015-06-10 15:12:09 ----D---- C:\Windows\ModemLogs
2015-06-08 14:40:05 ----D---- C:\Windows\Prefetch
2015-06-07 10:15:54 ----D---- C:\Windows\system32\DriverStore
2015-06-07 10:14:57 ----D---- C:\Windows
2015-06-07 10:14:07 ----HD---- C:\ProgramData
2015-06-07 10:14:07 ----HD---- C:\Program Files\InstallShield Installation Information
2015-05-28 15:02:34 ----SHD---- C:\Windows\Installer
2015-05-28 15:02:34 ----SHD---- C:\Config.Msi
2015-05-28 15:02:27 ----RD---- C:\Program Files\Skype
2015-05-20 03:00:38 ----SD---- C:\Windows\system32\GWX
2015-05-15 15:06:33 ----D---- C:\Windows\Tasks
2015-05-14 04:00:45 ----D---- C:\Program Files\Windows Journal
2015-05-13 23:11:58 ----D---- C:\Windows\rescache
2015-05-13 20:02:27 ----D---- C:\Windows\Microsoft.NET
2015-05-13 20:02:02 ----RSD---- C:\Windows\assembly
2015-05-13 19:43:57 ----D---- C:\Program Files\Common Files\AVG Secure Search
2015-05-13 19:43:11 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-13 19:43:06 ----D---- C:\Program Files\Internet Explorer
2015-05-13 19:42:56 ----D---- C:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-10-29 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-10-13 466008]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-07-21 200984]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-10-24 189720]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-10-20 197400]
R1 MpKsld2833ff1;MpKsld2833ff1; \??\C:\Windows\system32\MpEngineStore\MpKsld2833ff1.sys [2015-06-11 39464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-07-01 4266560]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-17 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 apej3evm;apej3evm; C:\Windows\system32\drivers\apej3evm.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-12-16 3247120]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-12-16 289328]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-08-13 108032]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [2010-03-17 229458]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-05 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-12-15 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-05 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-09 148592]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-08-01 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

# AdwCleaner v4.206 - Log vytvorený 12/06/2015 at 20:42:28
# Aktualizované 01/06/2015 by Xplode
# Databáza : 2015-06-09.1 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x86)
# Uživateľské meno : uzivatel - UZIVATEL-PC
# Spustené z : C:\Users\uzivatel\Desktop\adwcleaner_4.206.exe
# Nastavenia : Čistenie

***** [ Služby ] *****


***** [ Súbory / Priečinky ] *****

Priečinok Zmazané : C:\ProgramData\AVG Security Toolbar
Priečinok Zmazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Priečinok Zmazané : C:\Program Files\Common Files\AVG Secure Search
Priečinok Zmazané : C:\Users\uzivatel\AppData\Local\MediaDrug
Priečinok Zmazané : C:\Users\uzivatel\AppData\Roaming\SkypEmoticons
Priečinok Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Priečinok Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage-journal
Súbor Zmazané : C:\Users\uzivatel\AppData\Roaming\LiveSupport.exe_log.txt
Súbor Zmazané : C:\Users\uzivatel\AppData\Roaming\regsvr32.exe_log.txt
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_wlogin.icq.com_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_wlogin.icq.com_0.localstorage-journal
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.icq.com_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.icq.com_0.localstorage-journal
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage-journal
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage-journal
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage
Súbor Zmazané : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****


***** [ Zástupcovia ] *****

Zástupca Dezinfikované : C:\Users\Public\Desktop\Google Chrome.lnk
Zástupca Dezinfikované : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Zástupca Dezinfikované : C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Zástupca Dezinfikované : C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Zástupca Dezinfikované : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Zástupca Dezinfikované : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupca Dezinfikované : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registre ] *****

Hodnota Zmazané : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fmconverter@gmail.com]
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Hodnota Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Hodnota Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Hodnota Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Dáta Obnovené : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : HKCU\Software\Optimizer Pro
Kľúč registra Zmazané : HKCU\Software\Avg Secure Update
Kľúč registra Zmazané : HKLM\SOFTWARE\webssearchesSoftware
Kľúč registra Zmazané : HKLM\SOFTWARE\Avg Secure Update
Kľúč registra Zmazané : HKU\.DEFAULT\Software\Avg Secure Update
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Dáta Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17801

Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 sk)


-\\ Google Chrome v43.0.2357.124

[C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1410195314&from=wpc&uid=ST500LM000-1EJ162_W3702J5XXXXXW3702J5X&q={searchTerms}

-\\ Opera v30.0.1835.59


*************************

AdwCleaner[R0].txt - [8283 bajtov] - [12/06/2015 20:40:52]
AdwCleaner[S0].txt - [7333 bajtov] - [12/06/2015 20:42:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7393 bajtov] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by uzivatel on pi 12. 06. 2015 at 20:59:11,50.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\uzivatel\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12. 6. 2015 21:00:38 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully
C:\Users\uzivatel\AppData\Roaming\WinRAR deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4i9ho4gl.dev-edition-default\prefs.js:

Added to C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4i9ho4gl.dev-edition-default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default\prefs.js:

Added to C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Program Files\DAEMON Tools Pro deleted
C:\Windows\system32\Tasks\0614aUpdateInfo deleted
C:\Program Files\Firefox Developer Edition deleted
C:\Program Files\AVG Web TuneUp deleted
C:\PROGRA~2\AVG Web TuneUp deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\uzivatel\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\system32\config\systemprofile\Searches deleted
"C:\Program Files\Bonjour\mdnsNSP.dll" deleted
"C:\Program Files\Bonjour\mDNSResponder.exe" deleted
"C:\Program Files\Bonjour" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4i9ho4gl.dev-edition-default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4i9ho4gl.dev-edition-default
DC26A2A219E08DE10320E8B7D5433690 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E42650C972D21F334EB0D3264941DCD7 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

Profilepath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default
08ACECEB47FAF053C468D8AFE44709AD - C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll - Google Update
DC26A2A219E08DE10320E8B7D5433690 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E42650C972D21F334EB0D3264941DCD7 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01. 05. 2015 11:17]


==== Chromium Startpages ======================

C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences
.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":48216}},"www.google.sk:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.google.sk:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":62853}},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":47399},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}]},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagservices.com:80":{"network_stats":{"srtt":45855}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.maps.google.sk:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.mixcloud.com:443":{"supports_spdy":true},"www.mkaf.org:443":{"supports_spdy":true},"www.searchd.co:443":{"supports_spdy":true},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":60204}},"youtu.be:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":62662},"supports_spdy":true},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"z-1-scontent.xx.fbcdn.net:443":{"supports_spdy":true},"zebra.pushbullet.com:443":{"supports_spdy":true}},"supports_quic":{"address":"192.168.1.10","used_quic":true},"version":3}},"ntp":{"most_visited_blacklist":{"68aacc8a25f26b291ec934474972edec":null}},"partition":{"per_host_zoom_levels":{"2166136261":{}}},"password_bubble":{"nopes":0},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Osoba 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\uzivatel\\Desktop"},"selectfile":{"last_directory":"C:\\AdwCleaner"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13073980519903806"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["cs","sk"],"translate_denied_count":{"en":2},"translate_last_denied_time":1429511280053.1,"translate_too_often_denied":true,"translate_whitelists":{}}
pbhlhldgbnhmacadg":"BE60089CD76E3170BC2186190689056B650780717F92453CBC005C33683BD108","gfdkimpbcpahaombhbimeihdjnejgicl":"17B08072C633AFB1B70E0D75B6A570CF678995B6B356630BF665DA1A7E2E2B8D","kmendfapggjehodndflmmgagdbamhnfd":"84D11AA7CAA46373816BEC09E0F489AD66CF857A6CB5839E4890B48589350D40","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"52B7F8315D0E9D9EF0D6ED5125079B1EC8C6783F203438ED98A34EB1F6C3AD47","mfehgcgbbipciphmccgaenjidiccnmng":"7B509699A9A7F576882DDB33F997FEA832F646C85067F3D76F88903FE95C46D3","mfffpogegjflfpflabcdkioaeobkgjik":"EE1177FFA891DFDF3B1A809DB53472860AC03CE8F1043EA526E79F9CAED6733A","mgndgikekgjfcpckkfioiadnlibdjbkf":"F3C137F99D0FBF8984014AA6B8E2177FF109E4972C4D16EB1440ADE3CD60661D","mhjfbmdgcfjbbpaeojofohoefgiehjai":"DEF5AA4C041CC80ECA24A74DACB4F27D1635D9FEAF16239FBAB94B1E5B7E25A6","ndibdjnfmopecpmkdieinmbadjfpblof":"E8C65565243905DAFDFEE317AD824B87BE731C47DFEAB515750859D1212ED1BF","neajdppkdcdipfabeoofebfddakdcjhd":"1013FF0042DAB8D1B139DE60D7BE7E0E5044B66A898A9BB535D5132FC98416FD","nkeimhogjdpnpccoofpliimaahmaaome":"7DDC90709969DE5E5EFE6E2E1F790E1ABF4C0BB8E54F341D1FF834D8FF1E1B9E","nmmhkkegccagdldgiimedpiccmgmieda":"5AEB348122A49AD68E0A742198BC135039439F1AFBD88D9DDDC536C524C6200F","pjkljhegncpnkpknbcohdijeoejaedia":"F47B0B7BFB0F84C5C4EC4A0A9E3782FE0F2CB5BD8D79D01AFDC0B018D17B1919"}},"google":{"services":{"last_username":"37AFC14C2D8533B0A02D24D9874CADF680F7C102971FBD08F2EB6A2FB95AAD89","username":"236916A24334CE1EBEEBB3E5CB18E649B76A3020BDF6AED5F35C2D23A6884A13"}},"homepage":"C4DA785812F77896FA14AEA4E5B40321A6E7AB49D085D98320C481E42FB7DE9B","homepage_is_newtabpage":"296DDD87D94BE0E2A2EF0ACD8FA41EE7B3507D943E9E6C81865DB50F3B898B06","pinned_tabs":"40A7809DC1190511DB74F993C6153B2A2707B691E0BC77EFD70F0E67A42BB3E2","prefs":{"preference_reset_time":"649AB598B7AEFED7A6064B94D05159D7F591DBDF191E70DE03508F05BAC76F76"},"profile":{"reset_prompt_memento":"B586BAEAD3311A2FB40417D77B79A375F2A01AAA2EF084099B3F1210C58AA9B8"},"safebrowsing":{"incidents_sent":"4F7D2966D907EE3B338830ECEDD21D7E70740E2A57A3E4DB20D11875C35B37A3"},"search_provider_overrides":"774C500D67CCB999D67C489516FE13DA92596B976C774D993497C4048DA9F554","session":{"restore_on_startup":"17A62DE3CBB2A7517B5341864ECC31E2FEF434AB8FCF746BA380B7DBB22247AC","startup_urls":"7F92DCE31A25CAA1DC179E276319510CD3D8B8F44637223EBF93CD380952A8D9"},"software_reporter":{"prompt_reason":"891B5C838A9FBFD15BA3A1287C4EEAD3CC52AC8424CF3B8C8A66AA44D23AD87D","prompt_seed":"69CE7619C283F4BD203D1762D92659AE5ADEFE9CB9AD8AFB92E40A6204BB9A10","prompt_version":"4D644364E5A0462B24334951834D5C117A4320D0FD90D82284D531C171AC8589"},"sync":{"remaining_rollback_tries":"B720B87B07FC91F4DE559660D6064C133D560288A25447090028364D21F68B3B"}},"super_mac":"B498F272D3A6ECE0E9E5B7CFE5CF9C6B85D7E5B88880D7686199E66BCB4838F1"},"session":{"restore_on_startup":4,"startup_urls":["https://mysearch.avg.com?cid={99FF3182- ... 2014-08-06 21:21:07&v=3.1.0.7&pid=wtu&sg=&sap=hp"]},"sync":{"remaining_rollback_tries":0}}


==== Chromium Fix ======================

C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF186ba80.TMP was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF239e76c.TMP was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF23dcede.TMP was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF24209bb.TMP was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFb10772.TMP was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\uzivatel\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\uzivatel\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\uzivatel\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully

==== Empty IE Cache ======================

C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\uzivatel\AppData\Local\Mozilla\Firefox\Profiles\4i9ho4gl.dev-edition-default\cache2 emptied successfully
C:\Users\uzivatel\AppData\Local\Mozilla\Firefox\Profiles\r83grf0o.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\uzivatel\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=171 folders=54 120337167 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\uzivatel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\uzivatel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\Bonjour" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on pi 12. 06. 2015 at 21:32:27,17 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

ako to vyzerá?

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015
Ran by uzivatel (administrator) on UZIVATEL-PC on 12-06-2015 22:02:23
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available Profiles: uzivatel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro Advanced\DTShellHlp.exe
(ICQ) C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [729088 2004-06-23] (Corel Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [icq] => C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe [35224072 2014-08-30] (ICQ)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro Advanced\DTAgent.exe [3111456 2013-05-13] (Disc Soft Ltd)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {2b8188c0-52c2-11e4-94fb-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {507f2424-1e38-11e4-bb9e-70f395832206} - G:\MafiaLauncher.EXE
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {6ececc80-3b5d-11e4-af02-70f395832206} - F:\MafiaLauncher.EXE
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-08-01] (Microsoft Corporation)
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2015-02-07]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2126598862-1463189638-10750380-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll File not found
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: DownloadHelper - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\r83grf0o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-02-27]

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-12]
CHR Extension: (Google Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-05]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-12-15] (Macrovision Europe Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-08-13] (Freemake) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [229458 2010-03-17] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2014-10-13] (Duplex Secure Ltd.)
U3 aoqxyj54; C:\Windows\system32\Drivers\aoqxyj54.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-12 22:02 - 2015-06-12 22:02 - 00015327 _____ C:\Users\uzivatel\Desktop\LM.bat
2015-06-12 21:59 - 2015-06-12 22:02 - 00011755 _____ C:\Users\uzivatel\Desktop\FRST.txt
2015-06-12 21:59 - 2015-06-12 22:02 - 00000000 ____D C:\FRST
2015-06-12 21:57 - 2015-06-12 21:57 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
2015-06-12 21:52 - 2015-06-12 21:52 - 01147904 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST.exe
2015-06-12 21:18 - 2015-06-12 20:58 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-12 21:00 - 2015-06-12 21:32 - 00018886 _____ C:\zoek-results.log
2015-06-12 20:58 - 2015-06-12 21:23 - 00000000 ____D C:\zoek_backup
2015-06-12 20:58 - 2015-06-12 20:58 - 01308672 _____ C:\Users\uzivatel\Desktop\zoek.exe
2015-06-12 20:40 - 2015-06-12 20:50 - 00000000 ____D C:\AdwCleaner
2015-06-12 20:39 - 2015-06-12 20:39 - 02231296 _____ C:\Users\uzivatel\Desktop\adwcleaner_4.206.exe
2015-06-12 19:33 - 2015-06-12 19:35 - 00000000 ____D C:\rsit
2015-06-12 19:33 - 2015-06-12 19:35 - 00000000 ____D C:\Program Files\trend micro
2015-06-12 19:33 - 2015-06-12 19:33 - 01107968 _____ C:\Users\uzivatel\Downloads\RSIT.exe
2015-06-11 19:34 - 2015-06-12 20:42 - 00000000 ____D C:\Windows\system32\MpEngineStore
2015-06-10 20:35 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 20:35 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 20:24 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 20:24 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 20:24 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 20:24 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 20:24 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 20:24 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 20:24 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 20:24 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 20:24 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 20:17 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 20:17 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 20:17 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 20:17 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 20:17 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 20:17 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 20:17 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 20:17 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 20:17 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 20:17 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 20:17 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 20:17 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 20:17 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 20:17 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 20:17 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 20:17 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 20:17 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 20:17 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 20:17 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 20:17 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 20:17 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 20:17 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 20:17 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 20:17 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 20:17 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 20:12 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 20:12 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 20:12 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 20:12 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 20:12 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 20:12 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-07 10:14 - 2015-06-07 10:15 - 00130642 _____ C:\Windows\DPINST.LOG
2015-06-07 10:14 - 2015-06-07 10:14 - 00002044 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-06-07 10:14 - 2015-06-07 10:14 - 00000000 ____D C:\ProgramData\Sony
2015-06-07 10:14 - 2015-06-07 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-06-07 10:14 - 2015-06-07 10:14 - 00000000 ____D C:\Program Files\Sony
2015-06-04 08:23 - 2015-06-04 08:33 - 192890282 _____ C:\Users\uzivatel\Downloads\South-Park-14x09-Tak-to-chodí-v-jersey.avi
2015-06-04 00:54 - 2015-06-04 01:04 - 179220992 _____ C:\Users\uzivatel\Downloads\South-Park-09x11--Zrzci.avi
2015-06-02 22:55 - 2015-06-03 01:06 - 2357826288 _____ C:\Users\uzivatel\Downloads\FAST-AND-FURIOUS-7-CZ-TITULKY-HDRip-1080P-(2015)-MIGON14.mkv
2015-06-01 11:12 - 2015-06-01 11:12 - 00000000 ____D C:\Users\uzivatel\AppData\Local\GWX
2015-05-25 19:33 - 2015-05-25 19:58 - 134604163 _____ C:\Users\uzivatel\Downloads\South.Park.S16E04.Zidopakabra.DVDRip.x264.CZ.ENG.mkv
2015-05-25 15:54 - 2015-05-25 16:00 - 99523538 _____ C:\Users\uzivatel\Downloads\south-park-11x09-cz-neni-hovno-jako-hovno-pres-MultiLoad.cz.avi
2015-05-24 23:55 - 2015-05-25 00:27 - 582407543 _____ C:\Users\uzivatel\Downloads\South-Park-16x03-CZ-HD.mkv
2015-05-24 23:18 - 2015-05-24 23:27 - 143501312 _____ C:\Users\uzivatel\Downloads\South.Park.S07E12.DVDRip.XviD-McTav.avi
2015-05-24 02:55 - 2015-05-24 03:11 - 287101963 _____ C:\Users\uzivatel\Downloads\Mestecko-South-Park-10x08-Venuj-se-lasce-ne-Warcraftu.mkv
2015-05-24 02:43 - 2015-05-24 02:53 - 192135496 _____ C:\Users\uzivatel\Downloads\South-Park-13x03---Margarit'ák.avi
2015-05-21 00:01 - 2015-05-21 00:20 - 331849842 _____ C:\Users\uzivatel\Downloads\Mestecko-South-Park-12x03---Kozy-jako-vozy.mkv
2015-05-20 23:33 - 2015-05-20 23:49 - 296278822 _____ C:\Users\uzivatel\Downloads\Mestecko-South-Park-S13E10---Finále-wrestlingu.mkv
2015-05-20 23:18 - 2015-05-20 23:27 - 160611350 _____ C:\Users\uzivatel\Downloads\South-Park-15x10--Odposlech.avi
2015-05-20 23:02 - 2015-05-20 23:12 - 178327292 _____ C:\Users\uzivatel\Downloads\South-Park-15x13--Díkuvzdání-na-historickém-kanálu.avi
2015-05-20 22:51 - 2015-05-20 23:01 - 191669404 _____ C:\Users\uzivatel\Downloads\South-Park-14x01--Léčba-sexuální-závislosti.avi
2015-05-20 09:39 - 2015-05-20 09:49 - 192094402 _____ C:\Users\uzivatel\Downloads\South-Park-11x02--Cartman-kouří.avi
2015-05-20 06:52 - 2015-05-20 07:03 - 187890986 _____ C:\Users\uzivatel\Downloads\South-Park-14x02--Příběh-šourka-kundibála.avi
2015-05-20 01:02 - 2015-05-20 01:07 - 100537626 _____ C:\Users\uzivatel\Downloads\south-park-11x14-cz-seznam-pres-MultiLoad.cz.avi
2015-05-20 00:37 - 2015-05-20 00:47 - 192991986 _____ C:\Users\uzivatel\Downloads\South-Park-11x06-Les---Bos.avi
2015-05-20 00:25 - 2015-05-20 00:36 - 193037208 _____ C:\Users\uzivatel\Downloads\South-Park-11x13--Kytarová-muzika.avi
2015-05-18 12:53 - 2015-05-18 12:53 - 00000000 ____D C:\Users\uzivatel\Downloads\206508
2015-05-18 12:50 - 2015-05-18 12:50 - 00049199 _____ C:\Users\uzivatel\Downloads\206508.7z
2015-05-17 23:23 - 2015-05-18 01:08 - 1836753522 _____ C:\Users\uzivatel\Downloads\EX-MACHINA-2015-HD-DD5.1-CZ-dabing.avi
2015-05-13 21:55 - 2015-05-13 22:01 - 192450818 _____ C:\Users\uzivatel\Downloads\South Park-16x10- Vniřní bezpečnost.avi
2015-05-13 16:22 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:32 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 14:32 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 14:32 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 14:32 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 14:32 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 14:32 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 14:32 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 14:32 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 14:32 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 14:32 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 14:32 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 14:32 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 14:32 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 14:32 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 14:32 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 14:32 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 14:32 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 14:32 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 14:32 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 14:32 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 14:32 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 14:32 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 14:32 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 14:32 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 14:32 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 14:32 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 14:32 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 14:32 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 14:32 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 14:32 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 14:32 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 14:32 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 14:32 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 14:32 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 14:32 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 14:32 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 14:32 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 14:31 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 14:31 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 14:31 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 14:31 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 14:31 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 14:31 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 14:31 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-12 21:53 - 2014-07-31 17:51 - 01175974 _____ C:\Windows\WindowsUpdate.log
2015-06-12 21:43 - 2015-03-31 17:28 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-12 21:43 - 2015-03-31 17:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-12 21:43 - 2015-03-31 17:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-12 21:37 - 2009-07-14 06:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-12 21:37 - 2009-07-14 06:34 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-12 21:32 - 2014-08-05 14:43 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-12 21:27 - 2014-07-31 18:03 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-12 21:23 - 2014-08-01 13:53 - 00204898 _____ C:\Windows\PFRO.log
2015-06-12 21:23 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-12 21:23 - 2009-07-14 06:39 - 00057776 _____ C:\Windows\setupact.log
2015-06-12 21:11 - 2014-08-05 14:43 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-12 20:42 - 2014-08-05 14:44 - 00001256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-12 20:42 - 2014-08-05 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-12 20:42 - 2014-07-31 17:58 - 00001146 _____ C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-12 19:21 - 2014-08-05 14:49 - 00000000 ____D C:\Program Files\Opera
2015-06-12 19:20 - 2014-08-01 11:02 - 00000000 ____D C:\ProgramData\MFAData
2015-06-11 19:33 - 2014-07-31 18:49 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-11 19:33 - 2014-07-31 18:49 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 19:14 - 2009-07-14 06:33 - 01781064 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 19:12 - 2014-12-14 20:14 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 19:12 - 2014-08-01 09:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 21:55 - 2014-09-01 23:39 - 00000000 ____D C:\Users\uzivatel\AppData\Roaming\vlc
2015-06-07 10:14 - 2014-08-05 15:49 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-05-28 15:02 - 2014-08-16 19:26 - 00000000 ___RD C:\Program Files\Skype
2015-05-20 03:00 - 2015-04-04 18:33 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-15 18:41 - 2014-10-13 12:45 - 00000000 ____D C:\Users\uzivatel\Documents\NFS Most Wanted
2015-05-14 14:47 - 2014-12-15 21:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 04:00 - 2009-07-14 09:49 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 23:11 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-05-13 20:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-13 19:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers

==================== Files in the root of some directories =======

2014-03-08 13:33 - 2014-03-04 10:13 - 0000166 _____ () C:\Program Files\ALI213.ini
2014-03-08 13:33 - 2014-02-28 13:35 - 0339456 _____ (RAD Game Tools, Inc.) C:\Program Files\bink2w32.dll
2014-03-08 13:33 - 2014-02-28 13:35 - 0432128 _____ (RAD Game Tools, Inc.) C:\Program Files\bink2w64.dll
2014-03-08 13:33 - 2014-03-06 09:27 - 0000027 _____ () C:\Program Files\build_version.txt
2014-03-08 13:33 - 2014-02-28 13:35 - 0001586 _____ () C:\Program Files\config.ini
2014-03-08 13:33 - 2014-03-08 07:29 - 0000088 ____R () C:\Program Files\CPY.ini
2014-03-08 13:33 - 2014-02-28 13:35 - 0290408 _____ (NVIDIA Corporation) C:\Program Files\cudart32_30_9.dll
2014-03-08 13:33 - 2014-02-28 13:35 - 0405608 _____ (NVIDIA Corporation) C:\Program Files\cudart64_30_9.dll
2014-03-08 13:33 - 2014-03-06 09:51 - 1910557320 _____ () C:\Program Files\data_archive.oaf
2014-03-08 13:35 - 2014-03-06 09:51 - 14948075 _____ () C:\Program Files\data_archive_uncensored.oaf
2014-03-08 13:35 - 2014-02-28 13:48 - 1363140 _____ () C:\Program Files\data_localized_en.oaf
2014-03-08 13:35 - 2014-02-28 13:48 - 181744532 _____ () C:\Program Files\data_localized_vo_en.oaf
2014-03-08 13:35 - 2014-02-28 13:48 - 0001354 _____ () C:\Program Files\engine.ini
2014-03-08 13:35 - 2014-02-28 13:48 - 1730633 _____ () C:\Program Files\engine.oaf
2014-03-08 13:35 - 2014-02-28 13:48 - 0001152 _____ () C:\Program Files\gfxlicense.dat
2014-03-08 13:35 - 2014-03-04 10:51 - 0090022 _____ () C:\Program Files\icon.ico
2015-04-29 04:46 - 2015-04-29 04:46 - 0325960 _____ () C:\Program Files\lua5.1.dll
2014-03-08 13:35 - 2014-02-28 13:48 - 0001954 _____ () C:\Program Files\onyx_buffer_config.xml
2014-03-08 13:35 - 2014-02-28 13:48 - 0488800 _____ () C:\Program Files\physxcudart64_20.dll
2014-03-08 13:35 - 2014-02-28 13:48 - 0197912 _____ () C:\Program Files\physxcudart_20.dll
2014-03-08 13:35 - 2014-02-28 13:48 - 0023320 _____ (NVIDIA Corporation) C:\Program Files\PhysXDevice.dll
2014-03-08 13:35 - 2014-02-28 13:48 - 0031072 _____ (NVIDIA Corporation) C:\Program Files\PhysXDevice64.dll
2014-03-08 13:35 - 2014-02-28 13:48 - 0000038 _____ () C:\Program Files\player_options.ini
2014-03-08 13:35 - 2014-03-08 13:19 - 11033600 ____R (Obsidian Entertainment, Inc.) C:\Program Files\South Park - The Stick of Truth.exe
2014-03-08 13:35 - 2014-03-08 13:19 - 0030696 ____R () C:\Program Files\steam_api.dll
2014-03-08 13:35 - 2014-02-28 13:48 - 0000006 _____ () C:\Program Files\steam_appid.txt
2015-04-29 04:46 - 2015-04-29 04:46 - 1345024 _____ (Indigo Rose Corporation) C:\Program Files\uninstall.exe
2014-03-08 13:35 - 2014-03-04 08:37 - 0000226 _____ () C:\Program Files\update-southpark.bat
2014-03-08 13:35 - 2014-02-28 13:48 - 0022435 _____ () C:\Program Files\video_autodetect.xml
2014-03-08 13:35 - 2013-10-12 20:47 - 0000732 _____ () C:\Program Files\visit-www.nosteam.ro.html
2002-08-29 17:33 - 2002-08-29 17:33 - 0319488 ____R () C:\Users\uzivatel\AppData\Roaming\MafiaSetup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 05:49

==================== End of log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [729088 2004-06-23] (Corel Corporation)
  HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
  HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
  HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [icq] => C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe [35224072 2014-08-30] (ICQ)
  HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro Advanced\DTAgent.exe [3111456 2013-05-13] (Disc Soft Ltd)
  HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
  HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {2b8188c0-52c2-11e4-94fb-806e6f6e6963} - F:\Autorun.exe
  HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {507f2424-1e38-11e4-bb9e-70f395832206} - G:\MafiaLauncher.EXE
  HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {6ececc80-3b5d-11e4-af02-70f395832206} - F:\MafiaLauncher.EXE
  HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-08-01] (Microsoft Corporation)
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll File not found
  
  CHR Extension: (Skype Click to Call) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-12]
  CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
  
  R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
  R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
  S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
  U3 aoqxyj54; C:\Windows\system32\Drivers\aoqxyj54.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
  
  C:\Program Files\Skype\Toolbars
  2015-06-12 22:02 - 2015-06-12 22:02 - 00015327 _____ C:\Users\uzivatel\Desktop\LM.bat
  2015-06-12 21:59 - 2015-06-12 22:02 - 00011755 _____ C:\Users\uzivatel\Desktop\FRST.txt
  2015-06-12 21:57 - 2015-06-12 21:57 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
  2015-06-12 21:18 - 2015-06-12 20:58 - 00024064 _____ C:\Windows\zoek-delete.exe
  2015-06-12 21:00 - 2015-06-12 21:32 - 00018886 _____ C:\zoek-results.log
  2015-06-12 20:58 - 2015-06-12 21:23 - 00000000 ____D C:\zoek_backup
  2015-06-12 20:58 - 2015-06-12 20:58 - 01308672 _____ C:\Users\uzivatel\Desktop\zoek.exe
  2015-06-12 20:40 - 2015-06-12 20:50 - 00000000 ____D C:\AdwCleaner
  2015-06-12 20:39 - 2015-06-12 20:39 - 02231296 _____ C:\Users\uzivatel\Desktop\adwcleaner_4.206.exe
  2015-06-12 19:33 - 2015-06-12 19:35 - 00000000 ____D C:\rsit
  2015-06-12 19:33 - 2015-06-12 19:35 - 00000000 ____D C:\Program Files\trend micro
  2015-06-12 19:33 - 2015-06-12 19:33 - 01107968 _____ C:\Users\uzivatel\Downloads\RSIT.exe
  
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  
  CMD: netsh winsock reset
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

jeho fb účet stále posiela ľudom link do chatu samovoľne

Fix result of Farbar Recovery Scan Tool (x86) Version: 08-06-2015
Ran by uzivatel at 2015-06-12 22:32:04 Run:1
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available Profiles: uzivatel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [729088 2004-06-23] (Corel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [icq] => C:\Users\uzivatel\AppData\Roaming\ICQM\icq.exe [35224072 2014-08-30] (ICQ)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro Advanced\DTAgent.exe [3111456 2013-05-13] (Disc Soft Ltd)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {2b8188c0-52c2-11e4-94fb-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {507f2424-1e38-11e4-bb9e-70f395832206} - G:\MafiaLauncher.EXE
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\...\MountPoints2: {6ececc80-3b5d-11e4-af02-70f395832206} - F:\MafiaLauncher.EXE
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-08-01] (Microsoft Corporation)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll File not found

CHR Extension: (Skype Click to Call) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-12]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
U3 aoqxyj54; C:\Windows\system32\Drivers\aoqxyj54.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

C:\Program Files\Skype\Toolbars
2015-06-12 22:02 - 2015-06-12 22:02 - 00015327 _____ C:\Users\uzivatel\Desktop\LM.bat
2015-06-12 21:59 - 2015-06-12 22:02 - 00011755 _____ C:\Users\uzivatel\Desktop\FRST.txt
2015-06-12 21:57 - 2015-06-12 21:57 - 00112640 _____ (forum.viry.cz) C:\Users\uzivatel\Desktop\FRSTLauncher.exe
2015-06-12 21:18 - 2015-06-12 20:58 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-12 21:00 - 2015-06-12 21:32 - 00018886 _____ C:\zoek-results.log
2015-06-12 20:58 - 2015-06-12 21:23 - 00000000 ____D C:\zoek_backup
2015-06-12 20:58 - 2015-06-12 20:58 - 01308672 _____ C:\Users\uzivatel\Desktop\zoek.exe
2015-06-12 20:40 - 2015-06-12 20:50 - 00000000 ____D C:\AdwCleaner
2015-06-12 20:39 - 2015-06-12 20:39 - 02231296 _____ C:\Users\uzivatel\Desktop\adwcleaner_4.206.exe
2015-06-12 19:33 - 2015-06-12 19:35 - 00000000 ____D C:\rsit
2015-06-12 19:33 - 2015-06-12 19:35 - 00000000 ____D C:\Program Files\trend micro
2015-06-12 19:33 - 2015-06-12 19:33 - 01107968 _____ C:\Users\uzivatel\Downloads\RSIT.exe

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

CMD: netsh winsock reset

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CorelDRAW Graphics Suite 11b => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully.
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup => value removed successfully.
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\Software\Microsoft\Windows\CurrentVersion\Run\\icq => value removed successfully.
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent => value removed successfully.
HKU\S-1-5-21-2126598862-1463189638-10750380-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value removed successfully.
"HKU\S-1-5-21-2126598862-1463189638-10750380-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b8188c0-52c2-11e4-94fb-806e6f6e6963}" => key removed successfully.
HKCR\CLSID\{2b8188c0-52c2-11e4-94fb-806e6f6e6963} => key not found.
"HKU\S-1-5-21-2126598862-1463189638-10750380-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{507f2424-1e38-11e4-bb9e-70f395832206}" => key removed successfully.
HKCR\CLSID\{507f2424-1e38-11e4-bb9e-70f395832206} => key not found.
"HKU\S-1-5-21-2126598862-1463189638-10750380-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ececc80-3b5d-11e4-af02-70f395832206}" => key removed successfully.
HKCR\CLSID\{6ececc80-3b5d-11e4-af02-70f395832206} => key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008" => key removed successfully.
C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully.
C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully.
c2cautoupdatesvc => Service removed successfully.
c2cpnrsvc => Service removed successfully.
Bonjour Service => Service removed successfully.
aoqxyj54 => Service removed successfully.
C:\Program Files\Skype\Toolbars => moved successfully.
C:\Users\uzivatel\Desktop\LM.bat => moved successfully.
C:\Users\uzivatel\Desktop\FRST.txt => moved successfully.
C:\Users\uzivatel\Desktop\FRSTLauncher.exe => moved successfully.
C:\Windows\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\Users\uzivatel\Desktop\zoek.exe => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\uzivatel\Desktop\adwcleaner_4.206.exe => moved successfully.
C:\rsit => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\Users\uzivatel\Downloads\RSIT.exe => moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job => moved successfully.

========= netsh winsock reset =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 206.3 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 22:32:45 ====

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Aplikujte MBAM http://forum.viry.cz/viewtopic.php?f=29&t=137928

môže nájdene súbory odstrániť?

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 13. 6. 2015
Čas skenování: 7:07:15
Protokol: zaznama.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.06.12.07
Databáze rootkitů: v2015.06.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: uzivatel

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 453572
Uplynulý čas: 1 hod, 4 min, 39 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.MultiPlug, HKU\S-1-5-21-2126598862-1463189638-10750380-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}, Do karantény, [3c9b06b39feb3afca18e9d0dbc47c937],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.MediaDrug.C, C:\Users\uzivatel\Music\MediaDrug, Do karantény, [cd0a37822a6092a48e6c767233d048b8],

Soubory: 5
Hacktool.ChewWGA, C:\Users\uzivatel\Downloads\AktivA!tor-Windows-7-vA!echny-verze.rar, Do karantény, [c6117841d6b42610455ec1c201ffca36],
PUP.Optional.OpenCandy, C:\Users\uzivatel\Downloads\Deamon-Tools-PRO-+-CRACK\DAEMON Tools Pro by eXe\DAEMONToolsPro520-0348.exe, Do karantény, [b0271d9cc3c72a0c70635a0c8d7946ba],
HackTool.Wpakill, C:\Users\uzivatel\Downloads\Windows-7-aktivA!tor-(11.2.2012)\Windows 7 aktivA!tor (11.2.2012)\RemoveWAT.exe, Do karantény, [9b3c03b665250d29a7025f241fe157a9],
HackTool.Wpakill, C:\Users\uzivatel\Downloads\Windows-7-aktivA!tor-(11.2.2012)\Windows 7 aktivA!tor (11.2.2012)\Windows 7 aktivA!tor.rar, Do karantény, [8255dedb7c0ef0461a8fe1a2837df20e],
PUP.Optional.MediaDrug.C, C:\Users\uzivatel\Music\MediaDrug\default.mdp, Do karantény, [cd0a37822a6092a48e6c767233d048b8],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

A s tim nelegalnim system udelame co

notebook má legalny windows tamto je len pozostatok po skúšaní nelegálneho windowsu ale nie pre tento notebook ale nejakí iný v minulosti...za legalnosť tohto windowsu sa možem zaručiť

Vsechny nalezy smazte

Zmente heslo na FB

FB si stale povida??

všetko urobené a vyzerá, že už to ide
dakujeme