VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Na fotkách jsou čtverečky...

https://forum.viry.cz:443/viewtopic.php?t=145897

Stránka 1 z 2

Na fotkách jsou čtverečky...

Napsal: 01 zář 2015 11:41
od Zemos
Dobrý den. Mám zde menší problém. Mám na fotkách v pc, bílé čtverečky, nebo velký obdélník, který brání v zobrazení zbytku fotky. Počítač se taky zpomalil. Antivirus, našel dva viry, které jsem dal automaticky vyčistit, a také jsme spustil, c-cleaner a nepomohlo. Přikládám log z rsit.

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Péťa at 2015-09-01 12:36:56
Microsoft Windows 8.1 
System drive C: has 199 GB (43%) free of 467 GB
Total RAM: 8114 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:37:01, on 1. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Péťa\AppData\Roaming\Adobe\FlashPlayerManager_11_3_280.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Péťa.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: SecureWebBHO - {D3C24E2B-C820-4492-9B69-11BF7163F998} - C:\Program Files (x86)\Gamma Task Menager\itie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Péťa\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [AcerPortal] "C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe" startup
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [FlashPlayerManager] C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe exec hide C:\Users\Péťa\AppData\Roaming\Adobe\start.bat
O4 - HKUS\S-1-5-18\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - MiniLite system - C:\Program Files (x86)\MiniLite\ProtectService.exe
O23 - Service: Intel(R) Technology Access Service (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Programy\origin\OriginClientService.exe
O23 - Service: Privoxy (PrivoxyService) (PrivoxyService) - The Privoxy team - www.privoxy.org - C:\Program Files (x86)\Gamma Task Menager\privoxy.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - DTools LIMITED - C:\ProgramData\7WinManPro7\WinManPro.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12364 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {ae32082f-0e3d-4540-b6611d9243e72869}
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-40c95924-32bd-4a73-b10c-4b5257765527 -SystemEventPortName:HostProcess-13cd2d77-707e-4da8-8dbb-070d4fd2b825 -IoCancelEventPortName:HostProcess-8ae80d7e-be63-4806-94b9-f4ed4f11234e -NonStateChangingEventPortName:HostProcess-c01718ec-ed78-4220-8af6-57334c466132 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cdf05738-df1e-4a5c-b31f-2a32ac136d0f -DeviceGroupId:WudfDefaultDevicePool
ngservice.exe pipeserver
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe"
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding

"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 7
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\ProgramData\7WinManPro7\WinManPro.exe -service
"C:\Program Files (x86)\MiniLite\ProtectService.exe"
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" -r "C:\Users\Péťa\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" -u S-1-5-21-621929646-1206955908-3885600500-1001 -c 392 -s 509 -g "C:\ProgramData\acer\CCD"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe"
"D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe"

C:\Windows\System32\WinLogon.exe -SpecialSession
 -hiberboot
atieclxx
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe 
C:\Windows\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe" 
"C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" 
"C:\Windows\system32\GWX\GWX.exe" 
"C:\Users\Péťa\AppData\Roaming\Adobe\FlashPlayerManager_11_3_280.exe" --skein -o stratum+tcp://stratum.dgb.theblocksfactory.com:9002 -u Recors.1 -p x -I d
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
Adobe_Arkalis.exe -d0 -f100 http://Adobe.Arkalis:Arkalis@api.bitcoin.cz:8332
\??\C:\Windows\system32\conhost.exe 0x4
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe" 
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe" task
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{BA126F01-2166-11D1-B1D0-00805FC1270E}
"C:\Program Files (x86)\Skype\Phone\Skype.exe" 
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7424.0.1464997128\1263733459" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x6611 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1004 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="7424.2.853197347\974075589" --font-cache-shared-handle=2264 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="7424.6.346425487\582504752" --font-cache-shared-handle=4900 /prefetch:673131151
"C:\Program Files\Java\jre7\bin\javaw.exe" -Xms256m -Xmx512m -jar "C:\Users\Péťa\Desktop\Hry\Minecraft---warez---1.7-(3.1.7).exe"
"C:\Program Files\Java\jre7\bin\javaw.exe" -XX:HeapDumpPath=MojangTricksIntelDriversForPerformance_javaw.exe_minecraft.exe.heapdump -Xmx1G -XX:+UseConcMarkSweepGC -XX:+CMSIncrementalMode -XX:-UseAdaptiveSizePolicy -Xmn128M -Djava.library.path=C:\Users\Péťa\AppData\Roaming\.minecraft\versions\1.8.3\1.8.3-natives-784761570941045 -cp C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\oshi-project\oshi-core\1.1\oshi-core-1.1.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\net\java\dev\jna\jna\3.4.0\jna-3.4.0.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\net\java\dev\jna\platform\3.4.0\platform-3.4.0.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\ibm\icu\icu4j-core-mojang\51.2\icu4j-core-mojang-51.2.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\net\sf\jopt-simple\jopt-simple\4.6\jopt-simple-4.6.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\paulscode\codecjorbis\20101023\codecjorbis-20101023.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\paulscode\codecwav\20101023\codecwav-20101023.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\paulscode\libraryjavasound\20101123\libraryjavasound-20101123.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\paulscode\librarylwjglopenal\20100824\librarylwjglopenal-20100824.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\paulscode\soundsystem\20120107\soundsystem-20120107.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\io\netty\netty-all\4.0.23.Final\netty-all-4.0.23.Final.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\google\guava\guava\17.0\guava-17.0.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-lang3\3.3.2\commons-lang3-3.3.2.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\commons-io\commons-io\2.4\commons-io-2.4.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\commons-codec\commons-codec\1.9\commons-codec-1.9.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\net\java\jinput\jinput\2.0.5\jinput-2.0.5.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\net\java\jutils\jutils\1.0.0\jutils-1.0.0.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\google\code\gson\gson\2.2.4\gson-2.2.4.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\mojang\authlib\1.5.21\authlib-1.5.21.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\com\mojang\realms\1.7.13\realms-1.7.13.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-compress\1.8.1\commons-compress-1.8.1.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpclient\4.3.3\httpclient-4.3.3.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\commons-logging\commons-logging\1.1.3\commons-logging-1.1.3.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpcore\4.3.2\httpcore-4.3.2.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-api\2.0-beta9\log4j-api-2.0-beta9.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-core\2.0-beta9\log4j-core-2.0-beta9.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl\2.9.4-nightly-20150209\lwjgl-2.9.4-nightly-20150209.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl_util\2.9.4-nightly-20150209\lwjgl_util-2.9.4-nightly-20150209.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\libraries\tv\twitch\twitch\6.5\twitch-6.5.jar;C:\Users\Péťa\AppData\Roaming\.minecraft\versions\1.8.3\1.8.3.jar net.minecraft.client.main.Main --username Zemos --version 1.8.3 --gameDir C:\Users\Péťa\AppData\Roaming\.minecraft --assetsDir C:\Users\Péťa\AppData\Roaming\.minecraft\assets --assetIndex 1.8 --uuid fb3ccc95ace93189add41a6b751e9091 --accessToken 1337535510N --userProperties {} --userType legacy
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="7424.14.995069947\1066396894" --font-cache-shared-handle=2380 /prefetch:673131151
"C:\Users\Péťa\Desktop\Programy\RSITx64.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="7424.15.289755558\2062848844" --font-cache-shared-handle=6140 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="7424.16.986473376\1459003245" --font-cache-shared-handle=1900 /prefetch:673131151

======Scheduled tasks folder======

C:\Windows\tasks\5QbUXLDb9gVZDD4nZytrTXXF3h.job - C:\Users\P a\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe

Re: Na fotkách jsou čtverečky...

Napsal: 01 zář 2015 13:31
od altrok
Krasny den Vam preju :bye:



:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Re: Na fotkách jsou čtverečky...

Napsal: 01 zář 2015 15:28
od Zemos

Kód: Vybrat vše

# AdwCleaner v5.005 - Logfile created 01/09/2015 at 16:23:39
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Péťa - PC-PETA
# Running from : C:\Users\Péťa\Desktop\adwcleaner_5.005.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : IHProtect Service
[-] Service Deleted : PrivoxyService
[-] Service Deleted : WindowsMangerProtect

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Program Files (x86)\Gamma Task Menager
[-] Folder Deleted : C:\Program Files (x86)\MiniLite
[!] Folder Not Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Users\Guest\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\Guest\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Péťa\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Péťa\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\Péťa\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Péťa\AppData\Roaming\oursurfing
[-] Folder Deleted : C:\Users\Péťa\AppData\Roaming\ftb
[-] Folder Deleted : C:\Users\Péťa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default\Extensions\AVJYFVOD75109374@HCDE39471360.com

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\oursurfing.xml
[-] File Deleted : C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Péťa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Péťa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Péťa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Petr - Chrome.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : AmiUpdXp
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi

***** [ Registry ] *****

[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_c82885cd25fda89a2f6dd7dfa637ba9340ecf5f9
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3C24E2B-C820-4492-9B69-11BF7163F998}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2F137995-4D26-44AD-9C4E-91055090A817}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3C24E2B-C820-4492-9B69-11BF7163F998}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3C24E2B-C820-4492-9B69-11BF7163F998}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3C24E2B-C820-4492-9B69-11BF7163F998}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[!] Key Not Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\SupDp
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\IHProtect
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\SecureWebChannel
[-] Key Deleted : HKLM\SOFTWARE\SecureWeb
[!] Key Not Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-21-621929646-1206955908-3885600500-1001\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\Péťa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://www.oursurfing.com/newtab/?type=nt&ts=1440481101&z=7f0ee7173744d33a0631f23g4z0zdedz8bbg4e1tfb&from=amt&uid=WDCXWD10EZEX-21M2NA0_WCC3FK2KP5ACFK2KP5AC");
[-] [C:\Users\Péťa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "oursurfing");
[-] [C:\Users\Péťa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://www.oursurfing.com/?type=hp&ts=1440481101&z=7f0ee7173744d33a0631f23g4z0zdedz8bbg4e1tfb&from=amt&uid=WDCXWD10EZEX-21M2NA0_WCC3FK2KP5ACFK2KP5AC");
[-] [C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : gta-v.en.softonic.com
[-] [C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=1440481101&z=7f0ee7173744d33a0631f23g4z0zdedz8bbg4e1tfb&from=amt&uid=WDCXWD10EZEX-21M2NA0_WCC3FK2KP5ACFK2KP5AC
[-] [C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.oursurfing.com/webfavicon.ico

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [7669 bytes] ##########

Re: Na fotkách jsou čtverečky...

Napsal: 01 zář 2015 18:16
od altrok
:arrow: Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: Na fotkách jsou čtverečky...

Napsal: 01 zář 2015 18:41
od Zemos
Frst log:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Péťa (administrator) on PC-PETA (01-09-2015 19:27:13)
Running from C:\Users\Péťa\Desktop\Programy
Loaded Profiles: Péťa (Available Profiles: Péťa & Guest)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
() C:\Users\Péťa\AppData\Roaming\Adobe\FlashPlayerManager_11_3_280.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Disc Soft Ltd) D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Oracle Corporation) C:\Windows\System32\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13663448 2014-01-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-27] ()
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-14] (Nero AG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [Clownfish] => [X]
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-09-12] (Spotify Ltd)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [Dropbox Update] => C:\Users\Péťa\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2665984 2015-08-13] (Acer)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [FlashPlayerManager] => C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft)
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-07-27] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
Startup: C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\Péťa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-621929646-1206955908-3885600500-1001] => 127.0.0.1:8118
Tcpip\..\Interfaces\{6EB4AC1E-4056-46FE-8AB6-7B467F56C03B}: [DhcpNameServer] 10.77.0.254
Tcpip\..\Interfaces\{7E9227A9-8C09-4C6E-87B3-80E27532210B}: [DhcpNameServer] 192.168.1.1 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\S-1-5-21-621929646-1206955908-3885600500-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-621929646-1206955908-3885600500-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-621929646-1206955908-3885600500-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-07] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-07] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Péťa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2014-12-27] ()
FF Plugin HKU\S-1-5-21-621929646-1206955908-3885600500-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Péťa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-27] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-08]
FF Extension: No Name - C:\Users\PĂ©ĹĄa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]

Chrome: 
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
CHR Extension: (Google Docs) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
CHR Extension: (YouTube) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
CHR Extension: (Google Search) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Give Up) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi [2015-05-09]
CHR Extension: (Google Sheets) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
CHR Extension: (AdBlock) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-11]
CHR Extension: (Avast Online Security) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-22] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-25] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-06-18] (WildTangent)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S3 Origin Client Service; D:\Programy\origin\OriginClientService.exe [1931632 2015-04-11] (Electronic Arts)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [796624 2015-07-14] (Tunngle.net GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-22] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-22] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-01 16:25 - 2015-09-01 16:25 - 00013026 _____ C:\Windows\PFRO.log
2015-09-01 16:25 - 2015-09-01 16:25 - 00000116 _____ C:\Windows\setupact.log
2015-09-01 16:25 - 2015-09-01 16:25 - 00000000 _____ C:\Windows\setuperr.log
2015-09-01 15:20 - 2015-09-01 15:20 - 01654272 _____ C:\Users\Péťa\Downloads\adwcleaner_5.005.exe
2015-09-01 15:20 - 2015-09-01 15:20 - 01654272 _____ C:\Users\Péťa\Desktop\adwcleaner_5.005.exe
2015-09-01 12:14 - 2015-09-01 12:16 - 01363456 _____ C:\Users\Péťa\Desktop\preview.avi
2015-09-01 12:10 - 2015-09-01 12:13 - 00117760 _____ C:\Users\Péťa\Desktop\elements.avi
2015-08-31 21:11 - 2015-08-31 21:30 - 1990076170 _____ C:\Users\Péťa\Desktop\video.mp4
2015-08-31 20:54 - 2015-08-31 21:08 - 1958886841 _____ C:\Users\Péťa\Desktop\minecraft.mp4
2015-08-31 20:36 - 2015-08-31 20:36 - 00027598 _____ C:\Users\Péťa\Desktop\Unt23itled.camproj
2015-08-31 20:36 - 2015-08-31 20:36 - 00000000 ____D C:\Users\Péťa\Desktop\video4
2015-08-31 19:38 - 2015-08-31 20:20 - 416112128 _____ C:\Users\Péťa\Desktop\intro.avi
2015-08-31 19:38 - 2015-08-31 20:20 - 416112128 _____ C:\Users\Péťa\Desktop\A_intro.avi
2015-08-31 19:30 - 2015-08-31 20:23 - 00131009 _____ C:\Users\Péťa\Desktop\C4D Template.c4d
2015-08-31 19:19 - 2015-08-31 20:20 - 00000000 ____D C:\Users\Péťa\Desktop\illum
2015-08-31 19:18 - 2014-10-03 15:24 - 00510019 _____ C:\Users\Péťa\Desktop\NightrowFX Template.c4d
2015-08-31 18:55 - 2015-08-31 18:55 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\MAXON
2015-08-31 18:53 - 2015-08-31 18:53 - 00000519 _____ C:\Users\Public\Desktop\Cinema4D 32Bit.lnk
2015-08-31 17:57 - 2015-08-31 18:14 - 00000000 ____D C:\Users\Péťa\Desktop\fotky dovolena
2015-08-31 15:01 - 2015-08-31 15:01 - 00000000 ____D C:\Users\Péťa\Desktop\video2
2015-08-31 13:21 - 2015-08-31 13:20 - 00034646 _____ C:\Users\Péťa\Desktop\Untitled_backup.camproj
2015-08-31 13:20 - 2015-08-31 15:20 - 00075975 _____ C:\Users\Péťa\Desktop\Untitled.camproj
2015-08-28 18:31 - 2015-08-28 18:31 - 00000000 ____D C:\ProgramData\Steam
2015-08-28 18:31 - 2015-08-28 18:31 - 00000000 ____D C:\ProgramData\Socialclub
2015-08-28 18:30 - 2015-08-28 18:30 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-28 18:28 - 2015-08-28 18:29 - 00000080 _____ C:\Users\Péťa\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-08-27 16:20 - 2015-08-28 17:49 - 00000000 ____D C:\Users\Péťa\Desktop\outro2
2015-08-27 13:18 - 2015-08-27 13:18 - 00063128 _____ C:\Users\Péťa\Desktop\beep-01a.wav
2015-08-27 12:59 - 2015-08-27 13:03 - 00000000 ____D C:\Users\Péťa\Desktop\vlog
2015-08-27 12:54 - 2015-08-27 12:54 - 01422140 _____ C:\Users\Péťa\Desktop\nahravka1.wav
2015-08-27 12:53 - 2015-08-27 12:50 - 01422142 _____ C:\Users\Péťa\Desktop\nahravka0.wav
2015-08-27 12:50 - 2015-08-27 12:50 - 01422142 _____ C:\Users\Péťa\Desktop\nahravka.wav
2015-08-27 12:21 - 2015-08-27 16:08 - 00000000 ____D C:\Users\Péťa\Desktop\outro
2015-08-27 09:01 - 2015-08-27 09:01 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\TechSmith
2015-08-26 16:48 - 2015-08-26 16:48 - 00009913 _____ C:\Users\Péťa\Desktop\plotme.pfi
2015-08-26 13:39 - 2015-08-26 14:47 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Notepad++
2015-08-26 13:39 - 2015-08-26 13:39 - 00000743 _____ C:\Users\Péťa\Desktop\Notepad++.lnk
2015-08-26 13:39 - 2015-08-26 13:39 - 00000743 _____ C:\Users\Guest\Desktop\Notepad++.lnk
2015-08-26 13:39 - 2015-08-26 13:39 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-26 13:39 - 2015-08-26 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-26 13:31 - 2015-08-27 08:19 - 00010681 _____ C:\Users\Péťa\Desktop\permissions.yml
2015-08-26 09:21 - 2015-08-26 09:21 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-25 08:55 - 2015-08-25 08:55 - 00000000 ____D C:\Users\Péťa\AppData\Local\9995
2015-08-25 07:44 - 2015-08-25 07:44 - 00002120 _____ C:\Users\Guest\Desktop\Google Chrome.lnk
2015-08-25 07:39 - 2015-08-25 07:39 - 00001034 _____ C:\Windows\Tasks\5QbUXLDb9gVZDD4nZytrTXXF3h.job
2015-08-25 07:39 - 2015-08-25 07:39 - 00001016 _____ C:\Windows\Tasks\bjz2Iqv1t7yBbujYF.job
2015-08-25 07:38 - 2015-09-01 16:19 - 00000000 ____D C:\ProgramData\update
2015-08-25 07:38 - 2015-08-25 07:39 - 00000000 ____D C:\ProgramData\7WinManPro7
2015-08-25 07:38 - 2015-08-25 07:38 - 00000124 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-08-24 13:28 - 2015-08-24 13:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-08-24 08:34 - 2015-08-24 08:34 - 00001024 _____ C:\Windows\Tasks\HHuUREBVEDwflZOol9qxA.job
2015-08-24 08:34 - 2015-08-24 08:34 - 00001018 _____ C:\Windows\Tasks\7iXBLEa8Jh6XYScufd.job
2015-08-24 08:03 - 2015-08-24 08:03 - 00000000 ____D C:\Users\Péťa\Documents\Rockstar Games
2015-08-24 08:03 - 2015-08-24 08:03 - 00000000 ____D C:\Users\Péťa\AppData\Local\Rockstar Games
2015-08-24 07:51 - 2015-08-24 07:51 - 00001032 _____ C:\Windows\Tasks\HKJUQQ66sgqtMfPmD9ZB8fjXo.job
2015-08-24 07:51 - 2015-08-24 07:51 - 00001002 _____ C:\Windows\Tasks\UUTPXRcnGZ.job
2015-08-24 07:35 - 2015-08-24 07:41 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Opera Software
2015-08-24 07:35 - 2015-08-24 07:41 - 00000000 ____D C:\Users\Péťa\AppData\Local\Opera Software
2015-08-24 07:35 - 2015-08-24 07:35 - 00000000 ____D C:\Users\Pé
2015-08-24 07:34 - 2015-08-24 07:41 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-24 07:22 - 2015-08-24 07:22 - 00000000 ____D C:\Users\Péťa\AppData\Local\AMD
2015-08-24 07:21 - 2015-08-24 07:21 - 00000000 ____D C:\ProgramData\ATI
2015-08-23 14:14 - 2015-08-23 14:14 - 00000621 _____ C:\Users\Guest\Desktop\Mafia.lnk
2015-08-23 14:14 - 2015-08-23 14:14 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2015-08-23 10:09 - 2015-08-23 10:09 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\AMD
2015-08-23 10:08 - 2015-08-23 10:08 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\library_dir
2015-08-23 10:08 - 2015-08-23 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-23 10:07 - 2015-09-01 16:26 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Raptr
2015-08-23 10:07 - 2015-08-23 10:08 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-23 10:07 - 2015-08-23 10:07 - 00058445 _____ C:\Windows\SysWOW64\CCCInstall_201508231007223063.log
2015-08-23 10:07 - 2015-08-23 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-23 10:06 - 2015-08-23 10:06 - 00000000 ____D C:\ProgramData\AMD
2015-08-23 10:04 - 2015-08-23 10:07 - 00000000 ____D C:\Program Files\AMD
2015-08-23 10:04 - 2015-08-23 10:04 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-08-23 10:03 - 2015-08-23 10:03 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-23 09:25 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2015-08-22 21:57 - 2015-08-22 21:57 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-08-22 11:07 - 2015-08-23 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2015-08-22 11:07 - 2015-08-22 11:07 - 00000000 ____D C:\Program Files (x86)\Creative
2015-08-22 11:07 - 2002-06-06 14:38 - 00139264 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\eax.dll
2015-08-22 10:59 - 2015-08-22 10:59 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-08-22 10:54 - 2015-08-22 10:54 - 00000000 ____D C:\Users\Péťa\AppData\Local\Disc_Soft_Ltd
2015-08-22 10:54 - 2002-08-29 17:33 - 00319488 ____R () C:\Windows\SysWOW64\MafiaSetup.exe
2015-08-22 10:32 - 2002-08-29 17:33 - 00319488 ____R () C:\Users\Péťa\AppData\Roaming\MafiaSetup.exe
2015-08-22 10:11 - 2015-09-01 11:59 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\DAEMON Tools Lite
2015-08-22 10:11 - 2015-08-22 10:32 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-08-22 10:11 - 2015-08-22 10:11 - 00000814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-08-22 10:10 - 2015-08-22 10:10 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-08-22 09:41 - 2015-08-22 09:41 - 00000000 ____D C:\Users\Péťa\Desktop\Mafia
2015-08-20 10:37 - 2015-08-20 10:37 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\com.freakinware.mitosis
2015-08-19 12:56 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 12:56 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 08:00 - 2015-08-18 08:00 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2015-08-18 08:00 - 2015-08-18 08:00 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-08-16 16:18 - 2015-08-16 16:18 - 00000000 ____D C:\Users\Péťa\AppData\Local\Nero_AG
2015-08-16 15:55 - 2015-08-16 15:56 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Nero
2015-08-16 15:54 - 2015-08-16 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-08-16 15:53 - 2015-08-16 15:53 - 00000000 ____D C:\ProgramData\Nero
2015-08-16 15:53 - 2015-08-16 15:53 - 00000000 ____D C:\Program Files (x86)\Nero
2015-08-16 09:21 - 2015-08-27 15:03 - 00000000 ____D C:\Users\Péťa\Desktop\Nová složka
2015-08-14 12:04 - 2015-09-01 18:07 - 01340098 _____ C:\Windows\WindowsUpdate.log
2015-08-14 08:06 - 2015-08-14 08:06 - 00000000 ____D C:\Users\Péťa\AppData\Local\MediaShow
2015-08-13 19:54 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 19:54 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:11 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 22:11 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 22:11 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 22:11 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 22:11 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 22:11 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 22:11 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 22:11 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 22:11 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 22:11 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 22:11 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 22:11 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 22:10 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 22:10 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 22:10 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 22:10 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 22:09 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 22:09 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 22:09 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 22:09 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 22:09 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 22:09 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 22:09 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 22:09 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 22:09 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 22:09 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 22:09 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 22:09 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 22:09 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 22:09 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 22:09 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 22:09 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 22:09 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 22:09 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 22:09 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 22:09 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 22:09 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 22:09 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 22:09 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 22:09 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 22:09 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 22:09 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 22:09 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 22:09 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 22:09 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 22:09 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 22:09 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 22:09 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 22:09 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 22:09 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 22:09 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 22:09 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 22:09 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 22:09 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 22:09 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 22:09 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 22:09 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 22:09 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 22:08 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 22:08 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 22:08 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 22:08 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 22:08 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 22:08 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 22:08 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 22:08 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 22:08 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 22:08 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 22:08 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 22:08 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 22:08 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 22:08 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 22:08 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 22:08 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 22:08 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 22:08 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 22:08 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 22:08 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 22:08 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 22:08 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 22:08 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 22:08 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 22:08 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 22:08 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 22:08 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 17:09 - 2015-08-12 17:09 - 00002005 _____ C:\Users\Public\Desktop\abPhoto.lnk
2015-08-04 12:27 - 2015-08-20 09:56 - 00000000 ____D C:\ProgramData\Tunngle
2015-08-04 08:29 - 2015-08-04 08:29 - 00458472 _____ C:\Windows\system32\amdmiracast.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-08-04 08:25 - 2015-08-04 08:25 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-08-04 08:23 - 2015-08-04 08:23 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-08-04 08:19 - 2015-08-04 08:19 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-08-04 08:18 - 2015-08-04 08:18 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-04 07:58 - 2015-08-04 07:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-08-04 07:57 - 2015-08-04 07:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-08-04 06:11 - 2015-08-04 06:11 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-08-04 05:43 - 2015-08-04 05:43 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-08-04 04:56 - 2015-08-04 04:56 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-08-04 04:56 - 2015-08-04 04:56 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-08-04 04:32 - 2015-08-04 04:32 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-08-04 04:25 - 2015-08-04 04:25 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-08-04 04:16 - 2015-08-04 04:16 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-08-04 04:07 - 2015-08-04 04:07 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-08-04 04:06 - 2015-08-04 04:06 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-08-04 04:05 - 2015-08-04 04:05 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-08-04 04:00 - 2015-08-04 04:00 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-08-04 03:48 - 2015-08-04 03:48 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-08-04 03:48 - 2015-08-04 03:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-08-04 03:47 - 2015-08-04 03:47 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-08-04 03:37 - 2015-08-04 03:37 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-08-04 03:35 - 2015-08-04 03:35 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-08-03 21:16 - 2015-09-01 16:23 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-03 21:15 - 2015-08-03 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-03 21:11 - 2015-08-03 21:11 - 00002001 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-08-03 20:25 - 2015-08-03 20:57 - 00000000 ____D C:\ProgramData\Norton
2015-08-03 19:22 - 2015-08-03 19:22 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-08-03 14:41 - 2015-08-03 14:41 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Survivors Viy
2015-08-03 12:28 - 2015-08-03 12:28 - 00000000 ____D C:\Users\Péťa\AppData\Local\CEF
2015-08-03 08:53 - 2015-08-03 08:53 - 00001969 _____ C:\Users\Public\Desktop\abDocs.lnk
2015-08-03 08:51 - 2015-08-03 08:51 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-01 19:28 - 2014-12-29 11:04 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Skype
2015-09-01 19:27 - 2015-04-16 14:35 - 00000000 ____D C:\FRST
2015-09-01 19:27 - 2015-04-09 15:45 - 00000000 ____D C:\Users\Péťa\Desktop\Programy
2015-09-01 19:19 - 2015-06-13 08:09 - 00000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-621929646-1206955908-3885600500-1001UA.job
2015-09-01 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-01 18:49 - 2015-03-30 18:33 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-01 18:49 - 2015-03-30 18:33 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-01 18:02 - 2015-01-03 21:45 - 00000000 ____D C:\Users\Péťa\Documents\Euro Truck Simulator 2
2015-09-01 17:06 - 2014-12-26 19:45 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\.minecraft
2015-09-01 16:31 - 2014-12-26 19:19 - 00000000 ___DO C:\Users\Péťa\OneDrive
2015-09-01 16:30 - 2014-12-26 19:04 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-621929646-1206955908-3885600500-1001
2015-09-01 16:27 - 2015-01-09 16:44 - 00000000 ____D C:\Users\Péťa\AppData\Local\LogMeIn Hamachi
2015-09-01 16:25 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 16:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-01 16:23 - 2015-03-15 14:06 - 00000000 ____D C:\AdwCleaner
2015-09-01 16:23 - 2014-12-26 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 16:23 - 2014-12-26 18:58 - 00000983 _____ C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-01 16:19 - 2015-06-13 08:09 - 00000878 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-621929646-1206955908-3885600500-1001Core.job
2015-09-01 13:34 - 2014-12-26 19:18 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{12B12331-4303-4ADD-B940-510EDB01C12D}
2015-09-01 13:25 - 2014-12-26 19:05 - 00000000 ____D C:\Users\Péťa\AppData\Local\CrashDumps
2015-09-01 13:21 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-09-01 12:36 - 2015-03-15 18:26 - 00000000 ____D C:\Program Files\trend micro
2015-09-01 11:59 - 2015-03-10 19:29 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\FileZilla
2015-08-31 20:32 - 2014-08-06 06:50 - 00000000 ____D C:\Users\Péťa\Desktop\Things You Need
2015-08-31 17:59 - 2014-09-12 15:43 - 00772496 _____ C:\Windows\system32\perfh005.dat
2015-08-31 17:59 - 2014-09-12 15:43 - 00168614 _____ C:\Windows\system32\perfc005.dat
2015-08-31 17:59 - 2014-03-18 12:03 - 01847990 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-31 15:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-28 20:52 - 2015-04-09 15:45 - 00000000 ____D C:\Users\Péťa\Desktop\Hry
2015-08-28 18:44 - 2015-03-30 18:33 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 18:44 - 2015-03-30 18:33 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 18:27 - 2015-01-14 20:21 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\TS3Client
2015-08-28 17:48 - 2015-04-01 13:15 - 00000000 ____D C:\Users\Péťa\Desktop\videa
2015-08-28 17:48 - 2015-03-20 15:14 - 00000000 ____D C:\Users\Péťa\Desktop\fotky
2015-08-27 18:57 - 2015-04-10 16:49 - 00000000 ____D C:\Users\Péťa\Desktop\videa-fraps
2015-08-27 12:54 - 2015-05-19 20:11 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Audacity
2015-08-27 09:00 - 2015-04-01 13:07 - 00000000 ____D C:\Users\Péťa\Documents\Camtasia Studio
2015-08-26 16:43 - 2015-06-13 08:16 - 00000000 ____D C:\Users\Péťa\AppData\Local\Windows Live
2015-08-26 13:34 - 2014-12-26 18:58 - 00000000 ____D C:\Users\Péťa\AppData\Local\Packages
2015-08-26 09:21 - 2015-01-12 20:28 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Dropbox
2015-08-25 17:48 - 2014-12-26 18:59 - 00000000 ____D C:\Users\Péťa\AppData\Local\clear.fi
2015-08-25 11:45 - 2015-03-05 19:27 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Spotify
2015-08-25 07:42 - 2014-12-29 16:25 - 00000000 ____D C:\Program Files (x86)\Adobe Arkalis
2015-08-24 13:29 - 2014-12-30 11:50 - 00000000 ____D C:\Users\Péťa\Documents\My Games
2015-08-24 07:59 - 2014-12-26 18:58 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Adobe
2015-08-24 07:36 - 2014-07-14 17:38 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-08-23 21:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-23 10:03 - 2014-09-12 15:23 - 00000000 ____D C:\AMD
2015-08-22 22:57 - 2014-12-26 18:58 - 00000000 ____D C:\Users\Péťa
2015-08-22 22:52 - 2014-07-14 18:17 - 00000000 ____D C:\Windows\Panther
2015-08-22 22:28 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-20 09:56 - 2014-12-26 20:44 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Tunngle
2015-08-19 17:40 - 2014-12-26 20:46 - 00000000 _____ C:\Windows\SysWOW64\Access.dat
2015-08-18 11:46 - 2015-01-08 16:47 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-18 08:00 - 2014-09-12 15:32 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-08-16 15:55 - 2014-12-26 18:58 - 00000000 ____D C:\Users\Péťa\AppData\Local\VirtualStore
2015-08-16 07:52 - 2015-01-12 20:30 - 00000000 ___RD C:\Users\Péťa\Dropbox
2015-08-14 08:06 - 2015-01-12 17:13 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\CyberLink
2015-08-14 08:05 - 2014-09-12 15:34 - 00000000 ____D C:\ProgramData\CyberLink
2015-08-14 06:44 - 2013-08-22 16:44 - 00550040 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 06:42 - 2015-06-13 15:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 06:42 - 2015-01-05 20:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 21:10 - 2014-12-28 22:53 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 21:10 - 2014-12-28 22:53 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 21:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 21:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 21:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 21:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 19:54 - 2015-01-05 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 19:52 - 2014-12-26 20:54 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 19:38 - 2015-01-14 17:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 19:38 - 2014-12-26 20:54 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-13 19:34 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 19:34 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 19:33 - 2013-08-22 15:25 - 00000199 _____ C:\Windows\win.ini
2015-08-13 17:43 - 2015-06-30 08:28 - 00000000 ____D C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2015-08-12 18:30 - 2014-12-29 10:00 - 00000000 ____D C:\ProgramData\Skype
2015-08-12 17:17 - 2014-07-14 18:16 - 00000000 ___HD C:\OEM
2015-08-12 17:13 - 2015-06-13 15:53 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-08 15:55 - 2015-03-13 07:24 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-03-13 07:24 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-04 12:27 - 2015-01-11 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2015-08-04 12:27 - 2015-01-11 15:16 - 00000000 ____D C:\Program Files (x86)\Tunngle
2015-08-04 08:28 - 2014-05-06 07:45 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-08-04 08:28 - 2014-05-06 07:45 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-08-04 08:27 - 2014-05-06 07:45 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-08-04 08:27 - 2014-05-06 07:45 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-08-04 08:14 - 2014-05-06 07:45 - 39714304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-08-04 08:09 - 2014-05-06 07:45 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-04 04:55 - 2014-05-06 07:45 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-08-04 04:07 - 2014-05-06 07:45 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-08-04 03:43 - 2014-05-06 07:45 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-08-04 03:43 - 2014-05-06 07:45 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-08-04 03:43 - 2014-05-06 07:45 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-08-04 03:42 - 2014-05-06 07:45 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-08-04 03:42 - 2014-05-06 07:45 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-08-03 21:04 - 2015-04-01 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-03 21:04 - 2015-04-01 12:04 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 19:48 - 2015-06-26 11:29 - 00000000 ____D C:\Users\Péťa\Documents\Soubory aplikace Outlook
2015-08-03 11:06 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-03 09:02 - 2014-09-12 15:32 - 00000000 ____D C:\ProgramData\Acer
2015-08-03 08:53 - 2014-09-12 15:32 - 00000000 ____D C:\Program Files (x86)\Acer

==================== Files in the root of some directories =======

2015-03-25 08:43 - 2015-03-25 08:43 - 0000000 _____ () C:\Users\Péťa\AppData\Roaming\5637.tmp
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe
2015-03-30 15:51 - 2015-04-08 14:13 - 0009662 _____ () C:\Users\Péťa\AppData\Roaming\em_64x64.ico
2015-03-22 18:46 - 2015-03-22 18:49 - 0000000 _____ () C:\Users\Péťa\AppData\Roaming\FileIn.cns
2015-03-22 18:46 - 2015-03-22 18:49 - 0000000 _____ () C:\Users\Péťa\AppData\Roaming\FileOut.cns
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe
2015-08-22 10:32 - 2002-08-29 17:33 - 0319488 ____R () C:\Users\Péťa\AppData\Roaming\MafiaSetup.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\UUTPXRcnGZ
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\UUTPXRcnGZ.exe
2014-09-12 15:25 - 2014-09-12 15:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-25 07:38 - 2015-08-25 07:38 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\Péťa\AppData\Local\Temp\75eb26a96cd1db8e4e6fe45879984074.dll
C:\Users\Péťa\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\Péťa\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-23 20:38

==================== End of FRST.txt ============================

Re: Na fotkách jsou čtverečky...

Napsal: 01 zář 2015 20:16
od altrok
:arrow: Odinstalujte starou a zranitelnou verzi javy. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit. Verze Javy, ktere v PC mate nainstalovane:
  • Java 7 Update 51 (64-bit)
  • Java 8 Update 25
  • Java 8 Update 31

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:
File: C:\windows\kmsemulator.exe
File: C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe
File: C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe
File: C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe
File: C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe
File: C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo
File: C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe
File: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Folder: C:\Program Files (x86)\Adobe Arkalis
Folder: C:\Users\Péťa\AppData\Local\9995
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
C:\Program Files (x86)\Adobe Arkalis
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [Clownfish] => [X]
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
FF Extension: No Name - C:\Users\PĂ©ĹĄa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
2015-09-01 15:20 - 2015-09-01 15:20 - 01654272 _____ C:\Users\Péťa\Downloads\adwcleaner_5.005.exe
2015-09-01 15:20 - 2015-09-01 15:20 - 01654272 _____ C:\Users\Péťa\Desktop\adwcleaner_5.005.exe
2015-08-25 07:39 - 2015-08-25 07:39 - 00001034 _____ C:\Windows\Tasks\5QbUXLDb9gVZDD4nZytrTXXF3h.job
2015-08-25 07:39 - 2015-08-25 07:39 - 00001016 _____ C:\Windows\Tasks\bjz2Iqv1t7yBbujYF.job
2015-08-25 07:38 - 2015-09-01 16:19 - 00000000 ____D C:\ProgramData\update
2015-08-25 07:38 - 2015-08-25 07:39 - 00000000 ____D C:\ProgramData\7WinManPro7
2015-08-25 07:38 - 2015-08-25 07:38 - 00000124 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-08-24 08:34 - 2015-08-24 08:34 - 00001024 _____ C:\Windows\Tasks\HHuUREBVEDwflZOol9qxA.job
2015-08-24 08:34 - 2015-08-24 08:34 - 00001018 _____ C:\Windows\Tasks\7iXBLEa8Jh6XYScufd.job
2015-08-24 07:51 - 2015-08-24 07:51 - 00001032 _____ C:\Windows\Tasks\HKJUQQ66sgqtMfPmD9ZB8fjXo.job
2015-08-24 07:51 - 2015-08-24 07:51 - 00001002 _____ C:\Windows\Tasks\UUTPXRcnGZ.job
2015-09-01 16:23 - 2015-03-15 14:06 - 00000000 ____D C:\AdwCleaner
2015-09-01 12:36 - 2015-03-15 18:26 - 00000000 ____D C:\Program Files\trend micro

2015-03-25 08:43 - 2015-03-25 08:43 - 0000000 _____ () C:\Users\Péťa\AppData\Roaming\5637.tmp
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe
2015-08-22 10:32 - 2002-08-29 17:33 - 0319488 ____R () C:\Users\Péťa\AppData\Roaming\MafiaSetup.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\UUTPXRcnGZ
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\UUTPXRcnGZ.exe
2014-09-12 15:25 - 2014-09-12 15:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-25 07:38 - 2015-08-25 07:38 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Task: {20C4BBE5-100E-4193-BC20-F77B06017D88} - System32\Tasks\{6BBBF831-52CB-4ECC-9F70-6E1D9AD9B4A2} => pcalua.exe -a C:\Users\Péťa\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=cvs <==== ATTENTION
C:\Users\Péťa\AppData\Roaming\webssearches
Task: C:\Windows\Tasks\5QbUXLDb9gVZDD4nZytrTXXF3h.job => C:\Users\P�a\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe <==== ATTENTION
Task: C:\Windows\Tasks\7iXBLEa8Jh6XYScufd.job => C:\Users\P�a\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe <==== ATTENTION
Task: C:\Windows\Tasks\bjz2Iqv1t7yBbujYF.job => C:\Users\P�a\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-621929646-1206955908-3885600500-1001Core.job => C:\Users\Péťa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-621929646-1206955908-3885600500-1001UA.job => C:\Users\Péťa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HHuUREBVEDwflZOol9qxA.job => C:\Users\P�a\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe <==== ATTENTION
Task: C:\Windows\Tasks\HKJUQQ66sgqtMfPmD9ZB8fjXo.job => C:\Users\P�a\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe <==== ATTENTION
Task: C:\Windows\Tasks\UUTPXRcnGZ.job => C:\Users\P�a\AppData\Roaming\UUTPXRcnGZ.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
FirewallRules: [TCP Query User{794419CB-B755-4583-B6E0-5B4C1B9E5B2E}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{2AF6BA88-D8CB-4A79-8079-A526DCE2BDCC}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{EA397108-E4F1-4E42-9ACF-DB727F459AA0}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{BC8CAEF0-CB5C-4F08-8013-634587BC4BA8}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{23AE0FEB-C0CF-4826-B0B6-21620C230C85}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{253786F8-C90B-42A7-B255-1BE0CA5FD44A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{941FF1F0-6D00-4032-9018-58A6325CECAB}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
C:\Program Files (x86)\Crossbrowse
Hosts:
EmptyTemp:
End

Re: Na fotkách jsou čtverečky...

Napsal: 02 zář 2015 12:28
od Zemos
Dobrý den. Bohužel potřebuji javu 7 i 8. Aktualizuji jen javu 8. Nebude to vadit?
Fixlog:

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Péťa (2015-09-02 13:22:08) Run:2
Running from C:\Users\Péťa\Desktop\Programy
Loaded Profiles: Péťa (Available Profiles: Péťa & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
File: C:\windows\kmsemulator.exe
File: C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe
File: C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe
File: C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe
File: C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe
File: C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo
File: C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe
File: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Folder: C:\Program Files (x86)\Adobe Arkalis
Folder: C:\Users\Péťa\AppData\Local\9995
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
C:\Program Files (x86)\Adobe Arkalis
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [Clownfish] => [X]
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
FF Extension: No Name - C:\Users\PĂ©ĹĄa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
2015-09-01 15:20 - 2015-09-01 15:20 - 01654272 _____ C:\Users\Péťa\Downloads\adwcleaner_5.005.exe
2015-09-01 15:20 - 2015-09-01 15:20 - 01654272 _____ C:\Users\Péťa\Desktop\adwcleaner_5.005.exe
2015-08-25 07:39 - 2015-08-25 07:39 - 00001034 _____ C:\Windows\Tasks\5QbUXLDb9gVZDD4nZytrTXXF3h.job
2015-08-25 07:39 - 2015-08-25 07:39 - 00001016 _____ C:\Windows\Tasks\bjz2Iqv1t7yBbujYF.job
2015-08-25 07:38 - 2015-09-01 16:19 - 00000000 ____D C:\ProgramData\update
2015-08-25 07:38 - 2015-08-25 07:39 - 00000000 ____D C:\ProgramData\7WinManPro7
2015-08-25 07:38 - 2015-08-25 07:38 - 00000124 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-08-24 08:34 - 2015-08-24 08:34 - 00001024 _____ C:\Windows\Tasks\HHuUREBVEDwflZOol9qxA.job
2015-08-24 08:34 - 2015-08-24 08:34 - 00001018 _____ C:\Windows\Tasks\7iXBLEa8Jh6XYScufd.job
2015-08-24 07:51 - 2015-08-24 07:51 - 00001032 _____ C:\Windows\Tasks\HKJUQQ66sgqtMfPmD9ZB8fjXo.job
2015-08-24 07:51 - 2015-08-24 07:51 - 00001002 _____ C:\Windows\Tasks\UUTPXRcnGZ.job
2015-09-01 16:23 - 2015-03-15 14:06 - 00000000 ____D C:\AdwCleaner
2015-09-01 12:36 - 2015-03-15 18:26 - 00000000 ____D C:\Program Files\trend micro

2015-03-25 08:43 - 2015-03-25 08:43 - 0000000 _____ () C:\Users\Péťa\AppData\Roaming\5637.tmp
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe
2015-08-22 10:32 - 2002-08-29 17:33 - 0319488 ____R () C:\Users\Péťa\AppData\Roaming\MafiaSetup.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Péťa\AppData\Roaming\UUTPXRcnGZ
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Péťa\AppData\Roaming\UUTPXRcnGZ.exe
2014-09-12 15:25 - 2014-09-12 15:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-25 07:38 - 2015-08-25 07:38 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Task: {20C4BBE5-100E-4193-BC20-F77B06017D88} - System32\Tasks\{6BBBF831-52CB-4ECC-9F70-6E1D9AD9B4A2} => pcalua.exe -a C:\Users\Péťa\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=cvs <==== ATTENTION
C:\Users\Péťa\AppData\Roaming\webssearches
Task: C:\Windows\Tasks\5QbUXLDb9gVZDD4nZytrTXXF3h.job => C:\Users\P a\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe <==== ATTENTION
Task: C:\Windows\Tasks\7iXBLEa8Jh6XYScufd.job => C:\Users\P a\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe <==== ATTENTION
Task: C:\Windows\Tasks\bjz2Iqv1t7yBbujYF.job => C:\Users\P a\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-621929646-1206955908-3885600500-1001Core.job => C:\Users\Péťa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-621929646-1206955908-3885600500-1001UA.job => C:\Users\Péťa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HHuUREBVEDwflZOol9qxA.job => C:\Users\P a\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe <==== ATTENTION
Task: C:\Windows\Tasks\HKJUQQ66sgqtMfPmD9ZB8fjXo.job => C:\Users\P a\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe <==== ATTENTION
Task: C:\Windows\Tasks\UUTPXRcnGZ.job => C:\Users\P a\AppData\Roaming\UUTPXRcnGZ.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
FirewallRules: [TCP Query User{794419CB-B755-4583-B6E0-5B4C1B9E5B2E}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{2AF6BA88-D8CB-4A79-8079-A526DCE2BDCC}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe
C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{EA397108-E4F1-4E42-9ACF-DB727F459AA0}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{BC8CAEF0-CB5C-4F08-8013-634587BC4BA8}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{23AE0FEB-C0CF-4826-B0B6-21620C230C85}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{253786F8-C90B-42A7-B255-1BE0CA5FD44A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{941FF1F0-6D00-4032-9018-58A6325CECAB}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
C:\Program Files (x86)\Crossbrowse
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\windows\kmsemulator.exe ========================

File not signed
MD5: 485055033BCDDFDE56325C0D2FEEA4F2
Creation and modification date: 2015-01-14 17:31 - 2015-06-01 18:57
Size: 0151552
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 
Product Version: 
Copyright: 

====== End of File: ======


========================= File: C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe ========================

File not signed
MD5: 3A1D89B89C9D62951957F0839578DD9B
Creation and modification date: 2015-04-20 16:05 - 2015-04-20 16:05
Size: 1579520
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright 2001

====== End of File: ======


========================= File: C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe ========================

File not signed
MD5: 3A1D89B89C9D62951957F0839578DD9B
Creation and modification date: 2015-04-20 16:05 - 2015-04-20 16:05
Size: 1579520
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright 2001

====== End of File: ======


========================= File: C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe ========================

File not signed
MD5: AB6818A7FF17230A6E5119F6CDD1F85B
Creation and modification date: 2015-04-20 16:05 - 2015-04-20 16:05
Size: 1246720
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright 2001

====== End of File: ======


========================= File: C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe ========================

File not signed
MD5: AB6818A7FF17230A6E5119F6CDD1F85B
Creation and modification date: 2015-04-20 16:05 - 2015-04-20 16:05
Size: 1246720
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright 2001

====== End of File: ======


========================= File: C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo ========================

File not signed
MD5: E881A6F11EF1258533F293E2D1D2919D
Creation and modification date: 2015-04-14 18:28 - 2015-04-14 18:28
Size: 0004387
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 
Product Version: 
Copyright: 

====== End of File: ======


========================= File: C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe ========================

File not signed
MD5: AB6818A7FF17230A6E5119F6CDD1F85B
Creation and modification date: 2015-04-20 16:05 - 2015-04-20 16:05
Size: 1246720
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright 2001

====== End of File: ======


========================= File: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat ========================

File not signed
MD5: A5EDB904CF7473E4381D6614FE1701C7
Creation and modification date: 2015-08-25 07:38 - 2015-08-25 07:38
Size: 0000124
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 
Product Version: 
Copyright: 

====== End of File: ======


========================= Folder: C:\Program Files (x86)\Adobe Arkalis ========================

2012-04-11 04:31 - 2012-04-11 04:31 - 0074240 _____ () C:\Program Files (x86)\Adobe Arkalis\_ctypes.pyd
2012-04-11 04:31 - 2012-04-11 04:31 - 0285184 _____ () C:\Program Files (x86)\Adobe Arkalis\_hashlib.pyd
2012-04-11 04:31 - 2012-04-11 04:31 - 0040960 _____ () C:\Program Files (x86)\Adobe Arkalis\_socket.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 0008192 _____ () C:\Program Files (x86)\Adobe Arkalis\_win32sysloader.pyd
2014-12-29 17:38 - 2014-12-29 17:38 - 0356448 _____ () C:\Program Files (x86)\Adobe Arkalis\7c4d0a8e6dfc29814da01c142b944761.elf
2012-12-04 00:40 - 2012-12-04 00:40 - 0024064 _____ () C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
2012-08-18 13:09 - 2012-08-18 13:09 - 0004096 _____ (Microsoft Corporation) C:\Program Files (x86)\Adobe Arkalis\API-MS-Win-Core-LocalRegistry-L1-1-0.dll
2014-08-10 21:37 - 2014-08-10 21:37 - 0000136 _____ () C:\Program Files (x86)\Adobe Arkalis\Arkalis.bat
2014-08-10 21:38 - 2014-08-10 21:38 - 0001419 _____ () C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
2014-08-10 21:36 - 2014-08-10 21:36 - 0001501 _____ () C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
2012-06-15 14:20 - 2012-06-15 14:20 - 0219648 _____ () C:\Program Files (x86)\Adobe Arkalis\boost_python-vc90-mt-1_48.dll
2015-08-24 07:21 - 2015-08-24 07:21 - 0345392 _____ () C:\Program Files (x86)\Adobe Arkalis\c9325b4721f1744081e9ff3fd80e7a33.elf
2013-12-03 20:52 - 2013-12-03 20:52 - 0210760 _____ () C:\Program Files (x86)\Adobe Arkalis\daa46b277f76001f9104e6627449767f.elf
2012-11-18 17:32 - 2012-11-18 17:32 - 0000103 _____ () C:\Program Files (x86)\Adobe Arkalis\defaults.ini
2012-12-04 00:40 - 2012-12-04 00:40 - 2558451 _____ () C:\Program Files (x86)\Adobe Arkalis\library.zip
2009-07-14 03:15 - 2009-07-14 03:15 - 0064000 _____ (Microsoft Corporation) C:\Program Files (x86)\Adobe Arkalis\MPR.dll
2010-04-30 14:51 - 2010-04-30 14:51 - 0569680 _____ (Microsoft Corporation) C:\Program Files (x86)\Adobe Arkalis\msvcp90.dll
2013-08-11 16:41 - 2013-08-11 16:41 - 0044032 _____ (NirSoft) C:\Program Files (x86)\Adobe Arkalis\nircmd.exe
2012-09-20 04:41 - 2012-09-20 04:41 - 2222455 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core._dotblas.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 1311275 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.multiarray.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 0174793 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.scalarmath.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 0410432 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.umath.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 0046383 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.fft.fftpack_lite.pyd
2012-09-20 04:41 - 2012-09-20 04:41 - 0041019 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.lib._compiled_base.pyd
2012-09-20 04:42 - 2012-09-20 04:42 - 2382083 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.linalg.lapack_lite.pyd
2012-09-20 04:42 - 2012-09-20 04:42 - 0515437 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.random.mtrand.pyd
2012-11-18 17:32 - 2012-11-18 17:32 - 0009649 _____ () C:\Program Files (x86)\Adobe Arkalis\phatk.cl
2012-12-04 00:40 - 2012-12-04 00:40 - 0019968 _____ () C:\Program Files (x86)\Adobe Arkalis\po_to_mo.exe
2012-06-19 18:01 - 2012-06-19 18:01 - 0577536 _____ () C:\Program Files (x86)\Adobe Arkalis\pyopencl._cl.pyd
2012-06-19 18:01 - 2012-06-19 18:01 - 0023552 _____ () C:\Program Files (x86)\Adobe Arkalis\pyopencl._pvt_struct.pyd
2009-10-26 07:24 - 2009-10-26 07:24 - 2149888 _____ (Python Software Foundation) C:\Program Files (x86)\Adobe Arkalis\python26.dll
2012-04-11 04:31 - 2012-04-11 04:31 - 2303488 _____ (Python Software Foundation) C:\Program Files (x86)\Adobe Arkalis\python27.dll
2012-10-27 16:22 - 2012-10-27 16:22 - 0364544 _____ () C:\Program Files (x86)\Adobe Arkalis\pythoncom27.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 0110080 _____ () C:\Program Files (x86)\Adobe Arkalis\pywintypes27.dll
2012-04-11 04:31 - 2012-04-11 04:31 - 0009728 _____ () C:\Program Files (x86)\Adobe Arkalis\select.pyd
2009-10-26 07:23 - 2009-10-26 07:23 - 0049664 _____ () C:\Program Files (x86)\Adobe Arkalis\w9xpopen.exe
2012-10-27 16:21 - 2012-10-27 16:21 - 0098816 _____ () C:\Program Files (x86)\Adobe Arkalis\win32api.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 0025600 _____ () C:\Program Files (x86)\Adobe Arkalis\win32pdh.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 0024064 _____ () C:\Program Files (x86)\Adobe Arkalis\win32pipe.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 0035840 _____ () C:\Program Files (x86)\Adobe Arkalis\win32process.pyd
2012-10-27 16:26 - 2012-10-27 16:26 - 0778752 _____ () C:\Program Files (x86)\Adobe Arkalis\win32ui.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 0025088 _____ () C:\Program Files (x86)\Adobe Arkalis\win32wnet.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 0966144 _____ () C:\Program Files (x86)\Adobe Arkalis\wx._controls_.pyd
2011-07-16 03:37 - 2011-07-16 03:37 - 0981504 _____ () C:\Program Files (x86)\Adobe Arkalis\wx._core_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 0746496 _____ () C:\Program Files (x86)\Adobe Arkalis\wx._gdi_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 0674816 _____ () C:\Program Files (x86)\Adobe Arkalis\wx._misc_.pyd
2011-07-16 03:38 - 2011-07-16 03:38 - 0670720 _____ () C:\Program Files (x86)\Adobe Arkalis\wx._windows_.pyd
2011-07-16 03:33 - 2011-07-16 03:33 - 0122368 _____ (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxbase28uh_net_vc.dll
2011-07-16 03:33 - 2011-07-16 03:33 - 1300992 _____ (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxbase28uh_vc.dll
2011-07-16 03:34 - 2011-07-16 03:34 - 0730112 _____ (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxmsw28uh_adv_vc.dll
2011-07-16 03:34 - 2011-07-16 03:34 - 3165184 _____ (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxmsw28uh_core_vc.dll
2011-07-16 03:34 - 2011-07-16 03:34 - 0479744 _____ (wxWidgets development team) C:\Program Files (x86)\Adobe Arkalis\wxmsw28uh_html_vc.dll

====== End of Folder: ======


========================= Folder: C:\Users\Péťa\AppData\Local\9995 ========================

2015-08-25 08:55 - 2015-08-25 08:55 - 0000001 _____ () C:\Users\Péťa\AppData\Local\9995\status.cfg
2015-08-25 08:55 - 2015-08-25 08:55 - 0627712 _____ () C:\Users\Péťa\AppData\Local\9995\Updater.exe
2015-08-25 08:55 - 2015-08-31 17:12 - 0001217 _____ () C:\Users\Péťa\AppData\Local\9995\Updater.xml

====== End of Folder: ======

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan86 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan64 => value removed successfully
C:\Program Files (x86)\Adobe Arkalis => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value removed successfully
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Clownfish => value removed successfully
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
C:\Users\PĂ©ĹĄa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default\extensions\AVJYFVOD75109374@HCDE39471360.com => path removed successfully
Chrome DefaultSuggestURL not found.
C:\Users\Péťa\Downloads\adwcleaner_5.005.exe => moved successfully
C:\Users\Péťa\Desktop\adwcleaner_5.005.exe => moved successfully
C:\Windows\Tasks\5QbUXLDb9gVZDD4nZytrTXXF3h.job => moved successfully
C:\Windows\Tasks\bjz2Iqv1t7yBbujYF.job => moved successfully
C:\ProgramData\update => moved successfully
C:\ProgramData\7WinManPro7 => moved successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
C:\Windows\Tasks\HHuUREBVEDwflZOol9qxA.job => moved successfully
C:\Windows\Tasks\7iXBLEa8Jh6XYScufd.job => moved successfully
C:\Windows\Tasks\HKJUQQ66sgqtMfPmD9ZB8fjXo.job => moved successfully
C:\Windows\Tasks\UUTPXRcnGZ.job => moved successfully
C:\AdwCleaner => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Péťa\AppData\Roaming\5637.tmp => moved successfully
C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h => moved successfully
C:\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe => moved successfully
C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd => moved successfully
C:\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe => moved successfully
C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF => moved successfully
C:\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe => moved successfully
C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA => moved successfully
C:\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe => moved successfully
C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo => moved successfully
C:\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe => moved successfully
C:\Users\Péťa\AppData\Roaming\MafiaSetup.exe => moved successfully
C:\Users\Péťa\AppData\Roaming\UUTPXRcnGZ => moved successfully
C:\Users\Péťa\AppData\Roaming\UUTPXRcnGZ.exe => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20C4BBE5-100E-4193-BC20-F77B06017D88}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20C4BBE5-100E-4193-BC20-F77B06017D88}" => key removed successfully
C:\Windows\System32\Tasks\{6BBBF831-52CB-4ECC-9F70-6E1D9AD9B4A2} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6BBBF831-52CB-4ECC-9F70-6E1D9AD9B4A2}" => key removed successfully
"C:\Users\Péťa\AppData\Roaming\webssearches" => File/Folder not found.
C:\Windows\Tasks\5QbUXLDb9gVZDD4nZytrTXXF3h.job => not found.
C:\Windows\Tasks\7iXBLEa8Jh6XYScufd.job => not found.
C:\Windows\Tasks\bjz2Iqv1t7yBbujYF.job => not found.
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-621929646-1206955908-3885600500-1001Core.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-621929646-1206955908-3885600500-1001UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\HHuUREBVEDwflZOol9qxA.job => not found.
C:\Windows\Tasks\HKJUQQ66sgqtMfPmD9ZB8fjXo.job => not found.
C:\Windows\Tasks\UUTPXRcnGZ.job => not found.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{794419CB-B755-4583-B6E0-5B4C1B9E5B2E}C:\windows\kmsemulator.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2AF6BA88-D8CB-4A79-8079-A526DCE2BDCC}C:\windows\kmsemulator.exe => value removed successfully
C:\windows\kmsemulator.exe => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EA397108-E4F1-4E42-9ACF-DB727F459AA0}C:\windows\system32\java.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC8CAEF0-CB5C-4F08-8013-634587BC4BA8}C:\windows\system32\java.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{23AE0FEB-C0CF-4826-B0B6-21620C230C85}C:\windows\kmsemulator.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{253786F8-C90B-42A7-B255-1BE0CA5FD44A}C:\windows\kmsemulator.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{941FF1F0-6D00-4032-9018-58A6325CECAB} => value removed successfully
"C:\Program Files (x86)\Crossbrowse" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 790.9 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 13:22:46 ====

Re: Na fotkách jsou čtverečky...

Napsal: 02 zář 2015 12:51
od altrok
:arrow: Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868
  • Upozorneni: tento sken zabere od 30 minut po nekolik hodin

Re: Na fotkách jsou čtverečky...

Napsal: 02 zář 2015 17:23
od Zemos
Mohu zmazat všechny nalezené chyby?

Kód: Vybrat vše

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 2. 9. 2015
Čas skenování: 15:14
Protokol: malware.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.02.05
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Péťa

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1057369
Uplynulý čas: 3 hod, 7 min, 22 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.Cinema, HKU\S-1-5-21-621929646-1206955908-3885600500-1001\SOFTWARE\CinemaP-1.9cV24.08-nv-ie, , [1a0357d44b40ef47b2c695eb9272966a], 
PUP.Optional.Cinema, HKU\S-1-5-21-621929646-1206955908-3885600500-1001\SOFTWARE\CinemaP-1.9cV25.08-nv-ie, , [0f0ee348b8d3f0463a3e8df33cc8ae52], 

Hodnoty registru: 1
PUM.Bad.Proxy, HKU\S-1-5-21-621929646-1206955908-3885600500-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, , [79a4b7748704c670321082e8bd471be5]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.Amonetize, C:\Users\Péťa\AppData\Local\9995, , [938a60cb83088da93eef55cc2ad9ab55], 

Soubory: 28
PUP.Optional.APNToolBar, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir, , [15083cefcbc03bfb7cb2d0fb956cbc44], 
PUP.Optional.CrossBrowse, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe.vir, , [54c942e9b5d660d61665a7eb699c8878], 
PUP.Optional.CrossBrowse, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe.vir, , [ed30e942157676c0bff32c6314edd030], 
PUP.Optional.CrossBrowse, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome_elf.dll.vir, , [809df13aa4e706301a61cbc71ce96799], 
PUP.Optional.CrossBrowse, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\delegate_execute.exe.vir, , [63bac9622764b284502beaa865a004fc], 
PUP.Optional.CrossBrowse, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\metro_driver.dll.vir, , [35e86cbf5b30dd590d6eb9d9ee17f50b], 
PUP.Optional.CrossBrowse, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\nacl64.exe.vir, , [d647df4c5c2f00361d5ec7cbaf5607f9], 
PUP.Optional.CrossBrowse, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe.vir, , [c855c06b494278beb1cc0a88cd3860a0], 
PUP.Optional.CrossBrowse, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\setup.exe.vir, , [26f74cdf0388270f502d543e966f7789], 
PUP.Optional.Bundle, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\MiniLite\ProtectService.exe.vir, , [8895c368b6d5d1653f51a8efb34feb15], 
PUP.Optional.MiniLite, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\MiniLite\Uninstall.exe.vir, , [e439f536d6b5c373b6b7c40b88799769], 
PUP.Optional.BrowserWatch, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir, , [34e9f03be9a28ea8a85296ae689806fa], 
PUP.Optional.BrowserWatch, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir, , [5bc2012a0685ba7cbc3ec38156aa31cf], 
PUP.Optional.SearchProtect, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir, , [7aa3ae7dbfcc979fc3cebec105fc3dc3], 
PUP.Optional.Elex, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir, , [36e742e91f6cd066206ef6d21fe2f907], 
PUP.Optional.XTab, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir, , [ee2f8d9ed2b970c64233a42eef129070], 
PUP.Optional.SupTab, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir, , [49d4b07bf4971323395261fdf010936d], 
Trojan.Dropper, C:\FRST\Quarantine\C\ProgramData\7WinManPro7\WinManPro.exe, , [25f8b873107b989e932b864358a98f71], 
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Péťa\AppData\Roaming\5QbUXLDb9gVZDD4nZytrTXXF3h.exe.xBAD, , [dd40cc5fe5a60b2b42174d7f33ce8878], 
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Péťa\AppData\Roaming\7iXBLEa8Jh6XYScufd.exe.xBAD, , [a97444e717741d19b4a5bb117a873dc3], 
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Péťa\AppData\Roaming\bjz2Iqv1t7yBbujYF.exe.xBAD, , [79a43bf0d8b3350166d6c29a1be5619f], 
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Péťa\AppData\Roaming\HHuUREBVEDwflZOol9qxA.exe.xBAD, , [3be21d0e206be15595a71b4129d714ec], 
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Péťa\AppData\Roaming\HKJUQQ66sgqtMfPmD9ZB8fjXo.exe.xBAD, , [3be27ab1296287af241876e6e719b34d], 
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Péťa\AppData\Roaming\UUTPXRcnGZ.exe.xBAD, , [cd50f03b3b508caaaeab3a92857c18e8], 
PUP.Optional.SofTonic, C:\FRST\Quarantine\C\zoek_backup\C_Users_PA010B~1_Downloads_SoftonicDownloader_for_company-of-heroes.exe.vir, , [b8652a01a3e8ad89b44b2a30bd434bb5], 
PUP.Optional.Amonetize, C:\Users\Péťa\AppData\Local\9995\Updater.exe, , [5bc2df4c4942072f71c8fe5de51bad53], 
PUP.Optional.Amonetize, C:\Users\Péťa\AppData\Local\9995\Updater.xml, , [938a60cb83088da93eef55cc2ad9ab55], 
PUP.Optional.Amonetize, C:\Users\Péťa\AppData\Local\9995\status.cfg, , [938a60cb83088da93eef55cc2ad9ab55], 

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Na fotkách jsou čtverečky...

Napsal: 02 zář 2015 18:43
od altrok
Ano, vsechny nalezy smazte.

Javy si klidne starsi nechte nainstalovane. Jen upozornuji, ze pri nevhodnem nastaveni a soucasnem mnozstvi exploit kitu/exploitu predstavuje bezpecnostni riziko.

Jake momentalne pozorujete s PC problemy?

Re: Na fotkách jsou čtverečky...

Napsal: 02 zář 2015 19:10
od Zemos
Dobrá, děkuji. Vypadá že je všechno v pořádku. Uvidím, nechte prosím toto téma 2-3 dny odemčené, kdyby něco.

Re: Na fotkách jsou čtverečky...

Napsal: 02 zář 2015 19:13
od altrok
Jasne, neni problem. Pokud se problemy nevrati (pokud nespustite skodlivy .exe, tak to nepredpokladam), uklidte pouzite nastroje.

Kazdopadne budu cekat na Vase vyjadreni.

Re: Na fotkách jsou čtverečky...

Napsal: 03 zář 2015 17:21
od Zemos
Tak se vyskytl problém. Začalo to psát: AMD ovladač přestal pracovat...

Re: Na fotkách jsou čtverečky...

Napsal: 03 zář 2015 19:18
od altrok
Znovu jsem vsechno kontroloval a dle meho se jedna o chybu ovladace, kterou by mohlo vyresit jeho preinstalovani.

Dejte pak jeste pro kontrolu aktualni logy z FRST (pri druhem a dalsim spusteni FRST.exe/FRST64.exe musite explicitne zatrhnout moznost Additional, aby byl log Addition.txt vytvoren).

Re: Na fotkách jsou čtverečky...

Napsal: 04 zář 2015 05:52
od Zemos
Přeinstaluji ovladače. A přikládám i Addition.txt v raru.
Log z frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Péťa (administrator) on PC-PETA (04-09-2015 06:48:53)
Running from C:\Users\Péťa\Desktop\Programy
Loaded Profiles: Péťa (Available Profiles: Péťa & Guest)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Péťa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
() C:\Users\Péťa\AppData\Roaming\Adobe\FlashPlayerManager_11_3_280.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13663448 2014-01-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-27] ()
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-14] (Nero AG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-09-12] (Spotify Ltd)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [Dropbox Update] => C:\Users\Péťa\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2665984 2015-08-13] (Acer)
HKU\S-1-5-21-621929646-1206955908-3885600500-1001\...\Run: [FlashPlayerManager] => C:\Users\Péťa\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft)
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-07-27] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Péťa\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
Startup: C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\Péťa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{6EB4AC1E-4056-46FE-8AB6-7B467F56C03B}: [DhcpNameServer] 10.77.0.254
Tcpip\..\Interfaces\{7E9227A9-8C09-4C6E-87B3-80E27532210B}: [DhcpNameServer] 192.168.1.1 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\S-1-5-21-621929646-1206955908-3885600500-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-621929646-1206955908-3885600500-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-621929646-1206955908-3885600500-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-07] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-07] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Péťa\AppData\Roaming\Mozilla\Firefox\Profiles\t4rih17k.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2014-12-27] ()
FF Plugin HKU\S-1-5-21-621929646-1206955908-3885600500-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Péťa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-27] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-08]

Chrome:
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
CHR Extension: (Google Docs) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
CHR Extension: (Google Drive) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
CHR Extension: (YouTube) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
CHR Extension: (Google Search) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Give Up) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi [2015-05-09]
CHR Extension: (Google Sheets) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
CHR Extension: (Google Docs Offline) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-11]
CHR Extension: (Avast Online Security) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Péťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-22] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-25] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-06-18] (WildTangent)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; D:\Programy\origin\OriginClientService.exe [1931632 2015-04-11] (Electronic Arts)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [796624 2015-07-14] (Tunngle.net GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-22] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
U0 qxarnqwk; C:\Windows\System32\drivers\mdxhuto.sys [79064 2015-09-02] (Malwarebytes Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-22] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-04 06:48 - 2015-09-04 06:48 - 00000000 ____D C:\FRST
2015-09-02 20:19 - 2015-09-02 20:19 - 00000416 _____ C:\DelFix.txt
2015-09-02 20:07 - 2015-09-02 20:07 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mdxhuto.sys
2015-09-02 18:22 - 2015-09-02 18:22 - 00006066 _____ C:\Users\Péťa\Desktop\malware.txt
2015-09-02 17:26 - 2015-09-02 17:28 - 00000000 ____D C:\Users\Péťa\Desktop\video6
2015-09-02 17:02 - 2012-02-29 18:04 - 00000000 ____D C:\Users\Péťa\Desktop\Shockwave Pack By Halesey
2015-09-02 16:58 - 2015-09-02 17:01 - 115081932 _____ C:\Users\Péťa\Downloads\Shockwave Pack By Halesey.rar
2015-09-02 15:13 - 2015-09-02 15:14 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-02 15:13 - 2015-09-02 15:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-02 15:13 - 2015-09-02 15:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-02 15:13 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-02 15:13 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-02 15:13 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-02 15:12 - 2015-09-02 15:12 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Péťa\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-01 16:25 - 2015-09-04 06:41 - 00000464 _____ C:\Windows\setupact.log
2015-09-01 16:25 - 2015-09-01 16:25 - 00013026 _____ C:\Windows\PFRO.log
2015-09-01 16:25 - 2015-09-01 16:25 - 00000000 _____ C:\Windows\setuperr.log
2015-09-01 12:14 - 2015-09-01 12:16 - 01363456 _____ C:\Users\Péťa\Desktop\preview.avi
2015-09-01 12:10 - 2015-09-01 12:13 - 00117760 _____ C:\Users\Péťa\Desktop\elements.avi
2015-08-31 21:11 - 2015-08-31 21:30 - 1990076170 _____ C:\Users\Péťa\Desktop\video.mp4
2015-08-31 20:54 - 2015-08-31 21:08 - 1958886841 _____ C:\Users\Péťa\Desktop\minecraft.mp4
2015-08-31 20:36 - 2015-08-31 20:36 - 00027598 _____ C:\Users\Péťa\Desktop\Unt23itled.camproj
2015-08-31 20:36 - 2015-08-31 20:36 - 00000000 ____D C:\Users\Péťa\Desktop\video4
2015-08-31 19:38 - 2015-08-31 20:20 - 416112128 _____ C:\Users\Péťa\Desktop\intro.avi
2015-08-31 19:38 - 2015-08-31 20:20 - 416112128 _____ C:\Users\Péťa\Desktop\A_intro.avi
2015-08-31 19:30 - 2015-08-31 20:23 - 00131009 _____ C:\Users\Péťa\Desktop\C4D Template.c4d
2015-08-31 19:19 - 2015-08-31 20:20 - 00000000 ____D C:\Users\Péťa\Desktop\illum
2015-08-31 19:18 - 2014-10-03 15:24 - 00510019 _____ C:\Users\Péťa\Desktop\NightrowFX Template.c4d
2015-08-31 18:55 - 2015-08-31 18:55 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\MAXON
2015-08-31 18:53 - 2015-08-31 18:53 - 00000519 _____ C:\Users\Public\Desktop\Cinema4D 32Bit.lnk
2015-08-31 17:57 - 2015-08-31 18:14 - 00000000 ____D C:\Users\Péťa\Desktop\fotky dovolena
2015-08-31 15:01 - 2015-08-31 15:01 - 00000000 ____D C:\Users\Péťa\Desktop\video2
2015-08-31 13:21 - 2015-08-31 13:20 - 00034646 _____ C:\Users\Péťa\Desktop\Untitled_backup.camproj
2015-08-31 13:20 - 2015-08-31 15:20 - 00075975 _____ C:\Users\Péťa\Desktop\Untitled.camproj
2015-08-28 18:31 - 2015-08-28 18:31 - 00000000 ____D C:\ProgramData\Steam
2015-08-28 18:31 - 2015-08-28 18:31 - 00000000 ____D C:\ProgramData\Socialclub
2015-08-28 18:30 - 2015-08-28 18:30 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-28 18:28 - 2015-08-28 18:29 - 00000080 _____ C:\Users\Péťa\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-08-27 16:20 - 2015-08-28 17:49 - 00000000 ____D C:\Users\Péťa\Desktop\outro2
2015-08-27 13:18 - 2015-08-27 13:18 - 00063128 _____ C:\Users\Péťa\Desktop\beep-01a.wav
2015-08-27 12:59 - 2015-08-27 13:03 - 00000000 ____D C:\Users\Péťa\Desktop\vlog
2015-08-27 12:54 - 2015-08-27 12:54 - 01422140 _____ C:\Users\Péťa\Desktop\nahravka1.wav
2015-08-27 12:53 - 2015-08-27 12:50 - 01422142 _____ C:\Users\Péťa\Desktop\nahravka0.wav
2015-08-27 12:50 - 2015-08-27 12:50 - 01422142 _____ C:\Users\Péťa\Desktop\nahravka.wav
2015-08-27 12:21 - 2015-08-27 16:08 - 00000000 ____D C:\Users\Péťa\Desktop\outro
2015-08-27 09:01 - 2015-08-27 09:01 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\TechSmith
2015-08-26 16:48 - 2015-08-26 16:48 - 00009913 _____ C:\Users\Péťa\Desktop\plotme.pfi
2015-08-26 13:39 - 2015-08-26 14:47 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Notepad++
2015-08-26 13:39 - 2015-08-26 13:39 - 00000743 _____ C:\Users\Péťa\Desktop\Notepad++.lnk
2015-08-26 13:39 - 2015-08-26 13:39 - 00000743 _____ C:\Users\Guest\Desktop\Notepad++.lnk
2015-08-26 13:39 - 2015-08-26 13:39 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-26 13:39 - 2015-08-26 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-26 13:31 - 2015-08-27 08:19 - 00010681 _____ C:\Users\Péťa\Desktop\permissions.yml
2015-08-26 09:21 - 2015-08-26 09:21 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-25 07:44 - 2015-08-25 07:44 - 00002120 _____ C:\Users\Guest\Desktop\Google Chrome.lnk
2015-08-24 13:28 - 2015-08-24 13:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-08-24 08:03 - 2015-08-24 08:03 - 00000000 ____D C:\Users\Péťa\Documents\Rockstar Games
2015-08-24 08:03 - 2015-08-24 08:03 - 00000000 ____D C:\Users\Péťa\AppData\Local\Rockstar Games
2015-08-24 07:35 - 2015-08-24 07:41 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Opera Software
2015-08-24 07:35 - 2015-08-24 07:41 - 00000000 ____D C:\Users\Péťa\AppData\Local\Opera Software
2015-08-24 07:35 - 2015-08-24 07:35 - 00000000 ____D C:\Users\Pé
2015-08-24 07:34 - 2015-08-24 07:41 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-24 07:22 - 2015-08-24 07:22 - 00000000 ____D C:\Users\Péťa\AppData\Local\AMD
2015-08-24 07:21 - 2015-08-24 07:21 - 00000000 ____D C:\ProgramData\ATI
2015-08-23 14:14 - 2015-08-23 14:14 - 00000621 _____ C:\Users\Guest\Desktop\Mafia.lnk
2015-08-23 14:14 - 2015-08-23 14:14 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2015-08-23 10:09 - 2015-08-23 10:09 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\AMD
2015-08-23 10:08 - 2015-08-23 10:08 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\library_dir
2015-08-23 10:08 - 2015-08-23 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-23 10:07 - 2015-09-04 06:42 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Raptr
2015-08-23 10:07 - 2015-08-23 10:08 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-23 10:07 - 2015-08-23 10:07 - 00058445 _____ C:\Windows\SysWOW64\CCCInstall_201508231007223063.log
2015-08-23 10:07 - 2015-08-23 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-23 10:06 - 2015-08-23 10:06 - 00000000 ____D C:\ProgramData\AMD
2015-08-23 10:04 - 2015-08-23 10:07 - 00000000 ____D C:\Program Files\AMD
2015-08-23 10:04 - 2015-08-23 10:04 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-08-23 10:03 - 2015-08-23 10:03 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-23 09:25 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2015-08-22 21:57 - 2015-08-22 21:57 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-08-22 11:07 - 2015-08-23 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2015-08-22 11:07 - 2015-08-22 11:07 - 00000000 ____D C:\Program Files (x86)\Creative
2015-08-22 11:07 - 2002-06-06 14:38 - 00139264 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\eax.dll
2015-08-22 10:59 - 2015-08-22 10:59 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-08-22 10:54 - 2015-08-22 10:54 - 00000000 ____D C:\Users\Péťa\AppData\Local\Disc_Soft_Ltd
2015-08-22 10:54 - 2002-08-29 17:33 - 00319488 ____R () C:\Windows\SysWOW64\MafiaSetup.exe
2015-08-22 10:11 - 2015-09-01 11:59 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\DAEMON Tools Lite
2015-08-22 10:11 - 2015-08-22 10:32 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-08-22 10:11 - 2015-08-22 10:11 - 00000814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-08-22 10:10 - 2015-08-22 10:10 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-08-22 09:41 - 2015-08-22 09:41 - 00000000 ____D C:\Users\Péťa\Desktop\Mafia
2015-08-20 10:37 - 2015-08-20 10:37 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\com.freakinware.mitosis
2015-08-19 12:56 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 12:56 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 08:00 - 2015-08-18 08:00 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2015-08-18 08:00 - 2015-08-18 08:00 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-08-16 16:18 - 2015-08-16 16:18 - 00000000 ____D C:\Users\Péťa\AppData\Local\Nero_AG
2015-08-16 15:55 - 2015-08-16 15:56 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Nero
2015-08-16 15:54 - 2015-08-16 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-08-16 15:53 - 2015-08-16 15:53 - 00000000 ____D C:\ProgramData\Nero
2015-08-16 15:53 - 2015-08-16 15:53 - 00000000 ____D C:\Program Files (x86)\Nero
2015-08-16 09:21 - 2015-08-27 15:03 - 00000000 ____D C:\Users\Péťa\Desktop\Nová složka
2015-08-14 12:04 - 2015-09-04 06:43 - 01505234 _____ C:\Windows\WindowsUpdate.log
2015-08-14 08:06 - 2015-08-14 08:06 - 00000000 ____D C:\Users\Péťa\AppData\Local\MediaShow
2015-08-13 19:54 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 19:54 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:11 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 22:11 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 22:11 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 22:11 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 22:11 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 22:11 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 22:11 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 22:11 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 22:11 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 22:11 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 22:11 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 22:11 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 22:10 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 22:10 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 22:10 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 22:10 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 22:09 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 22:09 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 22:09 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 22:09 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 22:09 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 22:09 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 22:09 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 22:09 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 22:09 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 22:09 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 22:09 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 22:09 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 22:09 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 22:09 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 22:09 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 22:09 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 22:09 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 22:09 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 22:09 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 22:09 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 22:09 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 22:09 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 22:09 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 22:09 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 22:09 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 22:09 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 22:09 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 22:09 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 22:09 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 22:09 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 22:09 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 22:09 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 22:09 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 22:09 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 22:09 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 22:09 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 22:09 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 22:09 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 22:09 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 22:09 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 22:09 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 22:09 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 22:09 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 22:08 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 22:08 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 22:08 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 22:08 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 22:08 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 22:08 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 22:08 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 22:08 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 22:08 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 22:08 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 22:08 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 22:08 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 22:08 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 22:08 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 22:08 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 22:08 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 22:08 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 22:08 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 22:08 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 22:08 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 22:08 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 22:08 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 22:08 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 22:08 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 22:08 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 22:08 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 22:08 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 17:09 - 2015-08-12 17:09 - 00002005 _____ C:\Users\Public\Desktop\abPhoto.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-04 06:47 - 2015-01-09 16:44 - 00000000 ____D C:\Users\Péťa\AppData\Local\LogMeIn Hamachi
2015-09-04 06:47 - 2014-12-29 11:04 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Skype
2015-09-04 06:44 - 2014-12-26 19:18 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{12B12331-4303-4ADD-B940-510EDB01C12D}
2015-09-04 06:41 - 2014-12-26 19:19 - 00000000 __RDO C:\Users\Péťa\OneDrive
2015-09-03 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-03 18:16 - 2014-12-26 19:05 - 00000000 ____D C:\Users\Péťa\AppData\Local\CrashDumps
2015-09-03 14:14 - 2014-12-26 19:04 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-621929646-1206955908-3885600500-1001
2015-09-03 14:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-02 20:18 - 2014-12-26 19:45 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\.minecraft
2015-09-02 20:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\InputMethod
2015-09-02 15:28 - 2015-04-09 15:45 - 00000000 ____D C:\Users\Péťa\Desktop\Programy
2015-09-02 13:24 - 2015-01-08 16:47 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-02 13:23 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-02 13:23 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-01 18:02 - 2015-01-03 21:45 - 00000000 ____D C:\Users\Péťa\Documents\Euro Truck Simulator 2
2015-09-01 16:23 - 2015-08-03 21:16 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-01 16:23 - 2014-12-26 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-01 16:23 - 2014-12-26 18:58 - 00000983 _____ C:\Users\Péťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-01 13:21 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-09-01 11:59 - 2015-03-10 19:29 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\FileZilla
2015-08-31 20:32 - 2014-08-06 06:50 - 00000000 ____D C:\Users\Péťa\Desktop\Things You Need
2015-08-31 17:59 - 2014-09-12 15:43 - 00772496 _____ C:\Windows\system32\perfh005.dat
2015-08-31 17:59 - 2014-09-12 15:43 - 00168614 _____ C:\Windows\system32\perfc005.dat
2015-08-31 17:59 - 2014-03-18 12:03 - 01847990 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-28 20:52 - 2015-04-09 15:45 - 00000000 ____D C:\Users\Péťa\Desktop\Hry
2015-08-28 18:44 - 2015-03-30 18:33 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 18:44 - 2015-03-30 18:33 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 18:27 - 2015-01-14 20:21 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\TS3Client
2015-08-28 17:48 - 2015-04-01 13:15 - 00000000 ____D C:\Users\Péťa\Desktop\videa
2015-08-28 17:48 - 2015-03-20 15:14 - 00000000 ____D C:\Users\Péťa\Desktop\fotky
2015-08-27 18:57 - 2015-04-10 16:49 - 00000000 ____D C:\Users\Péťa\Desktop\videa-fraps
2015-08-27 12:54 - 2015-05-19 20:11 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Audacity
2015-08-27 09:00 - 2015-04-01 13:07 - 00000000 ____D C:\Users\Péťa\Documents\Camtasia Studio
2015-08-26 16:43 - 2015-06-13 08:16 - 00000000 ____D C:\Users\Péťa\AppData\Local\Windows Live
2015-08-26 13:34 - 2014-12-26 18:58 - 00000000 ____D C:\Users\Péťa\AppData\Local\Packages
2015-08-26 09:21 - 2015-01-12 20:28 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Dropbox
2015-08-25 17:48 - 2014-12-26 18:59 - 00000000 ____D C:\Users\Péťa\AppData\Local\clear.fi
2015-08-25 11:45 - 2015-03-05 19:27 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Spotify
2015-08-24 13:29 - 2014-12-30 11:50 - 00000000 ____D C:\Users\Péťa\Documents\My Games
2015-08-24 07:59 - 2014-12-26 18:58 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Adobe
2015-08-24 07:36 - 2014-07-14 17:38 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-08-23 21:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-23 10:03 - 2014-09-12 15:23 - 00000000 ____D C:\AMD
2015-08-22 22:57 - 2014-12-26 18:58 - 00000000 ____D C:\Users\Péťa
2015-08-22 22:52 - 2014-07-14 18:17 - 00000000 ____D C:\Windows\Panther
2015-08-22 22:28 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-20 09:56 - 2015-08-04 12:27 - 00000000 ____D C:\ProgramData\Tunngle
2015-08-20 09:56 - 2014-12-26 20:44 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\Tunngle
2015-08-19 17:40 - 2014-12-26 20:46 - 00000000 _____ C:\Windows\SysWOW64\Access.dat
2015-08-18 08:00 - 2014-09-12 15:32 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-08-16 15:55 - 2014-12-26 18:58 - 00000000 ____D C:\Users\Péťa\AppData\Local\VirtualStore
2015-08-16 07:52 - 2015-01-12 20:30 - 00000000 ___RD C:\Users\Péťa\Dropbox
2015-08-14 08:06 - 2015-01-12 17:13 - 00000000 ____D C:\Users\Péťa\AppData\Roaming\CyberLink
2015-08-14 08:05 - 2014-09-12 15:34 - 00000000 ____D C:\ProgramData\CyberLink
2015-08-14 06:44 - 2013-08-22 16:44 - 00550040 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 06:42 - 2015-06-13 15:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 06:42 - 2015-01-05 20:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 21:10 - 2014-12-28 22:53 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 21:10 - 2014-12-28 22:53 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 21:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 21:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 21:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 21:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 19:54 - 2015-01-05 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 19:52 - 2014-12-26 20:54 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 19:38 - 2015-01-14 17:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 19:38 - 2014-12-26 20:54 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-13 19:34 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 19:34 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 19:33 - 2013-08-22 15:25 - 00000199 _____ C:\Windows\win.ini
2015-08-13 17:43 - 2015-06-30 08:28 - 00000000 ____D C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2015-08-12 18:30 - 2014-12-29 10:00 - 00000000 ____D C:\ProgramData\Skype
2015-08-12 17:17 - 2014-07-14 18:16 - 00000000 ___HD C:\OEM
2015-08-12 17:13 - 2015-06-13 15:53 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-08 15:55 - 2015-03-13 07:24 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-03-13 07:24 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-03-30 15:51 - 2015-04-08 14:13 - 0009662 _____ () C:\Users\Péťa\AppData\Roaming\em_64x64.ico
2015-03-22 18:46 - 2015-03-22 18:49 - 0000000 _____ () C:\Users\Péťa\AppData\Roaming\FileIn.cns
2015-03-22 18:46 - 2015-03-22 18:49 - 0000000 _____ () C:\Users\Péťa\AppData\Roaming\FileOut.cns

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-02 19:17

==================== End of FRST.txt ============================
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz