Dobrý den, před pár dny mě začal zlobit pc, nainstalovali se neznámé nežádoucí programy, adware a pc se zpomalil. Prosím o kontrolu logu, děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-10-2015
Ran by bivoj (administrator) on BIVOJ-PC (21-10-2015 10:08:48)
Running from C:\Users\bivoj\Desktop
Loaded Profiles: bivoj (Available Profiles: bivoj)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Concom\Concom.exe
(InstallMoon) C:\Program Files\GoHD\ee09de1b-e24e-47d9-bcd4-c03ff7588208-10.exe
(Cinema PlusV19.10) C:\Program Files\CinemaPlus-3.2cV19.10\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-1-6.exe
(Cinema PlusV19.10) C:\Program Files\CinemaPlus-3.2cV19.10\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-6.exe
(OB) C:\Program Files\SavePass 1.1\175a36d6-a3e3-472c-bc27-f43da1219161-10.exe
(Cinema PlusV19.10) C:\Program Files\CinemaPlus-3.2cV19.10\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-10.exe
(InstallMonetizer) C:\Program Files\Shop and Save Up\b002355b-80fd-4307-a56d-c24ccc541d48-10.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A\hnsc1089.tmp
() C:\ProgramData\ExtTag\ExtTag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
() C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A\jnssF663.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\Concom\packages\0232270d-8fb4-4283-a998-ffe97ec42656\Stanron.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\ProgramData\ExtTag\ExtTag.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\updater.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer.exe
() C:\Users\bivoj\AppData\Local\4C4C4544-1445415041-4710-804C-C4C04F46334A\qnsiD53A.tmp
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\2\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\10\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\5\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\8\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\7\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\3\Plugin.exe
() C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugins\12\Plugin.exe
(DTools LIMITED) C:\ProgramData\FWdsManProF\WdsManPro.exe
(TODO: <公司名>) C:\Program Files\SFK\SSFK.exe
(TODO: <公司名>) C:\Program Files\SFK\SSFK.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MxCrashReport.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Cinema PlusV20.10) C:\Program Files\CinemaPlus-3.2cV20.10\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-10.exe
(Cinema PlusV20.10) C:\Program Files\CinemaPlus-3.2cV20.10\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-6.exe
(Cinema PlusV20.10) C:\Program Files\CinemaPlus-3.2cV20.10\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-1-6.exe
(globalUpdate) C:\Program Files\globalUpdate\Update\globalupdate.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
() C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A\knskB46B.tmp
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-07-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2007-05-10] (Creative Technology Ltd.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [7780696 2013-08-22] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103424 2013-01-10] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [379672 2013-07-18] (Acronis)
HKLM\...\RunOnce: [Update] => C:\Users\bivoj\AppData\Roaming\VOPackage\VOPackage.exe [868783 2015-10-17] ()
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [55358992 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [DellSystemDetect] => C:\Users\bivoj\AppData\Local\Apps\2.0\4CCWCYG5.2EY\LHJZ647M.YV3\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-03-07] (Dell)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\MountPoints2: {324767e8-5939-11e5-809a-001ec906d9cd} - F:\autorun.exe
AppInit_DLLs: C:\ProgramData\ExtTag\Math-In.dll => C:\ProgramData\ExtTag\Math-In.dll [320512 2015-10-18] ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2015-03-07]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-09-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F758E1DC-BEB0-49C1-B161-E3C6C67884E9}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABltjV758aLT4gpO0j1o2w4OdSQBOLtzDnaZQybNgTwdGWaUlhJN08VsH0nZ3u3MH3aHw6txFjt0vkBnEm9nSARHrWs2Q4Y0q8e8aKFX2oJ6DQjAWF63QiTK5iGOgyRpzCfQoVyZ_x0lMl2S8&q={searchTerms}
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130897563520020302&GUID=17992910-8611-4642-A6B3-8F3BCDC580A5
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABltjV758aLT4gpO0j1o2w4OdSQBOLtzDnaZQybNgTwdGWaUlhJN08VsH0nZ3u3MH3aHw6txFjt0vkBnEm9nSARHrWs2Q4Y0q8e8aKFX2oJ6DQjAWF63QiTK5iGOgyRpzCfQoVyZ_x0lMl2S8&q={searchTerms}
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABltjV758aLT4gpO0j1o2w4OdSQBOLtzDnaZQybNgTwdGWaUlhJN08VsH0nZ3u3MH3aHw6txFjt0vkBnEm9nSARHrWs2Q4Y0q8e8aKFX2oJ6DQjAWF63QiTK5iGOgyRpzCfQoVyZ_x0lMl2S8&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABltjV758aLT4gpO0j1o2w4OdSQBOLtzDnaZQybNgTwdGWaUlhJN08VsH0nZ3u3MH3aHw6txFjt0vkBnEm9nSARHrWs2Q4Y0q8e8aKFX2oJ6DQjAWF63QiTK5iGOgyRpzCfQoVyZ_x0lMl2S8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3580019343-3483864115-340766615-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABltjV758aLT4gpO0j1o2w4OdSQBOLtzDnaZQybNgTwdGWaUlhJN08VsH0nZ3u3MH3aHw6txFjt0vkBnEm9nSARHrWs2Q4Y0q8e8aKFX2oJ6DQjAWF63QiTK5iGOgyRpzCfQoVyZ_x0lMl2S8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3580019343-3483864115-340766615-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3580019343-3483864115-340766615-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABltjV758aLT4gpO0j1o2w4OdSQBOLtzDnaZQybNgTwdGWaUlhJN08VsH0nZ3u3MH3aHw6txFjt0vkBnEm9nSARHrWs2Q4Y0q8e8aKFX2oJ6DQjAWF63QiTK5iGOgyRpzCfQoVyZ_x0lMl2S8&q={searchTerms}
BHO: Monarch Find -> {10bac0f7-54f5-4d58-b06d-51ee96b664dd} -> C:\Program Files\Monarch Find\Extensions\10bac0f7-54f5-4d58-b06d-51ee96b664dd.dll [2015-10-20] ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=14450397 ... 7975279752
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-10-21] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-10-21] (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3580019343-3483864115-340766615-1000: SkypePlugin -> C:\Users\bivoj\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Skype Technologies S.A.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR Profile: C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-20]
CHR Extension: (Shop and Save Up) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-10-21]
CHR Extension: (SavePass 1.1) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-10-21]
CHR Extension: (Google Docs) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-20]
CHR Extension: (Google Drive) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (YouTube) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Google Search) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-20]
CHR Extension: (Google Sheets) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-20]
CHR Extension: (GoHD) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-20]
CHR Extension: (CinemaPlus-3.2cV20.10) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-10-21]
CHR Extension: (Gmail) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-20]
StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.mystartsearch.com/?type=sc&ts=14454 ... 7975279752
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [777016 2013-07-18] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-09-30] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3873784 2015-07-29] (Acronis)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 Concom; C:\Program Files\Concom\Concom.exe [379904 2015-09-24] () [File not signed] <==== ATTENTION
R2 dijojyvi; C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A\hnsc1089.tmp [845312 2015-10-17] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 ExtTag; C:\ProgramData\\ExtTag\\ExtTag.exe [807936 2015-10-14] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [919184 2015-05-01] (NVIDIA Corporation)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-21] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-21] (globalUpdate) [File not signed] <==== ATTENTION
R2 hidekoqe; C:\Users\bivoj\AppData\Local\4C4C4544-1445415041-4710-804C-C4C04F46334A\qnsiD53A.tmp [142336 2015-10-13] () [File not signed]
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1871784 2015-08-24] (Maxthon)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R2 myqityze; C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A\jnssF663.tmp [97792 2015-10-17] () [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20698768 2015-05-01] (NVIDIA Corporation)
R2 rerynuxe; C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A\knskB46B.tmp [397312 2015-10-21] () [File not signed]
R2 Service Mgr MonarchFind; C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\plugincontainer.exe [1046248 2015-10-21] ()
R2 SSFK; C:\Program Files\SFK\SSFK.exe [169632 2015-10-21] (TODO: <公司名>)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9735112 2013-08-21] (Acronis)
R2 Update Mgr MonarchFind; C:\Program Files\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b\updater.exe [613608 2015-10-21] ()
R2 WdsManPro; C:\ProgramData\FWdsManProF\WdsManPro.exe [442504 2015-10-21] (DTools LIMITED)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-07-28] (Disc Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2015-08-03] (LogMeIn, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 L6PODX3LV; C:\Windows\System32\Drivers\L6PODX3LV.sys [583808 2013-07-11] (Line 6)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-10-20] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [889888 2015-07-29] (Acronis International GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2015-07-29] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2015-07-29] (Acronis)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2015-07-29] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2015-07-29] (Acronis International GmbH)
S1 MpKsl822249e6; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0450207B-79CD-4D2B-8877-321622B5FD45}\MpKsl822249e6.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 10:08 - 2015-10-21 10:10 - 00024583 _____ C:\Users\bivoj\Desktop\FRST.txt
2015-10-21 10:08 - 2015-10-21 10:09 - 00000000 ____D C:\FRST
2015-10-21 10:07 - 2015-10-21 10:07 - 01700864 _____ (Farbar) C:\Users\bivoj\Desktop\FRST.exe
2015-10-21 09:59 - 2015-10-21 10:00 - 00000000 ____D C:\rsit
2015-10-21 08:41 - 2015-10-21 08:41 - 00002434 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-5_user.job
2015-10-21 08:41 - 2015-10-21 08:41 - 00002434 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-5.job
2015-10-21 08:41 - 2015-10-21 08:41 - 00001022 _____ C:\Windows\Tasks\CtPyQlXYWdSFYQP0vOJQfZgrA.job
2015-10-21 08:40 - 2015-10-21 09:40 - 00005506 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-6.job
2015-10-21 08:40 - 2015-10-21 09:40 - 00003126 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-1-6.job
2015-10-21 08:40 - 2015-10-21 08:40 - 00005506 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-7.job
2015-10-21 08:40 - 2015-10-21 08:40 - 00005172 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-11.job
2015-10-21 08:40 - 2015-10-21 08:40 - 00003462 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-1-7.job
2015-10-21 08:40 - 2015-10-21 08:40 - 00000000 ____D C:\Program Files\ee3e1acd-5375-404d-88a8-9dd542a1f625
2015-10-21 08:39 - 2015-10-21 09:39 - 00002100 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-10_user.job
2015-10-21 08:39 - 2015-10-21 08:39 - 00004482 _____ C:\Windows\Tasks\218a5ead-e5d4-4be9-a33b-1e6e6e35588a-3.job
2015-10-21 08:38 - 2015-10-21 08:41 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV20.10
2015-10-21 08:37 - 2015-10-21 08:38 - 00000000 ____D C:\ProgramData\FWdsManProF
2015-10-21 08:10 - 2015-10-21 08:10 - 00000000 ____D C:\Users\bivoj\AppData\Local\4C4C4544-1445415041-4710-804C-C4C04F46334A
2015-10-21 08:05 - 2015-10-21 08:07 - 00000000 ____D C:\ProgramData\1WdsManPro1
2015-10-20 17:34 - 2015-10-21 08:37 - 00000000 ____D C:\Program Files\SFK
2015-10-20 17:33 - 2015-10-20 17:33 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\mystartsearch
2015-10-20 16:59 - 2015-10-20 16:59 - 00160464 _____ C:\Windows\Minidump\102015-27705-01.dmp
2015-10-20 16:48 - 2015-10-20 16:48 - 00089273 _____ C:\Users\bivoj\Downloads\This Will Destroy You - I Believe In Your Victory (Pro).gp5
2015-10-20 16:48 - 2015-10-20 16:48 - 00089273 _____ C:\Users\bivoj\Downloads\This Will Destroy You - I Believe In Your Victory (Pro) (1).gp5
2015-10-20 16:30 - 2015-10-20 16:30 - 00022138 _____ C:\Users\bivoj\Downloads\Stopovac2 (1).exe
2015-10-20 16:26 - 2015-10-20 16:26 - 00022138 _____ C:\Users\bivoj\Downloads\Stopovac2.exe
2015-10-20 16:26 - 2015-10-20 16:26 - 00000000 ____D C:\Users\bivoj\Downloads\Stopovač úhozů v.03new-cz
2015-10-20 15:52 - 2015-10-21 08:10 - 00000000 ____D C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b
2015-10-20 15:52 - 2015-10-21 08:05 - 00000000 ____D C:\Program Files\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b
2015-10-20 15:52 - 2015-10-20 15:52 - 00000000 ____D C:\Program Files\Monarch Find
2015-10-20 09:46 - 2015-10-21 08:03 - 00000616 _____ C:\Windows\setupact.log
2015-10-20 09:46 - 2015-10-21 08:01 - 00007890 _____ C:\Windows\PFRO.log
2015-10-20 09:46 - 2015-10-20 09:46 - 00000000 _____ C:\Windows\setuperr.log
2015-10-20 09:23 - 2015-10-20 09:23 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-20 09:20 - 2015-10-20 09:20 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-20 09:20 - 2015-10-20 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-20 09:20 - 2015-10-20 09:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-20 09:20 - 2015-10-20 09:20 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-20 09:20 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-20 09:20 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-20 09:20 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-20 09:19 - 2015-10-20 09:19 - 00003172 _____ C:\Users\bivoj\Documents\cc_20151020_091948.reg
2015-10-20 00:09 - 2015-10-20 00:09 - 00001168 _____ C:\Users\Public\Desktop\GOM Player.lnk
2015-10-19 23:24 - 2015-10-21 09:52 - 00000992 _____ C:\Windows\Tasks\vwtK8Dk7Gf.job
2015-10-19 23:24 - 2015-10-21 08:02 - 00002434 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-5_user.job
2015-10-19 23:24 - 2015-10-21 08:02 - 00002434 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-5.job
2015-10-19 23:23 - 2015-10-21 09:23 - 00005506 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-6.job
2015-10-19 23:23 - 2015-10-21 09:23 - 00003126 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-1-6.job
2015-10-19 23:23 - 2015-10-21 08:02 - 00005506 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-7.job
2015-10-19 23:23 - 2015-10-21 08:02 - 00005172 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-11.job
2015-10-19 23:23 - 2015-10-21 08:02 - 00003462 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-1-7.job
2015-10-19 23:23 - 2015-10-19 23:23 - 00000000 ____D C:\Program Files\68823e93-40b0-4386-9844-36ce005c2205
2015-10-19 23:22 - 2015-10-21 09:22 - 00002100 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-10_user.job
2015-10-19 23:22 - 2015-10-21 08:44 - 00000962 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-10-19 23:22 - 2015-10-21 08:44 - 00000958 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-10-19 23:22 - 2015-10-21 08:02 - 00004482 _____ C:\Windows\Tasks\eeebd9b4-c95f-47fc-b511-8c5bd2bc72f1-3.job
2015-10-19 23:21 - 2015-10-19 23:24 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV19.10
2015-10-19 21:43 - 2015-10-19 21:44 - 06841165 _____ C:\Users\bivoj\Desktop\PrancerGents---Riding-Thunder---Grant-Stinnet-and-Spencer-fbdown.net.mp4
2015-10-19 21:21 - 2015-10-19 21:21 - 00007277 _____ C:\Users\bivoj\Downloads\Stu Hamm - Terminal Beach (Pro).gp3
2015-10-19 20:25 - 2015-10-19 20:25 - 00034788 _____ C:\Users\bivoj\Desktop\The Contortionist - Primordial Sound (Pro).gp4
2015-10-19 10:51 - 2015-10-19 10:51 - 00005220 _____ C:\Users\bivoj\Documents\cc_20151019_105114.reg
2015-10-19 10:22 - 2015-10-19 10:23 - 00000000 ____D C:\ProgramData\gWdsManProg
2015-10-18 21:39 - 2015-10-18 21:40 - 147936672 _____ C:\Users\bivoj\Desktop\WP_20151018_05_55_21_Pro.mp4
2015-10-18 20:44 - 2015-10-20 15:52 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\OpenCandy
2015-10-18 20:44 - 2015-10-18 20:44 - 00002377 _____ C:\Windows\system32\findit.xml
2015-10-18 20:44 - 2015-10-18 20:44 - 00000000 ____D C:\ProgramData\ExtTags
2015-10-18 20:43 - 2015-10-21 10:04 - 00000000 ____D C:\ProgramData\ExtTag
2015-10-17 13:19 - 2015-10-17 13:22 - 332839210 _____ C:\Users\bivoj\Desktop\WP_20151016_18_47_15_Pro.mp4
2015-10-17 13:05 - 2015-10-17 13:06 - 00000000 ____D C:\ProgramData\7WdsManPro7
2015-10-17 12:55 - 2015-10-17 13:13 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-10-17 12:55 - 2015-10-17 13:13 - 00000000 ____D C:\Program Files\STOPzilla!
2015-10-17 12:36 - 2015-10-17 12:38 - 00000000 ____D C:\ProgramData\OWdsManProO
2015-10-17 10:36 - 2015-10-17 10:36 - 00002166 _____ C:\Users\bivoj\Documents\cc_20151017_103636.reg
2015-10-17 10:24 - 2015-10-17 10:25 - 00806374 _____ C:\Users\bivoj\Documents\cc_20151017_102438.reg
2015-10-17 10:13 - 2015-10-21 08:02 - 00002400 _____ C:\Windows\Tasks\ee09de1b-e24e-47d9-bcd4-c03ff7588208-5_user.job
2015-10-17 10:13 - 2015-10-21 08:02 - 00002400 _____ C:\Windows\Tasks\ee09de1b-e24e-47d9-bcd4-c03ff7588208-5.job
2015-10-17 10:12 - 2015-10-21 08:02 - 00005472 _____ C:\Windows\Tasks\ee09de1b-e24e-47d9-bcd4-c03ff7588208-7.job
2015-10-17 10:12 - 2015-10-21 08:02 - 00005138 _____ C:\Windows\Tasks\ee09de1b-e24e-47d9-bcd4-c03ff7588208-11.job
2015-10-17 10:12 - 2015-10-21 08:02 - 00003428 _____ C:\Windows\Tasks\ee09de1b-e24e-47d9-bcd4-c03ff7588208-1-7.job
2015-10-17 10:12 - 2015-10-17 10:12 - 00000000 ____D C:\Program Files\78aee5d5-c20f-4089-a8c4-0b05c9957c62
2015-10-17 10:11 - 2015-10-21 10:11 - 00004448 _____ C:\Windows\Tasks\ee09de1b-e24e-47d9-bcd4-c03ff7588208-3.job
2015-10-17 10:11 - 2015-10-21 10:11 - 00002066 _____ C:\Windows\Tasks\ee09de1b-e24e-47d9-bcd4-c03ff7588208-10_user.job
2015-10-17 10:08 - 2015-10-17 10:09 - 00000000 ____D C:\ProgramData\XWdsManProX
2015-10-17 03:00 - 2015-10-17 03:00 - 00000000 ____D C:\Windows\system32\Flash
2015-10-17 02:58 - 2015-10-17 02:58 - 00000000 __SHD C:\Users\bivoj\AppData\Roaming\AnyProtectEx
2015-10-17 02:58 - 2015-10-17 02:57 - 00628688 _____ (CMI Limited) C:\Users\bivoj\AppData\Local\nsoBEF.tmp
2015-10-17 02:19 - 2015-10-17 02:20 - 00000000 ____D C:\ProgramData\DWdsManProD
2015-10-17 02:06 - 2015-10-21 10:06 - 00005496 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-6.job
2015-10-17 02:06 - 2015-10-21 10:06 - 00003116 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-1-6.job
2015-10-17 02:06 - 2015-10-21 08:07 - 00002424 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-5_user.job
2015-10-17 02:06 - 2015-10-21 08:06 - 00005496 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-7.job
2015-10-17 02:06 - 2015-10-21 08:06 - 00003452 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-1-7.job
2015-10-17 02:06 - 2015-10-21 08:06 - 00002424 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-5.job
2015-10-17 02:06 - 2015-10-17 02:06 - 00000000 ____D C:\Program Files\7405fc5f-f116-4083-a5c6-aade95b87c0b
2015-10-17 02:05 - 2015-10-21 10:05 - 00002090 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-10_user.job
2015-10-17 02:05 - 2015-10-21 08:06 - 00005162 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-11.job
2015-10-17 02:05 - 2015-10-21 08:05 - 00004472 _____ C:\Windows\Tasks\b002355b-80fd-4307-a56d-c24ccc541d48-3.job
2015-10-17 02:05 - 2015-10-17 12:03 - 00000000 ____D C:\Program Files\Shop and Save Up
2015-10-17 02:04 - 2015-10-21 10:04 - 00003092 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-1-6.job
2015-10-17 02:04 - 2015-10-21 08:04 - 00003428 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-1-7.job
2015-10-17 02:04 - 2015-10-21 08:04 - 00002400 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-5_user.job
2015-10-17 02:04 - 2015-10-21 08:04 - 00002400 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-5.job
2015-10-17 02:03 - 2015-10-21 10:03 - 00005472 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-6.job
2015-10-17 02:03 - 2015-10-21 08:40 - 00000000 ____D C:\Program Files\254f4da9-9213-4926-86e1-e4badf66064f
2015-10-17 02:03 - 2015-10-21 08:03 - 00005472 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-7.job
2015-10-17 02:03 - 2015-10-21 08:03 - 00005138 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-11.job
2015-10-17 02:02 - 2015-10-21 08:02 - 00004448 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-3.job
2015-10-17 02:01 - 2015-10-21 10:01 - 00002066 _____ C:\Windows\Tasks\189c153c-3cc3-4df4-938e-abbdfa118de9-10_user.job
2015-10-17 02:01 - 2015-10-17 12:49 - 00000000 ____D C:\Program Files\GoHD
2015-10-17 02:01 - 2015-10-17 02:01 - 00000000 ____D C:\Users\bivoj\AppData\Local\Systweak
2015-10-17 02:00 - 2015-10-17 10:13 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\systweak
2015-10-17 02:00 - 2015-10-17 02:01 - 00000000 ____D C:\Program Files\cd6db29d-2556-428e-b609-55f5935be1a3
2015-10-17 02:00 - 2015-07-02 14:14 - 00018200 _____ () C:\Windows\system32\roboot.exe
2015-10-17 01:58 - 2015-10-17 01:59 - 00000000 ____D C:\ProgramData\lWdsManProl
2015-10-17 01:58 - 2015-10-17 01:58 - 00000296 _____ C:\task.vbs
2015-10-17 01:58 - 2015-10-17 01:58 - 00000000 ____D C:\Users\bivoj\AppData\Local\MyBrowser
2015-10-17 01:55 - 2015-10-21 08:37 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-17 01:55 - 2015-10-17 01:57 - 00000000 ____D C:\ProgramData\ZWdsManProZ
2015-10-17 01:54 - 2015-10-21 08:02 - 00002416 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-5_user.job
2015-10-17 01:54 - 2015-10-21 08:02 - 00002416 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-5.job
2015-10-17 01:54 - 2015-10-17 02:54 - 00000000 ____D C:\Program Files\Concom
2015-10-17 01:53 - 2015-10-21 09:53 - 00005488 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-6.job
2015-10-17 01:53 - 2015-10-21 09:53 - 00003108 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-1-6.job
2015-10-17 01:53 - 2015-10-21 08:02 - 00005488 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-7.job
2015-10-17 01:53 - 2015-10-21 08:02 - 00003444 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-1-7.job
2015-10-17 01:53 - 2015-10-17 02:01 - 00000000 ____D C:\Program Files\31e07d21-da69-4567-917c-31b74f9416a3
2015-10-17 01:52 - 2015-10-21 09:52 - 00002082 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-10_user.job
2015-10-17 01:52 - 2015-10-21 08:02 - 00005154 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-11.job
2015-10-17 01:52 - 2015-10-21 08:02 - 00004128 _____ C:\Windows\Tasks\175a36d6-a3e3-472c-bc27-f43da1219161-3.job
2015-10-17 01:51 - 2015-10-17 12:03 - 00000000 ____D C:\Program Files\SavePass 1.1
2015-10-17 01:50 - 2015-10-17 01:59 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Opera Software
2015-10-17 01:50 - 2015-10-17 01:59 - 00000000 ____D C:\Users\bivoj\AppData\Local\Opera Software
2015-10-17 01:48 - 2015-10-19 09:54 - 00000000 ____D C:\Users\bivoj\AppData\Local\4C4C4544-1445046489-4710-804C-C4C04F46334A
2015-10-17 01:47 - 2015-10-17 01:59 - 00000000 ____D C:\Program Files\Opera
2015-10-17 01:46 - 2015-07-29 11:07 - 00000877 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-17 01:45 - 2015-10-21 10:03 - 00000000 ____D C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A
2015-10-17 01:45 - 2015-10-17 01:45 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\VOPackage
2015-10-17 01:45 - 2015-10-17 01:45 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-10-17 01:44 - 2015-10-17 01:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\DivX
2015-10-17 01:41 - 2015-10-21 10:01 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-10-17 01:41 - 2015-10-17 01:42 - 00000000 ____D C:\Program Files\0111d02a-5a14-462a-b8fa-dd08a90623d4
2015-10-17 01:41 - 2015-10-17 01:41 - 00000000 ____D C:\Users\bivoj\AppData\Local\globalUpdate
2015-10-17 01:41 - 2015-10-17 01:41 - 00000000 ____D C:\Program Files\globalUpdate
2015-10-17 01:40 - 2015-10-17 10:58 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV16.10
2015-10-17 01:39 - 2015-10-17 02:03 - 00000000 ____D C:\Program Files\DivX
2015-10-17 01:38 - 2015-10-17 01:38 - 00000000 __RSH C:\MSDOS.SYS
2015-10-17 01:38 - 2015-10-17 01:38 - 00000000 __RSH C:\IO.SYS
2015-10-17 01:37 - 2015-10-17 02:03 - 00000000 ____D C:\ProgramData\DivX
2015-10-17 01:37 - 2015-10-17 01:38 - 01850112 _____ C:\Windows\chromebrowser.exe
2015-10-17 01:06 - 2015-10-19 11:22 - 00000000 ____D C:\Users\bivoj\AppData\LocalLow\uTorrent
2015-10-16 12:10 - 2015-10-16 12:10 - 56396488 _____ C:\Users\bivoj\Desktop\kuratko_animace01.psd
2015-10-16 11:27 - 2015-10-16 11:27 - 02227961 _____ C:\Users\bivoj\Desktop\kuratko_zaklad.psd
2015-10-15 09:40 - 2015-09-18 19:47 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 09:40 - 2015-09-18 19:44 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 09:40 - 2015-09-18 19:35 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 10:50 - 2015-07-09 20:02 - 00000000 ____D C:\Users\bivoj\Desktop\Nevoa - The Absence Of Void (2015)
2015-10-14 09:33 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-14 09:33 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 09:33 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 09:32 - 2015-09-29 05:02 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 09:32 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 09:32 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 09:32 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 09:32 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 09:32 - 2015-09-29 03:43 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 09:32 - 2015-09-29 03:43 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 09:32 - 2015-09-29 03:43 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 09:32 - 2015-09-25 19:59 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 09:32 - 2015-09-25 19:58 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 09:32 - 2015-09-25 19:58 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 09:32 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 09:32 - 2015-09-25 19:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 09:32 - 2015-09-15 19:42 - 00139096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 09:32 - 2015-09-15 19:42 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 09:32 - 2015-09-15 19:36 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 09:32 - 2015-09-15 19:35 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 09:32 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 09:32 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 09:31 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 09:31 - 2015-10-01 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 09:31 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 09:31 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 09:31 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 09:31 - 2015-09-16 05:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 09:31 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 09:31 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 09:31 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 09:31 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 09:31 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 09:31 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 09:31 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 09:31 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 09:31 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 09:31 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 09:31 - 2015-09-16 05:23 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 09:31 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 09:31 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 09:31 - 2015-09-16 05:18 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 09:31 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 09:31 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 09:31 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 09:31 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 09:31 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 09:31 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 09:31 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 09:31 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 09:31 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 09:31 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 09:31 - 2015-09-16 04:56 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 09:31 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 09:31 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 09:31 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 09:31 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 09:31 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 18:15 - 2015-10-19 22:32 - 00006943 _____ C:\Users\bivoj\Desktop\prayforplagues.RPP
2015-10-13 18:15 - 2015-10-13 19:01 - 00005809 _____ C:\Users\bivoj\Desktop\prayforplagues.RPP-bak
2015-10-13 11:54 - 2015-10-13 11:54 - 05375897 _____ C:\Users\bivoj\Desktop\Walking-Bass-Lines-2-Lesson-Material.zip
2015-10-13 11:54 - 2015-10-13 11:54 - 00000000 ____D C:\Users\bivoj\Desktop\Walking-Bass-Lines-2-Lesson-Material
2015-10-12 00:00 - 2015-10-12 00:01 - 127223225 _____ C:\Users\bivoj\Desktop\kuratko02.mp4
2015-10-11 23:57 - 2015-10-11 23:58 - 100045807 _____ C:\Users\bivoj\Desktop\kuratko.mp4
2015-10-09 15:26 - 2015-10-09 15:26 - 00000000 ____D C:\ProgramData\Adobe
2015-10-07 13:46 - 2015-10-07 13:46 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\TC-Helicon
2015-10-07 01:01 - 2015-10-07 01:01 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Steam
2015-10-06 19:06 - 2015-10-06 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Awesomenauts
2015-10-06 11:39 - 2015-10-01 23:57 - 33696812 _____ C:\Users\bivoj\Desktop\39.wav
2015-10-02 17:26 - 2015-10-09 12:38 - 00000000 ____D C:\Users\bivoj\AppData\Local\Adobe
2015-10-02 17:15 - 2015-10-09 14:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Adobe
2015-10-02 07:41 - 2015-10-02 07:41 - 00000000 ____D C:\Program Files\MSXML 4.0
2015-10-01 12:29 - 2015-10-01 12:29 - 00001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS4.lnk
2015-10-01 12:17 - 2015-10-09 10:48 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
2015-10-01 12:15 - 2015-10-09 10:46 - 00000843 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2015-10-01 12:14 - 2015-10-09 10:45 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
2015-10-01 12:13 - 2015-10-09 10:44 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk
2015-10-01 12:11 - 2015-10-09 10:42 - 00000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2015-10-01 12:08 - 2015-10-09 10:39 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2015-10-01 12:08 - 2015-10-09 10:39 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2015-10-01 12:05 - 2015-10-01 12:05 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2015-10-01 11:44 - 2015-10-01 11:48 - 00000000 ____D C:\AdobeTemp
2015-10-01 10:00 - 2015-10-01 10:47 - 00000000 ____D C:\ProgramData\FLEXnet
2015-10-01 09:26 - 2015-10-01 09:26 - 00000000 ____D C:\Program Files\Adobe Media Player
2015-10-01 09:23 - 2015-10-01 09:23 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2015-09-30 16:16 - 2015-09-30 16:16 - 00000132 _____ C:\Users\bivoj\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2015-09-30 13:30 - 2015-09-30 18:31 - 00001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2015-09-30 13:29 - 2015-09-30 13:29 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2015-09-30 13:28 - 2015-10-01 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-09-30 13:28 - 2015-09-30 13:28 - 00002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2015-09-30 13:28 - 2015-09-30 13:28 - 00000000 ____D C:\Program Files\Common Files\Adobe Systems Shared
2015-09-30 13:27 - 2015-10-02 17:17 - 00001716 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
2015-09-30 13:23 - 2015-10-02 17:16 - 00053248 ____N C:\Windows\system32\pxhpinst.exe
2015-09-30 13:23 - 2015-09-30 13:18 - 00417792 ____N (Sonic Solutions) C:\Windows\system32\pxdrv.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00372736 ____N (Sonic Solutions) C:\Windows\system32\px.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00339968 ____N (Sonic Solutions) C:\Windows\system32\pxwave.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00172032 ____N (Sonic Solutions) C:\Windows\system32\pxmas.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00028672 ____N (Sonic Solutions) C:\Windows\system32\vxblock.dll
2015-09-30 13:22 - 2015-09-30 13:22 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4r.dll
2015-09-29 13:49 - 2015-09-29 13:49 - 00000022 _____ C:\Users\bivoj\Documents\tempFolderPath.dat
2015-09-29 13:47 - 2015-10-18 20:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Mozilla
2015-09-29 09:59 - 2015-09-29 09:59 - 00000000 ____D C:\Users\bivoj\Documents\NewBlueFX
2015-09-29 09:57 - 2015-10-01 10:01 - 00000000 ____D C:\Users\bivoj\Documents\Adobe
2015-09-28 17:44 - 2015-09-28 17:44 - 00002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 11.lnk
2015-09-28 17:41 - 2015-09-28 17:42 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
2015-09-28 17:40 - 2015-10-01 12:16 - 00000000 ____D C:\Program Files\Adobe
2015-09-28 17:37 - 2015-10-16 12:14 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-09-21 22:20 - 2015-08-03 12:12 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-09-21 20:27 - 2015-09-21 20:31 - 00036720 _____ C:\Users\bivoj\Documents\cc_20150921_202748.reg
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 10:07 - 2015-03-07 17:51 - 01434624 _____ C:\Windows\WindowsUpdate.log
2015-10-21 10:06 - 2015-03-08 16:04 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Skype
2015-10-21 10:00 - 2015-05-03 10:20 - 00000000 ____D C:\Program Files\trend micro
2015-10-21 09:56 - 2015-08-30 16:45 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e33284aa3f04.job
2015-10-21 08:51 - 2015-04-26 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-21 08:12 - 2009-07-14 06:34 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 08:12 - 2009-07-14 06:34 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-21 08:02 - 2015-08-30 16:45 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e33283baf983.job
2015-10-21 08:01 - 2015-03-07 19:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-21 08:01 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-20 16:59 - 2015-08-24 22:31 - 00000000 ____D C:\Windows\Minidump
2015-10-20 14:41 - 2015-08-03 19:14 - 01307648 ___SH C:\Users\bivoj\Desktop\Thumbs.db
2015-10-20 09:16 - 2015-06-30 12:48 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\uTorrent
2015-10-20 00:09 - 2015-06-30 13:09 - 00001192 _____ C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-10-19 22:31 - 2015-07-01 22:31 - 00000000 ____D C:\Users\bivoj\Documents\REAPER Media
2015-10-19 10:42 - 2015-03-07 18:00 - 00001413 _____ C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-19 09:53 - 2015-03-07 23:45 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-19 09:53 - 2015-03-07 23:45 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-17 12:10 - 2015-08-11 21:45 - 00000000 ____D C:\Windows\system32\appmgmt
2015-10-17 10:22 - 2015-07-28 18:34 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\DAEMON Tools Lite
2015-10-17 01:42 - 2015-07-29 11:02 - 00000000 ____D C:\Program Files\Acronis
2015-10-16 02:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-10-16 01:21 - 2015-08-18 14:53 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\TS3Client
2015-10-15 10:18 - 2015-03-08 16:04 - 00000000 ___RD C:\Program Files\Skype
2015-10-14 11:23 - 2015-03-08 00:11 - 00000000 ____D C:\Windows\system32\MRT
2015-10-11 20:44 - 2015-04-04 23:23 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 15:24 - 2009-07-14 06:33 - 02199656 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-09 11:03 - 2015-03-07 18:03 - 00060288 _____ C:\Users\bivoj\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 13:09 - 2015-08-10 16:25 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Audacity
2015-10-06 00:28 - 2010-11-20 23:01 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-02 17:26 - 2015-03-08 16:04 - 00000000 ____D C:\ProgramData\Skype
2015-10-02 12:10 - 2015-03-08 00:11 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-01 12:35 - 2015-08-22 12:51 - 00000132 _____ C:\Users\bivoj\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-10-01 11:20 - 2015-03-07 17:59 - 00000000 ____D C:\Users\bivoj
2015-09-30 16:49 - 2015-03-08 15:45 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieUserList
2015-09-30 16:49 - 2015-03-08 15:45 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieBrowserModeList
2015-09-30 16:49 - 2015-03-08 15:44 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieSiteList
2015-09-29 11:49 - 2015-03-08 15:51 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-29 11:49 - 2015-03-08 15:51 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 12:02 - 2015-09-20 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
2015-09-21 12:02 - 2015-03-07 18:17 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-09-21 12:02 - 2015-03-07 18:17 - 00000000 ____D C:\Program Files\Common Files\InstallShield
==================== Files in the root of some directories =======
2015-09-30 16:16 - 2015-09-30 16:16 - 0000132 _____ () C:\Users\bivoj\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2015-08-22 12:51 - 2015-10-01 12:35 - 0000132 _____ () C:\Users\bivoj\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\CtPyQlXYWdSFYQP0vOJQfZgrA
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\bivoj\AppData\Roaming\CtPyQlXYWdSFYQP0vOJQfZgrA.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\I548nfUP
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\KHSalJu0SU5
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\vwtK8Dk7Gf
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\bivoj\AppData\Roaming\vwtK8Dk7Gf.exe
2015-10-17 02:58 - 2015-10-17 02:57 - 0628688 _____ (CMI Limited) C:\Users\bivoj\AppData\Local\nsoBEF.tmp
2015-10-17 01:55 - 2015-10-21 08:37 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\bivoj\AppData\Local\Temp\1182.exe
C:\Users\bivoj\AppData\Local\Temp\2048.exe
C:\Users\bivoj\AppData\Local\Temp\2159.exe
C:\Users\bivoj\AppData\Local\Temp\5719.exe
C:\Users\bivoj\AppData\Local\Temp\577.exe
C:\Users\bivoj\AppData\Local\Temp\beefdcaiij.exe
C:\Users\bivoj\AppData\Local\Temp\ExPromo.exe
C:\Users\bivoj\AppData\Local\Temp\fsd11AC.exe
C:\Users\bivoj\AppData\Local\Temp\fsd17E3.exe
C:\Users\bivoj\AppData\Local\Temp\fsd191B.exe
C:\Users\bivoj\AppData\Local\Temp\fsd557F.exe
C:\Users\bivoj\AppData\Local\Temp\fsd6D14.exe
C:\Users\bivoj\AppData\Local\Temp\fsd6EE8.exe
C:\Users\bivoj\AppData\Local\Temp\fsd9F98.exe
C:\Users\bivoj\AppData\Local\Temp\fsdCF11.exe
C:\Users\bivoj\AppData\Local\Temp\fsdD0B6.exe
C:\Users\bivoj\AppData\Local\Temp\nsdDE67.exe
C:\Users\bivoj\AppData\Local\Temp\nsdDE68.exe
C:\Users\bivoj\AppData\Local\Temp\nskCF48.exe
C:\Users\bivoj\AppData\Local\Temp\nskCF49.exe
C:\Users\bivoj\AppData\Local\Temp\RSIT.exe
C:\Users\bivoj\AppData\Local\Temp\Uninstall.exe
C:\Users\bivoj\AppData\Local\Temp\{07B2B7B7-C95D-4CD6-9011-5C241D0AE437}.dll
C:\Users\bivoj\AppData\Local\Temp\{099131A2-379E-495B-9094-04AB1015D19B}.dll
C:\Users\bivoj\AppData\Local\Temp\{1A687442-2C5F-4A97-A201-0693EB398916}.dll
C:\Users\bivoj\AppData\Local\Temp\{1AB5E0AE-A56C-419D-B489-A2F8CBF3C521}.dll
C:\Users\bivoj\AppData\Local\Temp\{27F2B6E8-22B7-4D12-A039-ADCB92BF7C7E}.dll
C:\Users\bivoj\AppData\Local\Temp\{3BBBC28D-EE17-442A-AF15-2D4DB8FF72B3}.dll
C:\Users\bivoj\AppData\Local\Temp\{4394B176-884A-4FDA-9B14-D53D98CB6DFF}.dll
C:\Users\bivoj\AppData\Local\Temp\{45DA8FDE-11E6-4459-A45F-3EE8ECA29FD8}.dll
C:\Users\bivoj\AppData\Local\Temp\{4CC041E8-7793-4F8E-9D45-1F5C58EDD1FA}.dll
C:\Users\bivoj\AppData\Local\Temp\{509C9418-E30C-4D79-86E9-CD7A184A32C7}.dll
C:\Users\bivoj\AppData\Local\Temp\{705444BB-6FCC-474C-8E69-9608E4946AC7}.dll
C:\Users\bivoj\AppData\Local\Temp\{7BA6B6B3-360E-4D9C-98E9-BA529B93FFAA}.dll
C:\Users\bivoj\AppData\Local\Temp\{7C153D5E-705E-4152-908C-210476894BD6}.dll
C:\Users\bivoj\AppData\Local\Temp\{82F94550-2D39-4DAC-866B-DAB5679756EA}.dll
C:\Users\bivoj\AppData\Local\Temp\{9CA72FB9-897A-4258-8C1A-88E9D6CB5E3A}.dll
C:\Users\bivoj\AppData\Local\Temp\{B2F8220B-91F9-4E79-A60F-B6491312DBD1}.dll
C:\Users\bivoj\AppData\Local\Temp\{E0AF03D8-263E-4A5C-A4FC-15864A26E619}.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-11 21:05
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém s ntb, adware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Problém s ntb, adware
- Přílohy
-
- Addition.rar
- (11.55 KiB) Staženo 64 x
Re: Problém s ntb, adware
ahoj,
no je to zasvinene az po okraj
1. vycisti PC s MBAM
restart
2. odinstaluj C:\Program Files\Microsoft Security Client a nahrad ho nejakym ;epsim AV - vycisti PC
2. vloz novy log FRST na docistenie
no je to zasvinene az po okraj
1. vycisti PC s MBAM
restart
2. odinstaluj C:\Program Files\Microsoft Security Client a nahrad ho nejakym ;epsim AV - vycisti PC
2. vloz novy log FRST na docistenie
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Problém s ntb, adware
Přeinstaloval jsem av a pc jsem vyčistil. Zde je log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-10-2015 01
Ran by bivoj (administrator) on BIVOJ-PC (21-10-2015 22:49:56)
Running from C:\Users\bivoj\Desktop
Loaded Profiles: bivoj (Available Profiles: bivoj)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-07-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2007-05-10] (Creative Technology Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [7780696 2013-08-22] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103424 2013-01-10] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [379672 2013-07-18] (Acronis)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [55358992 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\MountPoints2: {324767e8-5939-11e5-809a-001ec906d9cd} - F:\autorun.exe
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2015-03-07]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-09-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F758E1DC-BEB0-49C1-B161-E3C6C67884E9}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130897563520020302&GUID=17992910-8611-4642-A6B3-8F3BCDC580A5
SearchScopes: HKU\S-1-5-21-3580019343-3483864115-340766615-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3580019343-3483864115-340766615-1000: SkypePlugin -> C:\Users\bivoj\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Skype Technologies S.A.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR Profile: C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-21]
CHR Extension: (Shop and Save Up) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-10-21]
CHR Extension: (SavePass 1.1) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-10-21]
CHR Extension: (Google Docs) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-21]
CHR Extension: (Google Drive) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Google Search) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-21]
CHR Extension: (Google Sheets) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-21]
CHR Extension: (GoHD) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-21]
CHR Extension: (No Name) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-10-21]
CHR Extension: (Gmail) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [777016 2013-07-18] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-09-30] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3873784 2015-07-29] (Acronis)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1971968 2015-10-09] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [919184 2015-05-01] (NVIDIA Corporation)
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1871784 2015-08-24] (Maxthon)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20698768 2015-05-01] (NVIDIA Corporation)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9735112 2013-08-21] (Acronis)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-07-28] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [205800 2015-07-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [145512 2015-07-30] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [131640 2015-07-30] (ESET)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2015-08-03] (LogMeIn, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 L6PODX3LV; C:\Windows\System32\Drivers\L6PODX3LV.sys [583808 2013-07-11] (Line 6)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-10-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [889888 2015-07-29] (Acronis International GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2015-07-29] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2015-07-29] (Acronis)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2015-07-29] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2015-07-29] (Acronis International GmbH)
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 22:49 - 2015-10-21 22:49 - 00000000 ____D C:\Users\bivoj\Desktop\FRST-OlderVersion
2015-10-21 14:23 - 2015-10-21 14:23 - 00000000 ____D C:\Users\bivoj\AppData\Local\ESET
2015-10-21 13:46 - 2015-10-21 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-10-21 13:46 - 2015-10-21 13:46 - 00000000 ____D C:\ProgramData\ESET
2015-10-21 13:46 - 2015-10-21 13:46 - 00000000 ____D C:\Program Files\ESET
2015-10-21 12:17 - 2015-10-21 12:17 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-21 12:17 - 2015-10-21 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-21 12:17 - 2015-10-21 12:17 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-21 12:17 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-21 12:17 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-21 12:17 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-21 12:13 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Local\4C4C4544-1445429586-4710-804C-C4C04F46334A
2015-10-21 12:09 - 2015-10-21 22:44 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-10-21 12:09 - 2015-10-21 12:18 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Malwarebytes
2015-10-21 11:46 - 2015-10-21 11:47 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\bivoj\Desktop\mbam-setup-1.75.0.1300.exe
2015-10-21 10:40 - 2015-10-21 10:40 - 00747335 _____ C:\Users\bivoj\Desktop\Pro_Terezku_-_D.m4a
2015-10-21 10:16 - 2015-10-21 10:16 - 00011831 _____ C:\Users\bivoj\Desktop\Addition.rar
2015-10-21 10:11 - 2015-10-21 10:15 - 00051707 _____ C:\Users\bivoj\Desktop\Addition.txt
2015-10-21 10:08 - 2015-10-21 22:50 - 00016399 _____ C:\Users\bivoj\Desktop\FRST.txt
2015-10-21 10:08 - 2015-10-21 22:49 - 00000000 ____D C:\FRST
2015-10-21 10:07 - 2015-10-21 22:49 - 01700352 _____ (Farbar) C:\Users\bivoj\Desktop\FRST.exe
2015-10-21 09:59 - 2015-10-21 10:00 - 00000000 ____D C:\rsit
2015-10-21 08:41 - 2015-10-21 22:44 - 00001022 _____ C:\Windows\Tasks\CtPyQlXYWdSFYQP0vOJQfZgrA.job
2015-10-21 08:40 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\ee3e1acd-5375-404d-88a8-9dd542a1f625
2015-10-21 08:38 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV20.10
2015-10-21 08:37 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\FWdsManProF
2015-10-21 08:05 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\1WdsManPro1
2015-10-20 17:34 - 2015-10-21 13:18 - 00000000 ____D C:\Program Files\SFK
2015-10-20 17:33 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\mystartsearch
2015-10-20 16:59 - 2015-10-20 16:59 - 00160464 _____ C:\Windows\Minidump\102015-27705-01.dmp
2015-10-20 16:48 - 2015-10-20 16:48 - 00089273 _____ C:\Users\bivoj\Downloads\This Will Destroy You - I Believe In Your Victory (Pro).gp5
2015-10-20 16:48 - 2015-10-20 16:48 - 00089273 _____ C:\Users\bivoj\Downloads\This Will Destroy You - I Believe In Your Victory (Pro) (1).gp5
2015-10-20 16:30 - 2015-10-20 16:30 - 00022138 _____ C:\Users\bivoj\Downloads\Stopovac2 (1).exe
2015-10-20 16:26 - 2015-10-20 16:26 - 00022138 _____ C:\Users\bivoj\Downloads\Stopovac2.exe
2015-10-20 16:26 - 2015-10-20 16:26 - 00000000 ____D C:\Users\bivoj\Downloads\Stopovač úhozů v.03new-cz
2015-10-20 15:52 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\Monarch Find
2015-10-20 15:52 - 2015-10-21 12:12 - 00000000 ____D C:\Program Files\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b
2015-10-20 15:52 - 2015-10-21 12:11 - 00000000 ____D C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b
2015-10-20 09:46 - 2015-10-21 22:44 - 00000952 _____ C:\Windows\setupact.log
2015-10-20 09:46 - 2015-10-21 13:23 - 00015708 _____ C:\Windows\PFRO.log
2015-10-20 09:46 - 2015-10-20 09:46 - 00000000 _____ C:\Windows\setuperr.log
2015-10-20 09:20 - 2015-10-21 12:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-20 09:19 - 2015-10-20 09:19 - 00003172 _____ C:\Users\bivoj\Documents\cc_20151020_091948.reg
2015-10-20 00:09 - 2015-10-20 00:09 - 00001168 _____ C:\Users\Public\Desktop\GOM Player.lnk
2015-10-19 23:24 - 2015-10-21 22:44 - 00000992 _____ C:\Windows\Tasks\vwtK8Dk7Gf.job
2015-10-19 23:23 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\68823e93-40b0-4386-9844-36ce005c2205
2015-10-19 23:21 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV19.10
2015-10-19 21:43 - 2015-10-19 21:44 - 06841165 _____ C:\Users\bivoj\Desktop\PrancerGents---Riding-Thunder---Grant-Stinnet-and-Spencer-fbdown.net.mp4
2015-10-19 21:21 - 2015-10-19 21:21 - 00007277 _____ C:\Users\bivoj\Downloads\Stu Hamm - Terminal Beach (Pro).gp3
2015-10-19 20:25 - 2015-10-19 20:25 - 00034788 _____ C:\Users\bivoj\Desktop\The Contortionist - Primordial Sound (Pro).gp4
2015-10-19 10:51 - 2015-10-19 10:51 - 00005220 _____ C:\Users\bivoj\Documents\cc_20151019_105114.reg
2015-10-19 10:22 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\gWdsManProg
2015-10-18 21:39 - 2015-10-18 21:40 - 147936672 _____ C:\Users\bivoj\Desktop\WP_20151018_05_55_21_Pro.mp4
2015-10-18 20:44 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\ExtTags
2015-10-18 20:44 - 2015-10-20 15:52 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\OpenCandy
2015-10-18 20:43 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\ExtTag
2015-10-17 13:19 - 2015-10-17 13:22 - 332839210 _____ C:\Users\bivoj\Desktop\WP_20151016_18_47_15_Pro.mp4
2015-10-17 13:05 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\7WdsManPro7
2015-10-17 12:55 - 2015-10-17 13:13 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-10-17 12:55 - 2015-10-17 13:13 - 00000000 ____D C:\Program Files\STOPzilla!
2015-10-17 12:36 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\OWdsManProO
2015-10-17 10:36 - 2015-10-17 10:36 - 00002166 _____ C:\Users\bivoj\Documents\cc_20151017_103636.reg
2015-10-17 10:24 - 2015-10-17 10:25 - 00806374 _____ C:\Users\bivoj\Documents\cc_20151017_102438.reg
2015-10-17 10:12 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\78aee5d5-c20f-4089-a8c4-0b05c9957c62
2015-10-17 10:08 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\XWdsManProX
2015-10-17 03:00 - 2015-10-17 03:00 - 00000000 ____D C:\Windows\system32\Flash
2015-10-17 02:58 - 2015-10-17 02:58 - 00000000 __SHD C:\Users\bivoj\AppData\Roaming\AnyProtectEx
2015-10-17 02:19 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\DWdsManProD
2015-10-17 02:06 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\7405fc5f-f116-4083-a5c6-aade95b87c0b
2015-10-17 02:05 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\Shop and Save Up
2015-10-17 02:03 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\254f4da9-9213-4926-86e1-e4badf66064f
2015-10-17 02:01 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\GoHD
2015-10-17 02:01 - 2015-10-17 02:01 - 00000000 ____D C:\Users\bivoj\AppData\Local\Systweak
2015-10-17 02:00 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\cd6db29d-2556-428e-b609-55f5935be1a3
2015-10-17 02:00 - 2015-10-17 10:13 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\systweak
2015-10-17 01:58 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\lWdsManProl
2015-10-17 01:58 - 2015-10-17 01:58 - 00000000 ____D C:\Users\bivoj\AppData\Local\MyBrowser
2015-10-17 01:55 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\ZWdsManProZ
2015-10-17 01:55 - 2015-10-21 08:37 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-17 01:54 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\Concom
2015-10-17 01:53 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\31e07d21-da69-4567-917c-31b74f9416a3
2015-10-17 01:51 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\SavePass 1.1
2015-10-17 01:50 - 2015-10-17 01:59 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Opera Software
2015-10-17 01:50 - 2015-10-17 01:59 - 00000000 ____D C:\Users\bivoj\AppData\Local\Opera Software
2015-10-17 01:48 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Local\4C4C4544-1445046489-4710-804C-C4C04F46334A
2015-10-17 01:47 - 2015-10-17 01:59 - 00000000 ____D C:\Program Files\Opera
2015-10-17 01:46 - 2015-07-29 11:07 - 00000877 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-17 01:45 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\VOPackage
2015-10-17 01:45 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-10-17 01:45 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A
2015-10-17 01:44 - 2015-10-17 01:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\DivX
2015-10-17 01:41 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\0111d02a-5a14-462a-b8fa-dd08a90623d4
2015-10-17 01:41 - 2015-10-21 13:01 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-10-17 01:41 - 2015-10-17 01:41 - 00000000 ____D C:\Users\bivoj\AppData\Local\globalUpdate
2015-10-17 01:41 - 2015-10-17 01:41 - 00000000 ____D C:\Program Files\globalUpdate
2015-10-17 01:40 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV16.10
2015-10-17 01:39 - 2015-10-17 02:03 - 00000000 ____D C:\Program Files\DivX
2015-10-17 01:38 - 2015-10-17 01:38 - 00000000 __RSH C:\MSDOS.SYS
2015-10-17 01:38 - 2015-10-17 01:38 - 00000000 __RSH C:\IO.SYS
2015-10-17 01:37 - 2015-10-17 02:03 - 00000000 ____D C:\ProgramData\DivX
2015-10-17 01:37 - 2015-10-17 01:38 - 01850112 _____ C:\Windows\chromebrowser.exe
2015-10-16 12:10 - 2015-10-16 12:10 - 56396488 _____ C:\Users\bivoj\Desktop\kuratko_animace01.psd
2015-10-16 11:27 - 2015-10-16 11:27 - 02227961 _____ C:\Users\bivoj\Desktop\kuratko_zaklad.psd
2015-10-15 09:40 - 2015-09-18 19:47 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 09:40 - 2015-09-18 19:44 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 09:40 - 2015-09-18 19:35 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 10:50 - 2015-10-21 10:41 - 00000000 ____D C:\Users\bivoj\Desktop\Nevoa - The Absence Of Void (2015)
2015-10-14 09:33 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-14 09:33 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 09:33 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 09:32 - 2015-09-29 05:02 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 09:32 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 09:32 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 09:32 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 09:32 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 09:32 - 2015-09-29 03:43 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 09:32 - 2015-09-29 03:43 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 09:32 - 2015-09-29 03:43 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 09:32 - 2015-09-25 19:59 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 09:32 - 2015-09-25 19:58 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 09:32 - 2015-09-25 19:58 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 09:32 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 09:32 - 2015-09-25 19:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 09:32 - 2015-09-15 19:42 - 00139096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 09:32 - 2015-09-15 19:42 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 09:32 - 2015-09-15 19:36 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 09:32 - 2015-09-15 19:35 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 09:32 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 09:32 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 09:31 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 09:31 - 2015-10-01 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 09:31 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 09:31 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 09:31 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 09:31 - 2015-09-16 05:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 09:31 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 09:31 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 09:31 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 09:31 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 09:31 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 09:31 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 09:31 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 09:31 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 09:31 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 09:31 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 09:31 - 2015-09-16 05:23 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 09:31 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 09:31 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 09:31 - 2015-09-16 05:18 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 09:31 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 09:31 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 09:31 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 09:31 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 09:31 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 09:31 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 09:31 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 09:31 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 09:31 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 09:31 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 09:31 - 2015-09-16 04:56 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 09:31 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 09:31 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 09:31 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 09:31 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 09:31 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 18:15 - 2015-10-19 22:32 - 00006943 _____ C:\Users\bivoj\Desktop\prayforplagues.RPP
2015-10-13 18:15 - 2015-10-13 19:01 - 00005809 _____ C:\Users\bivoj\Desktop\prayforplagues.RPP-bak
2015-10-13 11:54 - 2015-10-13 11:54 - 05375897 _____ C:\Users\bivoj\Desktop\Walking-Bass-Lines-2-Lesson-Material.zip
2015-10-13 11:54 - 2015-10-13 11:54 - 00000000 ____D C:\Users\bivoj\Desktop\Walking-Bass-Lines-2-Lesson-Material
2015-10-12 00:00 - 2015-10-12 00:01 - 127223225 _____ C:\Users\bivoj\Desktop\kuratko02.mp4
2015-10-11 23:57 - 2015-10-11 23:58 - 100045807 _____ C:\Users\bivoj\Desktop\kuratko.mp4
2015-10-09 15:26 - 2015-10-09 15:26 - 00000000 ____D C:\ProgramData\Adobe
2015-10-07 13:46 - 2015-10-07 13:46 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\TC-Helicon
2015-10-07 01:01 - 2015-10-07 01:01 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Steam
2015-10-06 19:06 - 2015-10-06 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Awesomenauts
2015-10-06 11:39 - 2015-10-01 23:57 - 33696812 _____ C:\Users\bivoj\Desktop\39.wav
2015-10-02 17:26 - 2015-10-09 12:38 - 00000000 ____D C:\Users\bivoj\AppData\Local\Adobe
2015-10-02 17:15 - 2015-10-09 14:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Adobe
2015-10-02 07:41 - 2015-10-02 07:41 - 00000000 ____D C:\Program Files\MSXML 4.0
2015-10-01 12:29 - 2015-10-01 12:29 - 00001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS4.lnk
2015-10-01 12:17 - 2015-10-09 10:48 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
2015-10-01 12:15 - 2015-10-09 10:46 - 00000843 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2015-10-01 12:14 - 2015-10-09 10:45 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
2015-10-01 12:13 - 2015-10-09 10:44 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk
2015-10-01 12:11 - 2015-10-09 10:42 - 00000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2015-10-01 12:08 - 2015-10-09 10:39 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2015-10-01 12:08 - 2015-10-09 10:39 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2015-10-01 12:05 - 2015-10-01 12:05 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2015-10-01 11:44 - 2015-10-01 11:48 - 00000000 ____D C:\AdobeTemp
2015-10-01 10:00 - 2015-10-01 10:47 - 00000000 ____D C:\ProgramData\FLEXnet
2015-10-01 09:26 - 2015-10-01 09:26 - 00000000 ____D C:\Program Files\Adobe Media Player
2015-10-01 09:23 - 2015-10-01 09:23 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2015-09-30 16:16 - 2015-09-30 16:16 - 00000132 _____ C:\Users\bivoj\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2015-09-30 13:30 - 2015-09-30 18:31 - 00001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2015-09-30 13:29 - 2015-09-30 13:29 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2015-09-30 13:28 - 2015-10-01 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-09-30 13:28 - 2015-09-30 13:28 - 00002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2015-09-30 13:28 - 2015-09-30 13:28 - 00000000 ____D C:\Program Files\Common Files\Adobe Systems Shared
2015-09-30 13:27 - 2015-10-02 17:17 - 00001716 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
2015-09-30 13:23 - 2015-10-02 17:16 - 00053248 ____N C:\Windows\system32\pxhpinst.exe
2015-09-30 13:23 - 2015-09-30 13:18 - 00417792 ____N (Sonic Solutions) C:\Windows\system32\pxdrv.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00372736 ____N (Sonic Solutions) C:\Windows\system32\px.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00339968 ____N (Sonic Solutions) C:\Windows\system32\pxwave.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00172032 ____N (Sonic Solutions) C:\Windows\system32\pxmas.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00028672 ____N (Sonic Solutions) C:\Windows\system32\vxblock.dll
2015-09-30 13:22 - 2015-09-30 13:22 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4r.dll
2015-09-29 13:49 - 2015-09-29 13:49 - 00000022 _____ C:\Users\bivoj\Documents\tempFolderPath.dat
2015-09-29 13:47 - 2015-10-18 20:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Mozilla
2015-09-29 09:59 - 2015-09-29 09:59 - 00000000 ____D C:\Users\bivoj\Documents\NewBlueFX
2015-09-29 09:57 - 2015-10-01 10:01 - 00000000 ____D C:\Users\bivoj\Documents\Adobe
2015-09-28 17:44 - 2015-09-28 17:44 - 00002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 11.lnk
2015-09-28 17:41 - 2015-09-28 17:42 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
2015-09-28 17:40 - 2015-10-01 12:16 - 00000000 ____D C:\Program Files\Adobe
2015-09-28 17:37 - 2015-10-16 12:14 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-09-21 22:20 - 2015-08-03 12:12 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-09-21 20:27 - 2015-09-21 20:31 - 00036720 _____ C:\Users\bivoj\Documents\cc_20150921_202748.reg
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 22:47 - 2015-03-08 16:04 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Skype
2015-10-21 22:45 - 2015-03-07 17:51 - 01527244 _____ C:\Windows\WindowsUpdate.log
2015-10-21 22:44 - 2015-08-30 16:45 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e33283baf983.job
2015-10-21 22:43 - 2015-03-07 19:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-21 22:43 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 15:56 - 2015-08-30 16:45 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e33284aa3f04.job
2015-10-21 13:54 - 2015-06-30 12:48 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\uTorrent
2015-10-21 13:32 - 2009-07-14 06:34 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 13:32 - 2009-07-14 06:34 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-21 13:30 - 2015-03-08 11:53 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-21 13:15 - 2015-07-29 11:02 - 00000000 ____D C:\Program Files\Acronis
2015-10-21 10:50 - 2015-08-03 14:54 - 00000000 ____D C:\Users\bivoj\Downloads\Steinberg.Cubase.v5.1.DVDR-AiRISO With Cubase v5.12 AIR-UPDATE
2015-10-21 10:00 - 2015-05-03 10:20 - 00000000 ____D C:\Program Files\trend micro
2015-10-21 08:51 - 2015-04-26 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-20 16:59 - 2015-08-24 22:31 - 00000000 ____D C:\Windows\Minidump
2015-10-20 14:41 - 2015-08-03 19:14 - 01307648 ___SH C:\Users\bivoj\Desktop\Thumbs.db
2015-10-20 00:09 - 2015-06-30 13:09 - 00001192 _____ C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-10-19 22:31 - 2015-07-01 22:31 - 00000000 ____D C:\Users\bivoj\Documents\REAPER Media
2015-10-19 10:42 - 2015-03-07 18:00 - 00001413 _____ C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-19 09:53 - 2015-03-07 23:45 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-19 09:53 - 2015-03-07 23:45 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-17 12:10 - 2015-08-11 21:45 - 00000000 ____D C:\Windows\system32\appmgmt
2015-10-17 10:22 - 2015-07-28 18:34 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\DAEMON Tools Lite
2015-10-16 02:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-10-16 01:21 - 2015-08-18 14:53 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\TS3Client
2015-10-15 10:18 - 2015-03-08 16:04 - 00000000 ___RD C:\Program Files\Skype
2015-10-14 11:23 - 2015-03-08 00:11 - 00000000 ____D C:\Windows\system32\MRT
2015-10-11 20:44 - 2015-04-04 23:23 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 15:24 - 2009-07-14 06:33 - 02199656 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-09 11:03 - 2015-03-07 18:03 - 00060288 _____ C:\Users\bivoj\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 13:09 - 2015-08-10 16:25 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Audacity
2015-10-06 00:28 - 2010-11-20 23:01 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-02 17:26 - 2015-03-08 16:04 - 00000000 ____D C:\ProgramData\Skype
2015-10-02 12:10 - 2015-03-08 00:11 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-01 12:35 - 2015-08-22 12:51 - 00000132 _____ C:\Users\bivoj\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-10-01 11:20 - 2015-03-07 17:59 - 00000000 ____D C:\Users\bivoj
2015-09-30 16:49 - 2015-03-08 15:45 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieUserList
2015-09-30 16:49 - 2015-03-08 15:45 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieBrowserModeList
2015-09-30 16:49 - 2015-03-08 15:44 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieSiteList
2015-09-29 11:49 - 2015-03-08 15:51 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-29 11:49 - 2015-03-08 15:51 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 12:02 - 2015-09-20 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
2015-09-21 12:02 - 2015-03-07 18:17 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-09-21 12:02 - 2015-03-07 18:17 - 00000000 ____D C:\Program Files\Common Files\InstallShield
==================== Files in the root of some directories =======
2015-09-30 16:16 - 2015-09-30 16:16 - 0000132 _____ () C:\Users\bivoj\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2015-08-22 12:51 - 2015-10-01 12:35 - 0000132 _____ () C:\Users\bivoj\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\CtPyQlXYWdSFYQP0vOJQfZgrA
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\I548nfUP
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\KHSalJu0SU5
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\vwtK8Dk7Gf
2015-10-17 01:55 - 2015-10-21 08:37 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\bivoj\AppData\Local\Temp\ExPromo.exe
C:\Users\bivoj\AppData\Local\Temp\nsdDE67.exe
C:\Users\bivoj\AppData\Local\Temp\nskCF48.exe
C:\Users\bivoj\AppData\Local\Temp\RSIT.exe
C:\Users\bivoj\AppData\Local\Temp\Uninstall.exe
C:\Users\bivoj\AppData\Local\Temp\{3DB11756-C5A0-4A70-87C8-6491C5D3A563}.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-11 21:05
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-10-2015 01
Ran by bivoj (administrator) on BIVOJ-PC (21-10-2015 22:49:56)
Running from C:\Users\bivoj\Desktop
Loaded Profiles: bivoj (Available Profiles: bivoj)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-07-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2007-05-10] (Creative Technology Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [7780696 2013-08-22] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103424 2013-01-10] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [379672 2013-07-18] (Acronis)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [55358992 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\...\MountPoints2: {324767e8-5939-11e5-809a-001ec906d9cd} - F:\autorun.exe
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2013-08-07] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2015-03-07]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-09-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F758E1DC-BEB0-49C1-B161-E3C6C67884E9}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3580019343-3483864115-340766615-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130897563520020302&GUID=17992910-8611-4642-A6B3-8F3BCDC580A5
SearchScopes: HKU\S-1-5-21-3580019343-3483864115-340766615-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3580019343-3483864115-340766615-1000: SkypePlugin -> C:\Users\bivoj\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Skype Technologies S.A.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR Profile: C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-21]
CHR Extension: (Shop and Save Up) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-10-21]
CHR Extension: (SavePass 1.1) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-10-21]
CHR Extension: (Google Docs) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-21]
CHR Extension: (Google Drive) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Google Search) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-21]
CHR Extension: (Google Sheets) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-21]
CHR Extension: (GoHD) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-21]
CHR Extension: (No Name) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-10-21]
CHR Extension: (Gmail) - C:\Users\bivoj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [777016 2013-07-18] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-09-30] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3873784 2015-07-29] (Acronis)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1971968 2015-10-09] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [919184 2015-05-01] (NVIDIA Corporation)
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1871784 2015-08-24] (Maxthon)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20698768 2015-05-01] (NVIDIA Corporation)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9735112 2013-08-21] (Acronis)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-07-28] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [205800 2015-07-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [145512 2015-07-30] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [131640 2015-07-30] (ESET)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2015-08-03] (LogMeIn, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 L6PODX3LV; C:\Windows\System32\Drivers\L6PODX3LV.sys [583808 2013-07-11] (Line 6)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-10-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [889888 2015-07-29] (Acronis International GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2015-07-29] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2015-07-29] (Acronis)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2015-07-29] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2015-07-29] (Acronis International GmbH)
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 22:49 - 2015-10-21 22:49 - 00000000 ____D C:\Users\bivoj\Desktop\FRST-OlderVersion
2015-10-21 14:23 - 2015-10-21 14:23 - 00000000 ____D C:\Users\bivoj\AppData\Local\ESET
2015-10-21 13:46 - 2015-10-21 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-10-21 13:46 - 2015-10-21 13:46 - 00000000 ____D C:\ProgramData\ESET
2015-10-21 13:46 - 2015-10-21 13:46 - 00000000 ____D C:\Program Files\ESET
2015-10-21 12:17 - 2015-10-21 12:17 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-21 12:17 - 2015-10-21 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-21 12:17 - 2015-10-21 12:17 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-21 12:17 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-21 12:17 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-21 12:17 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-21 12:13 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Local\4C4C4544-1445429586-4710-804C-C4C04F46334A
2015-10-21 12:09 - 2015-10-21 22:44 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-10-21 12:09 - 2015-10-21 12:18 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Malwarebytes
2015-10-21 11:46 - 2015-10-21 11:47 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\bivoj\Desktop\mbam-setup-1.75.0.1300.exe
2015-10-21 10:40 - 2015-10-21 10:40 - 00747335 _____ C:\Users\bivoj\Desktop\Pro_Terezku_-_D.m4a
2015-10-21 10:16 - 2015-10-21 10:16 - 00011831 _____ C:\Users\bivoj\Desktop\Addition.rar
2015-10-21 10:11 - 2015-10-21 10:15 - 00051707 _____ C:\Users\bivoj\Desktop\Addition.txt
2015-10-21 10:08 - 2015-10-21 22:50 - 00016399 _____ C:\Users\bivoj\Desktop\FRST.txt
2015-10-21 10:08 - 2015-10-21 22:49 - 00000000 ____D C:\FRST
2015-10-21 10:07 - 2015-10-21 22:49 - 01700352 _____ (Farbar) C:\Users\bivoj\Desktop\FRST.exe
2015-10-21 09:59 - 2015-10-21 10:00 - 00000000 ____D C:\rsit
2015-10-21 08:41 - 2015-10-21 22:44 - 00001022 _____ C:\Windows\Tasks\CtPyQlXYWdSFYQP0vOJQfZgrA.job
2015-10-21 08:40 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\ee3e1acd-5375-404d-88a8-9dd542a1f625
2015-10-21 08:38 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV20.10
2015-10-21 08:37 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\FWdsManProF
2015-10-21 08:05 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\1WdsManPro1
2015-10-20 17:34 - 2015-10-21 13:18 - 00000000 ____D C:\Program Files\SFK
2015-10-20 17:33 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\mystartsearch
2015-10-20 16:59 - 2015-10-20 16:59 - 00160464 _____ C:\Windows\Minidump\102015-27705-01.dmp
2015-10-20 16:48 - 2015-10-20 16:48 - 00089273 _____ C:\Users\bivoj\Downloads\This Will Destroy You - I Believe In Your Victory (Pro).gp5
2015-10-20 16:48 - 2015-10-20 16:48 - 00089273 _____ C:\Users\bivoj\Downloads\This Will Destroy You - I Believe In Your Victory (Pro) (1).gp5
2015-10-20 16:30 - 2015-10-20 16:30 - 00022138 _____ C:\Users\bivoj\Downloads\Stopovac2 (1).exe
2015-10-20 16:26 - 2015-10-20 16:26 - 00022138 _____ C:\Users\bivoj\Downloads\Stopovac2.exe
2015-10-20 16:26 - 2015-10-20 16:26 - 00000000 ____D C:\Users\bivoj\Downloads\Stopovač úhozů v.03new-cz
2015-10-20 15:52 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\Monarch Find
2015-10-20 15:52 - 2015-10-21 12:12 - 00000000 ____D C:\Program Files\Common Files\6b8a269e-46ff-4899-a3e6-0e20ae670c9b
2015-10-20 15:52 - 2015-10-21 12:11 - 00000000 ____D C:\ProgramData\6b8a269e-46ff-4899-a3e6-0e20ae670c9b
2015-10-20 09:46 - 2015-10-21 22:44 - 00000952 _____ C:\Windows\setupact.log
2015-10-20 09:46 - 2015-10-21 13:23 - 00015708 _____ C:\Windows\PFRO.log
2015-10-20 09:46 - 2015-10-20 09:46 - 00000000 _____ C:\Windows\setuperr.log
2015-10-20 09:20 - 2015-10-21 12:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-20 09:19 - 2015-10-20 09:19 - 00003172 _____ C:\Users\bivoj\Documents\cc_20151020_091948.reg
2015-10-20 00:09 - 2015-10-20 00:09 - 00001168 _____ C:\Users\Public\Desktop\GOM Player.lnk
2015-10-19 23:24 - 2015-10-21 22:44 - 00000992 _____ C:\Windows\Tasks\vwtK8Dk7Gf.job
2015-10-19 23:23 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\68823e93-40b0-4386-9844-36ce005c2205
2015-10-19 23:21 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV19.10
2015-10-19 21:43 - 2015-10-19 21:44 - 06841165 _____ C:\Users\bivoj\Desktop\PrancerGents---Riding-Thunder---Grant-Stinnet-and-Spencer-fbdown.net.mp4
2015-10-19 21:21 - 2015-10-19 21:21 - 00007277 _____ C:\Users\bivoj\Downloads\Stu Hamm - Terminal Beach (Pro).gp3
2015-10-19 20:25 - 2015-10-19 20:25 - 00034788 _____ C:\Users\bivoj\Desktop\The Contortionist - Primordial Sound (Pro).gp4
2015-10-19 10:51 - 2015-10-19 10:51 - 00005220 _____ C:\Users\bivoj\Documents\cc_20151019_105114.reg
2015-10-19 10:22 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\gWdsManProg
2015-10-18 21:39 - 2015-10-18 21:40 - 147936672 _____ C:\Users\bivoj\Desktop\WP_20151018_05_55_21_Pro.mp4
2015-10-18 20:44 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\ExtTags
2015-10-18 20:44 - 2015-10-20 15:52 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\OpenCandy
2015-10-18 20:43 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\ExtTag
2015-10-17 13:19 - 2015-10-17 13:22 - 332839210 _____ C:\Users\bivoj\Desktop\WP_20151016_18_47_15_Pro.mp4
2015-10-17 13:05 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\7WdsManPro7
2015-10-17 12:55 - 2015-10-17 13:13 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-10-17 12:55 - 2015-10-17 13:13 - 00000000 ____D C:\Program Files\STOPzilla!
2015-10-17 12:36 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\OWdsManProO
2015-10-17 10:36 - 2015-10-17 10:36 - 00002166 _____ C:\Users\bivoj\Documents\cc_20151017_103636.reg
2015-10-17 10:24 - 2015-10-17 10:25 - 00806374 _____ C:\Users\bivoj\Documents\cc_20151017_102438.reg
2015-10-17 10:12 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\78aee5d5-c20f-4089-a8c4-0b05c9957c62
2015-10-17 10:08 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\XWdsManProX
2015-10-17 03:00 - 2015-10-17 03:00 - 00000000 ____D C:\Windows\system32\Flash
2015-10-17 02:58 - 2015-10-17 02:58 - 00000000 __SHD C:\Users\bivoj\AppData\Roaming\AnyProtectEx
2015-10-17 02:19 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\DWdsManProD
2015-10-17 02:06 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\7405fc5f-f116-4083-a5c6-aade95b87c0b
2015-10-17 02:05 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\Shop and Save Up
2015-10-17 02:03 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\254f4da9-9213-4926-86e1-e4badf66064f
2015-10-17 02:01 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\GoHD
2015-10-17 02:01 - 2015-10-17 02:01 - 00000000 ____D C:\Users\bivoj\AppData\Local\Systweak
2015-10-17 02:00 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\cd6db29d-2556-428e-b609-55f5935be1a3
2015-10-17 02:00 - 2015-10-17 10:13 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\systweak
2015-10-17 01:58 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\lWdsManProl
2015-10-17 01:58 - 2015-10-17 01:58 - 00000000 ____D C:\Users\bivoj\AppData\Local\MyBrowser
2015-10-17 01:55 - 2015-10-21 13:19 - 00000000 ____D C:\ProgramData\ZWdsManProZ
2015-10-17 01:55 - 2015-10-21 08:37 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-17 01:54 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\Concom
2015-10-17 01:53 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\31e07d21-da69-4567-917c-31b74f9416a3
2015-10-17 01:51 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\SavePass 1.1
2015-10-17 01:50 - 2015-10-17 01:59 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Opera Software
2015-10-17 01:50 - 2015-10-17 01:59 - 00000000 ____D C:\Users\bivoj\AppData\Local\Opera Software
2015-10-17 01:48 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Local\4C4C4544-1445046489-4710-804C-C4C04F46334A
2015-10-17 01:47 - 2015-10-17 01:59 - 00000000 ____D C:\Program Files\Opera
2015-10-17 01:46 - 2015-07-29 11:07 - 00000877 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-17 01:45 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\VOPackage
2015-10-17 01:45 - 2015-10-21 13:19 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-10-17 01:45 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\4C4C4544-1445039126-4710-804C-C4C04F46334A
2015-10-17 01:44 - 2015-10-17 01:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\DivX
2015-10-17 01:41 - 2015-10-21 13:15 - 00000000 ____D C:\Program Files\0111d02a-5a14-462a-b8fa-dd08a90623d4
2015-10-17 01:41 - 2015-10-21 13:01 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-10-17 01:41 - 2015-10-17 01:41 - 00000000 ____D C:\Users\bivoj\AppData\Local\globalUpdate
2015-10-17 01:41 - 2015-10-17 01:41 - 00000000 ____D C:\Program Files\globalUpdate
2015-10-17 01:40 - 2015-10-21 13:19 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV16.10
2015-10-17 01:39 - 2015-10-17 02:03 - 00000000 ____D C:\Program Files\DivX
2015-10-17 01:38 - 2015-10-17 01:38 - 00000000 __RSH C:\MSDOS.SYS
2015-10-17 01:38 - 2015-10-17 01:38 - 00000000 __RSH C:\IO.SYS
2015-10-17 01:37 - 2015-10-17 02:03 - 00000000 ____D C:\ProgramData\DivX
2015-10-17 01:37 - 2015-10-17 01:38 - 01850112 _____ C:\Windows\chromebrowser.exe
2015-10-16 12:10 - 2015-10-16 12:10 - 56396488 _____ C:\Users\bivoj\Desktop\kuratko_animace01.psd
2015-10-16 11:27 - 2015-10-16 11:27 - 02227961 _____ C:\Users\bivoj\Desktop\kuratko_zaklad.psd
2015-10-15 09:40 - 2015-09-18 19:47 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 09:40 - 2015-09-18 19:44 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 09:40 - 2015-09-18 19:44 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 09:40 - 2015-09-18 19:35 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 10:50 - 2015-10-21 10:41 - 00000000 ____D C:\Users\bivoj\Desktop\Nevoa - The Absence Of Void (2015)
2015-10-14 09:33 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-14 09:33 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 09:33 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 09:33 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 09:32 - 2015-09-29 05:02 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 09:32 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 09:32 - 2015-09-29 04:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 09:32 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 09:32 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 09:32 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 09:32 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 09:32 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 09:32 - 2015-09-29 03:43 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 09:32 - 2015-09-29 03:43 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 09:32 - 2015-09-29 03:43 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 09:32 - 2015-09-25 19:59 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 09:32 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 09:32 - 2015-09-25 19:58 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 09:32 - 2015-09-25 19:58 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 09:32 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 09:32 - 2015-09-25 19:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 09:32 - 2015-09-15 19:42 - 00139096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 09:32 - 2015-09-15 19:42 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 09:32 - 2015-09-15 19:36 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 09:32 - 2015-09-15 19:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 09:32 - 2015-09-15 19:35 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 09:32 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 09:32 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 09:31 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 09:31 - 2015-10-01 19:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 09:31 - 2015-10-01 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 09:31 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 09:31 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 09:31 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 09:31 - 2015-09-16 05:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 09:31 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 09:31 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 09:31 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 09:31 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 09:31 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 09:31 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 09:31 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 09:31 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 09:31 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 09:31 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 09:31 - 2015-09-16 05:23 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 09:31 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 09:31 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 09:31 - 2015-09-16 05:18 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 09:31 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 09:31 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 09:31 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 09:31 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 09:31 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 09:31 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 09:31 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 09:31 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 09:31 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 09:31 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 09:31 - 2015-09-16 04:56 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 09:31 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 09:31 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 09:31 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 09:31 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 09:31 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 18:15 - 2015-10-19 22:32 - 00006943 _____ C:\Users\bivoj\Desktop\prayforplagues.RPP
2015-10-13 18:15 - 2015-10-13 19:01 - 00005809 _____ C:\Users\bivoj\Desktop\prayforplagues.RPP-bak
2015-10-13 11:54 - 2015-10-13 11:54 - 05375897 _____ C:\Users\bivoj\Desktop\Walking-Bass-Lines-2-Lesson-Material.zip
2015-10-13 11:54 - 2015-10-13 11:54 - 00000000 ____D C:\Users\bivoj\Desktop\Walking-Bass-Lines-2-Lesson-Material
2015-10-12 00:00 - 2015-10-12 00:01 - 127223225 _____ C:\Users\bivoj\Desktop\kuratko02.mp4
2015-10-11 23:57 - 2015-10-11 23:58 - 100045807 _____ C:\Users\bivoj\Desktop\kuratko.mp4
2015-10-09 15:26 - 2015-10-09 15:26 - 00000000 ____D C:\ProgramData\Adobe
2015-10-07 13:46 - 2015-10-07 13:46 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\TC-Helicon
2015-10-07 01:01 - 2015-10-07 01:01 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Steam
2015-10-06 19:06 - 2015-10-06 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Awesomenauts
2015-10-06 11:39 - 2015-10-01 23:57 - 33696812 _____ C:\Users\bivoj\Desktop\39.wav
2015-10-02 17:26 - 2015-10-09 12:38 - 00000000 ____D C:\Users\bivoj\AppData\Local\Adobe
2015-10-02 17:15 - 2015-10-09 14:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Adobe
2015-10-02 07:41 - 2015-10-02 07:41 - 00000000 ____D C:\Program Files\MSXML 4.0
2015-10-01 12:29 - 2015-10-01 12:29 - 00001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS4.lnk
2015-10-01 12:17 - 2015-10-09 10:48 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
2015-10-01 12:15 - 2015-10-09 10:46 - 00000843 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2015-10-01 12:14 - 2015-10-09 10:45 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
2015-10-01 12:13 - 2015-10-09 10:44 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk
2015-10-01 12:11 - 2015-10-09 10:42 - 00000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2015-10-01 12:08 - 2015-10-09 10:39 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2015-10-01 12:08 - 2015-10-09 10:39 - 00000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2015-10-01 12:05 - 2015-10-01 12:05 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2015-10-01 11:44 - 2015-10-01 11:48 - 00000000 ____D C:\AdobeTemp
2015-10-01 10:00 - 2015-10-01 10:47 - 00000000 ____D C:\ProgramData\FLEXnet
2015-10-01 09:26 - 2015-10-01 09:26 - 00000000 ____D C:\Program Files\Adobe Media Player
2015-10-01 09:23 - 2015-10-01 09:23 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2015-09-30 16:16 - 2015-09-30 16:16 - 00000132 _____ C:\Users\bivoj\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2015-09-30 13:30 - 2015-09-30 18:31 - 00001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2015-09-30 13:29 - 2015-09-30 13:29 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2015-09-30 13:28 - 2015-10-01 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-09-30 13:28 - 2015-09-30 13:28 - 00002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2015-09-30 13:28 - 2015-09-30 13:28 - 00000000 ____D C:\Program Files\Common Files\Adobe Systems Shared
2015-09-30 13:27 - 2015-10-02 17:17 - 00001716 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
2015-09-30 13:23 - 2015-10-02 17:16 - 00053248 ____N C:\Windows\system32\pxhpinst.exe
2015-09-30 13:23 - 2015-09-30 13:18 - 00417792 ____N (Sonic Solutions) C:\Windows\system32\pxdrv.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00372736 ____N (Sonic Solutions) C:\Windows\system32\px.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00339968 ____N (Sonic Solutions) C:\Windows\system32\pxwave.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00172032 ____N (Sonic Solutions) C:\Windows\system32\pxmas.dll
2015-09-30 13:23 - 2015-09-30 13:18 - 00028672 ____N (Sonic Solutions) C:\Windows\system32\vxblock.dll
2015-09-30 13:22 - 2015-09-30 13:22 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4r.dll
2015-09-29 13:49 - 2015-09-29 13:49 - 00000022 _____ C:\Users\bivoj\Documents\tempFolderPath.dat
2015-09-29 13:47 - 2015-10-18 20:44 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Mozilla
2015-09-29 09:59 - 2015-09-29 09:59 - 00000000 ____D C:\Users\bivoj\Documents\NewBlueFX
2015-09-29 09:57 - 2015-10-01 10:01 - 00000000 ____D C:\Users\bivoj\Documents\Adobe
2015-09-28 17:44 - 2015-09-28 17:44 - 00002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 11.lnk
2015-09-28 17:41 - 2015-09-28 17:42 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
2015-09-28 17:40 - 2015-10-01 12:16 - 00000000 ____D C:\Program Files\Adobe
2015-09-28 17:37 - 2015-10-16 12:14 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-09-21 22:20 - 2015-08-03 12:12 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-09-21 20:27 - 2015-09-21 20:31 - 00036720 _____ C:\Users\bivoj\Documents\cc_20150921_202748.reg
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-21 22:47 - 2015-03-08 16:04 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Skype
2015-10-21 22:45 - 2015-03-07 17:51 - 01527244 _____ C:\Windows\WindowsUpdate.log
2015-10-21 22:44 - 2015-08-30 16:45 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e33283baf983.job
2015-10-21 22:43 - 2015-03-07 19:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-21 22:43 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 15:56 - 2015-08-30 16:45 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e33284aa3f04.job
2015-10-21 13:54 - 2015-06-30 12:48 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\uTorrent
2015-10-21 13:32 - 2009-07-14 06:34 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 13:32 - 2009-07-14 06:34 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-21 13:30 - 2015-03-08 11:53 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-21 13:15 - 2015-07-29 11:02 - 00000000 ____D C:\Program Files\Acronis
2015-10-21 10:50 - 2015-08-03 14:54 - 00000000 ____D C:\Users\bivoj\Downloads\Steinberg.Cubase.v5.1.DVDR-AiRISO With Cubase v5.12 AIR-UPDATE
2015-10-21 10:00 - 2015-05-03 10:20 - 00000000 ____D C:\Program Files\trend micro
2015-10-21 08:51 - 2015-04-26 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-20 16:59 - 2015-08-24 22:31 - 00000000 ____D C:\Windows\Minidump
2015-10-20 14:41 - 2015-08-03 19:14 - 01307648 ___SH C:\Users\bivoj\Desktop\Thumbs.db
2015-10-20 00:09 - 2015-06-30 13:09 - 00001192 _____ C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-10-19 22:31 - 2015-07-01 22:31 - 00000000 ____D C:\Users\bivoj\Documents\REAPER Media
2015-10-19 10:42 - 2015-03-07 18:00 - 00001413 _____ C:\Users\bivoj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-19 09:53 - 2015-03-07 23:45 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-19 09:53 - 2015-03-07 23:45 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-17 12:10 - 2015-08-11 21:45 - 00000000 ____D C:\Windows\system32\appmgmt
2015-10-17 10:22 - 2015-07-28 18:34 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\DAEMON Tools Lite
2015-10-16 02:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-10-16 01:21 - 2015-08-18 14:53 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\TS3Client
2015-10-15 10:18 - 2015-03-08 16:04 - 00000000 ___RD C:\Program Files\Skype
2015-10-14 11:23 - 2015-03-08 00:11 - 00000000 ____D C:\Windows\system32\MRT
2015-10-11 20:44 - 2015-04-04 23:23 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 15:24 - 2009-07-14 06:33 - 02199656 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-09 11:03 - 2015-03-07 18:03 - 00060288 _____ C:\Users\bivoj\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 13:09 - 2015-08-10 16:25 - 00000000 ____D C:\Users\bivoj\AppData\Roaming\Audacity
2015-10-06 00:28 - 2010-11-20 23:01 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-02 17:26 - 2015-03-08 16:04 - 00000000 ____D C:\ProgramData\Skype
2015-10-02 12:10 - 2015-03-08 00:11 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-01 12:35 - 2015-08-22 12:51 - 00000132 _____ C:\Users\bivoj\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-10-01 11:20 - 2015-03-07 17:59 - 00000000 ____D C:\Users\bivoj
2015-09-30 16:49 - 2015-03-08 15:45 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieUserList
2015-09-30 16:49 - 2015-03-08 15:45 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieBrowserModeList
2015-09-30 16:49 - 2015-03-08 15:44 - 00000000 __SHD C:\Users\bivoj\AppData\LocalLow\EmieSiteList
2015-09-29 11:49 - 2015-03-08 15:51 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-09-29 11:49 - 2015-03-08 15:51 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-09-21 12:02 - 2015-09-20 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team17
2015-09-21 12:02 - 2015-03-07 18:17 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-09-21 12:02 - 2015-03-07 18:17 - 00000000 ____D C:\Program Files\Common Files\InstallShield
==================== Files in the root of some directories =======
2015-09-30 16:16 - 2015-09-30 16:16 - 0000132 _____ () C:\Users\bivoj\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2015-08-22 12:51 - 2015-10-01 12:35 - 0000132 _____ () C:\Users\bivoj\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\CtPyQlXYWdSFYQP0vOJQfZgrA
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\I548nfUP
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\KHSalJu0SU5
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\bivoj\AppData\Roaming\vwtK8Dk7Gf
2015-10-17 01:55 - 2015-10-21 08:37 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\bivoj\AppData\Local\Temp\ExPromo.exe
C:\Users\bivoj\AppData\Local\Temp\nsdDE67.exe
C:\Users\bivoj\AppData\Local\Temp\nskCF48.exe
C:\Users\bivoj\AppData\Local\Temp\RSIT.exe
C:\Users\bivoj\AppData\Local\Temp\Uninstall.exe
C:\Users\bivoj\AppData\Local\Temp\{3DB11756-C5A0-4A70-87C8-6491C5D3A563}.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-11 21:05
==================== End of FRST.txt ============================
Re: Problém s ntb, adware
vypada to fajn
docisti PC s CCleanerom - registre aj subory
a napis ci su este nejake problemy
docisti PC s CCleanerom - registre aj subory
a napis ci su este nejake problemy
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Problém s ntb, adware
Všechno sem pročistil a pc zase hezky šlape. Moc děkuju a mějte se krásně!
Re: Problém s ntb, adware
za malo a ahoooj
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?