VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Odstranění virů

https://forum.viry.cz:443/viewtopic.php?t=146895

Stránka 1 z 1

Odstranění virů

Napsal: 17 lis 2015 23:13
od Stallone
Dobrý den. Moc prosím o pomoc s odstraněním několika virů v notebooku. Zatím se problémy projevují vyskakováním nevyžádaných oken. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-11-2015
Ran by Sly (administrator) on IRENECKA (17-11-2015 23:05:11)
Running from C:\Users\Sly\Downloads
Loaded Profiles: Sly (Available Profiles: Sly)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Sly\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688472 2013-07-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-17] (AVAST Software)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1473081906-491419597-656506198-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-1473081906-491419597-656506198-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-17] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{47E414DE-CB1B-47AB-B81A-2724249DCAF6}: [DhcpNameServer] 212.80.70.2 212.80.66.7
Tcpip\..\Interfaces\{BCA48043-CC7C-45DB-83D6-9CFBE59FD0DC}: [NameServer] 109.70.0.1,195.129.12.83

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1473081906-491419597-656506198-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-1473081906-491419597-656506198-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-17] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-17] (AVAST Software)
Toolbar: HKU\S-1-5-21-1473081906-491419597-656506198-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-10-12] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-17]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-17]

Chrome:
=======
CHR Profile: C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-17]
CHR Extension: (Dokumenty Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-17]
CHR Extension: (Disk Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (YouTube) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]
CHR Extension: (Avast SafePrice) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-17]
CHR Extension: (Tabulky Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-17]
CHR Extension: (Gmail) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-31] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-17] (AVAST Software)
S2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-06] (Advanced Micro Devices, INC.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-17] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-17] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-17 23:05 - 2015-11-17 23:06 - 00015005 _____ C:\Users\Sly\Downloads\FRST.txt
2015-11-17 23:04 - 2015-11-17 23:05 - 00000000 ____D C:\FRST
2015-11-17 23:04 - 2015-11-17 23:04 - 02008576 _____ (Farbar) C:\Users\Sly\Downloads\FRST64 (1).exe
2015-11-17 22:59 - 2015-11-17 22:59 - 02008576 _____ (Farbar) C:\Users\Sly\Downloads\FRST64.exe
2015-11-17 21:57 - 2015-11-17 21:57 - 00002286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-17 21:57 - 2015-11-17 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-17 19:43 - 2015-11-17 21:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-17 19:42 - 2015-11-17 20:21 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-17 19:42 - 2015-11-17 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-17 19:42 - 2015-11-17 19:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-17 19:42 - 2015-11-17 19:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-17 19:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-17 19:42 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-17 19:42 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-17 19:40 - 2015-11-17 19:41 - 21545336 _____ (Malwarebytes Corporation ) C:\Users\Sly\Downloads\mbam-setup-sem-2.1.6.1022.exe
2015-11-17 19:27 - 2015-11-17 19:29 - 156146200 _____ (CURIOLAB S.M.B.A.) C:\Users\Sly\Downloads\ExterminateItSetup.exe
2015-11-17 15:48 - 2015-11-17 15:48 - 00337800 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-17 15:47 - 2015-11-17 15:47 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-17 15:47 - 2015-11-17 15:47 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-17 13:44 - 2015-11-17 22:41 - 00001020 _____ C:\Windows\Tasks\u8SpGsnwKSsz2okQJgm.job
2015-11-17 13:44 - 2015-11-17 13:44 - 00004022 _____ C:\Windows\System32\Tasks\u8SpGsnwKSsz2okQJgm
2015-11-17 13:43 - 2015-11-17 13:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-17 13:28 - 2015-11-17 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne Demo
2015-11-17 12:42 - 2015-11-17 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MafiaDemo
2015-11-17 12:42 - 2015-11-17 12:42 - 00003130 _____ C:\Windows\System32\Tasks\{C95D953D-AB71-4019-A539-00C8D35CBE3B}
2015-11-17 12:42 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-11-17 12:38 - 2015-11-17 15:54 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-11-17 12:37 - 2015-11-17 15:55 - 00000000 ____D C:\Users\Sly\AppData\Roaming\Seznam.cz
2015-11-17 12:07 - 2015-11-17 12:09 - 00000000 ____D C:\Users\Sly\Desktop\main
2015-11-17 12:07 - 1998-08-27 15:40 - 00155648 _____ (3Dfx Interactive, Inc.) C:\Users\Sly\Desktop\3dfxgl.dll
2015-11-17 04:42 - 2015-11-17 06:24 - 1722152586 _____ C:\Users\Sly\Downloads\The.Walking.Dead.S06E06.-HD-720p.---CZ-titulky-by-HanzeST.avi
2015-11-16 08:27 - 2015-11-16 08:55 - 00000000 ____D C:\Users\Sly\Documents\FIFA 12
2015-11-16 08:24 - 2015-11-16 08:25 - 00000000 ____D C:\Users\Sly\AppData\Roaming\WildTangent
2015-11-16 08:12 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00069448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-16 08:12 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-16 08:12 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-16 08:12 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-16 08:12 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-16 08:12 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-16 08:12 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-16 08:12 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-16 08:12 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-16 08:12 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-16 08:12 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-16 08:12 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-16 08:12 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-16 08:12 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-16 08:12 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-16 08:12 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-16 08:11 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-16 08:11 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-16 08:11 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-16 08:11 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-16 08:11 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-16 08:11 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-16 08:11 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-16 08:11 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-16 08:11 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-16 08:11 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-16 08:11 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-16 08:11 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-16 08:11 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-16 08:11 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-16 08:11 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-16 08:11 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-16 08:11 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-16 08:11 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-16 08:11 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-16 08:11 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-16 08:11 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-16 08:11 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-16 08:11 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-16 08:11 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-16 08:11 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-16 08:11 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-16 08:11 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-16 08:11 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-16 08:11 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-16 08:11 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-16 08:11 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-16 08:11 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-16 08:11 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-16 08:11 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-16 08:11 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-16 08:11 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-16 08:11 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-16 08:11 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-16 08:11 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-16 08:11 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-16 08:11 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-16 08:11 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-16 08:11 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-16 08:11 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-16 08:11 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-16 08:11 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-16 08:11 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-16 08:11 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-16 08:11 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-11-16 08:11 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-11-16 08:11 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-11-16 08:11 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-11-16 08:11 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-11-16 08:11 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-11-16 08:11 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-11-16 08:11 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-11-16 08:11 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-11-16 08:11 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-11-16 08:11 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-11-16 08:11 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-11-16 08:11 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-11-16 08:11 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-11-16 08:11 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-11-16 08:11 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-11-16 08:11 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-11-16 08:11 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-11-16 08:11 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-11-16 08:11 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-11-16 08:11 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-11-16 08:11 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-11-16 08:11 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-11-16 08:11 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-11-15 05:47 - 2015-11-15 05:47 - 00000000 ____D C:\Program Files (x86)\directx
2015-11-15 05:22 - 2015-11-17 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tennis Elbow 2013
2015-11-15 05:22 - 2015-11-15 05:29 - 00000000 ____D C:\Program Files (x86)\Tennis Elbow 2013
2015-11-15 05:22 - 2002-10-06 19:42 - 00237568 _____ () C:\Windows\SysWOW64\OggDS.dll
2015-11-15 05:22 - 2002-10-05 00:04 - 00921600 _____ C:\Windows\SysWOW64\vorbisenc.dll
2015-11-15 05:22 - 2002-10-05 00:04 - 00188416 _____ C:\Windows\SysWOW64\vorbis.dll
2015-11-15 05:22 - 2002-10-05 00:04 - 00045056 _____ C:\Windows\SysWOW64\ogg.dll
2015-11-14 18:43 - 2015-11-14 21:47 - 3313097012 _____ C:\Users\Sly\Downloads\Pahorek-Hill,1965.avi
2015-11-12 08:58 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-12 08:58 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-12 08:58 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-12 08:58 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-12 08:58 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-12 08:58 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-12 08:58 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-11 18:52 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 18:52 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 18:52 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 18:52 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 18:52 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 18:52 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 18:52 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 18:52 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 18:52 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 18:52 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 18:52 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 18:52 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 18:52 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 18:52 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 18:52 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 18:52 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 18:52 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 18:52 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 18:52 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 18:52 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 18:52 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 18:52 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 18:52 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 18:52 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 18:52 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 18:52 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 18:52 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 18:52 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 18:52 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 18:52 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 18:52 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 18:52 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 18:51 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 18:51 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 18:51 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 18:51 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 18:51 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 18:51 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 18:51 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 18:51 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 18:51 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 18:51 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 18:51 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 18:51 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 18:51 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 18:51 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 18:51 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 18:51 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 18:51 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 18:51 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 18:51 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 18:51 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 18:51 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 18:51 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 18:51 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 18:51 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 18:51 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 18:51 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 18:51 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 18:51 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 18:51 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 18:51 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 18:51 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 18:51 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 18:51 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 18:51 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-03 16:54 - 2015-11-03 16:54 - 00000000 ____D C:\Users\Sly\restore
2015-11-03 16:50 - 2015-11-03 17:04 - 00000000 ____D C:\ProgramData\tmp
2015-11-03 16:50 - 2015-11-03 16:54 - 00000000 ____D C:\ProgramData\hps
2015-11-03 16:43 - 2015-11-03 23:10 - 00000000 ____D C:\Program Files\dm
2015-11-02 08:16 - 2015-07-05 11:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-31 11:33 - 2015-11-01 12:40 - 00000000 ____D C:\Users\Sly\Documents\Rašínovi 2015-28.10
2015-10-30 22:25 - 2015-10-30 23:34 - 1240087410 _____ C:\Users\Sly\Downloads\Kde-je-Fred-(2006)-(CZ)-(Komedie,-Romantický,-Sportovní)-66%.avi
2015-10-18 20:03 - 2015-10-18 20:03 - 00000000 ____D C:\ProgramData\GRETECH
2015-10-18 20:02 - 2015-11-17 20:21 - 00001206 _____ C:\Users\Public\Desktop\GOM Player.lnk
2015-10-18 20:02 - 2015-11-17 20:20 - 00001236 _____ C:\Users\Sly\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-10-18 20:02 - 2015-10-18 20:02 - 00000000 ____D C:\Users\Sly\AppData\Roaming\GRETECH
2015-10-18 20:02 - 2015-10-18 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
2015-10-18 20:00 - 2015-10-18 20:01 - 21766384 _____ (Gretech Corporation) C:\Users\Sly\Downloads\GOMPLAYERENSETUP (1).EXE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-17 23:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-17 22:47 - 2015-02-17 05:09 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-17 22:02 - 2015-02-17 03:28 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1473081906-491419597-656506198-1001
2015-11-17 21:57 - 2015-02-17 05:09 - 00000000 ____D C:\Users\Sly\AppData\Local\Google
2015-11-17 21:56 - 2015-02-17 05:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-17 21:52 - 2015-07-12 13:01 - 00000000 ____D C:\Users\Sly\AppData\Roaming\Opera Software
2015-11-17 21:52 - 2015-07-12 13:01 - 00000000 ____D C:\Users\Sly\AppData\Local\Opera Software
2015-11-17 21:52 - 2015-07-12 12:59 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-17 20:31 - 2014-01-18 07:36 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-11-17 20:24 - 2015-02-17 05:09 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-17 20:24 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-17 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\IME
2015-11-17 20:21 - 2015-09-22 18:11 - 00000883 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-17 20:21 - 2015-02-17 05:13 - 00002029 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-17 20:21 - 2014-01-18 08:20 - 00002048 _____ C:\Users\Public\Desktop\Additional Information.lnk
2015-11-17 20:21 - 2014-01-18 08:20 - 00002037 _____ C:\Users\Public\Desktop\Manual.lnk
2015-11-17 20:21 - 2014-01-18 08:19 - 00000406 _____ C:\Users\Public\Desktop\TOSHIBA Services.lnk
2015-11-17 20:21 - 2014-01-18 08:10 - 00002615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2015-11-17 20:21 - 2014-01-18 08:10 - 00002609 _____ C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2015-11-17 20:21 - 2014-01-18 08:00 - 00002087 _____ C:\Users\Public\Desktop\eBay.lnk
2015-11-17 20:21 - 2013-11-29 00:02 - 00001985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-17 20:20 - 2015-02-17 03:22 - 00001433 _____ C:\Users\Sly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-17 20:19 - 2015-06-08 23:40 - 00001058 _____ C:\Users\Sly\Desktop\KMPlayer.lnk
2015-11-17 20:19 - 2014-01-18 07:48 - 00000000 ____D C:\Program Files (x86)\AmIcoSingLun
2015-11-17 18:30 - 2015-02-17 03:38 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8521745F-E5D4-427D-8B29-8B843DD601F4}
2015-11-17 15:47 - 2015-02-17 05:12 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-17 15:47 - 2015-02-17 05:09 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-17 15:46 - 2015-02-17 05:09 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-17 13:28 - 2013-11-28 23:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-17 12:42 - 2015-02-17 03:22 - 00000000 ____D C:\Users\Sly\AppData\Local\VirtualStore
2015-11-16 08:25 - 2014-01-18 08:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-16 08:25 - 2014-01-18 08:10 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-11-16 08:25 - 2014-01-18 08:09 - 00000000 ____D C:\ProgramData\WildTangent
2015-11-15 05:52 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-15 05:29 - 2015-08-07 16:50 - 00000000 ____D C:\Program Files (x86)\Czech Soccer Manager
2015-11-14 09:43 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-13 07:18 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-12 10:28 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-12 09:09 - 2015-02-20 09:08 - 00000000 ____D C:\Windows\system32\MRT
2015-11-12 09:03 - 2015-02-20 09:08 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 18:30 - 2013-11-28 23:07 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-11 18:30 - 2013-08-28 15:02 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-11-11 18:30 - 2013-08-28 15:02 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-11-07 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-03 16:54 - 2015-02-17 03:21 - 00000000 ____D C:\Users\Sly
2015-11-03 01:23 - 2015-04-16 19:42 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-04-16 19:42 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-31 20:53 - 2015-06-09 14:08 - 00000000 ____D C:\Users\Sly\Downloads\Živí mrtví
2015-10-29 16:32 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-10-24 07:08 - 2015-07-21 01:11 - 00000000 ____D C:\Users\Sly\Downloads\Viděl
2015-10-18 20:02 - 2015-07-12 12:59 - 00000000 ____D C:\Program Files (x86)\GRETECH

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-15 20:27

==================== End of FRST.txt ============================

Re: Odstranění virů

Napsal: 17 lis 2015 23:49
od altrok
Krasny den Vam preju :bye:


:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Re: Odstranění virů

Napsal: 18 lis 2015 00:19
od Stallone
# AdwCleaner v5.021 - Logfile created 18/11/2015 at 00:13:05
# Updated 14/11/2015 by Xplode
# Database : 2015-11-17.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Sly - IRENECKA
# Running from : C:\Users\Sly\Downloads\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\829d1f93-71a5-4522-8aba-58d0756b7541
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1353 bytes] ##########

Re: Odstranění virů

Napsal: 18 lis 2015 00:23
od altrok
:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: Odstranění virů

Napsal: 18 lis 2015 00:34
od Stallone
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-11-2015
Ran by Sly (administrator) on IRENECKA (18-11-2015 00:29:29)
Running from C:\Users\Sly\Downloads
Loaded Profiles: Sly (Available Profiles: Sly)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688472 2013-07-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-17] (AVAST Software)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1473081906-491419597-656506198-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-1473081906-491419597-656506198-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-17] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{47E414DE-CB1B-47AB-B81A-2724249DCAF6}: [DhcpNameServer] 212.80.70.2 212.80.66.7
Tcpip\..\Interfaces\{BCA48043-CC7C-45DB-83D6-9CFBE59FD0DC}: [NameServer] 109.70.0.1,195.129.12.83

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1473081906-491419597-656506198-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-1473081906-491419597-656506198-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-17] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-17] (AVAST Software)
Toolbar: HKU\S-1-5-21-1473081906-491419597-656506198-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-10-12] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-17]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-17]

Chrome:
=======
CHR Profile: C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-17]
CHR Extension: (Dokumenty Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-17]
CHR Extension: (Disk Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (YouTube) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]
CHR Extension: (Avast SafePrice) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-17]
CHR Extension: (Tabulky Google) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-17]
CHR Extension: (Gmail) - C:\Users\Sly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-31] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-17] (AVAST Software)
S2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-06] (Advanced Micro Devices, INC.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-17] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-18 00:28 - 2015-11-18 00:28 - 01378816 _____ (Farbar) C:\Users\Sly\Downloads\FRST.exe
2015-11-18 00:28 - 2015-11-18 00:28 - 01378816 _____ (Farbar) C:\Users\Sly\Downloads\FRST (1).exe
2015-11-18 00:25 - 2015-11-18 00:25 - 02008576 _____ (Farbar) C:\Users\Sly\Downloads\FRST64 (2).exe
2015-11-18 00:16 - 2015-11-18 00:27 - 00115367 _____ C:\Windows\WindowsUpdate.log
2015-11-18 00:14 - 2015-11-18 00:14 - 00337800 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-18 00:14 - 2015-11-18 00:14 - 00002572 _____ C:\Windows\PFRO.log
2015-11-18 00:14 - 2015-11-18 00:14 - 00000116 _____ C:\Windows\setupact.log
2015-11-18 00:14 - 2015-11-18 00:14 - 00000000 _____ C:\Windows\setuperr.log
2015-11-18 00:09 - 2015-11-18 00:09 - 01732096 _____ C:\Users\Sly\Downloads\AdwCleaner.exe
2015-11-17 23:53 - 2015-11-18 00:13 - 00000000 ____D C:\AdwCleaner
2015-11-17 23:51 - 2015-11-17 23:52 - 01732096 _____ C:\Users\Sly\Downloads\adwcleaner_5.021.exe
2015-11-17 23:15 - 2015-11-17 23:15 - 00052421 _____ C:\Users\Sly\Desktop\FRST..txt
2015-11-17 23:10 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Desktop\Addition..txt
2015-11-17 23:08 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Downloads\Addition.txt
2015-11-17 23:05 - 2015-11-18 00:29 - 00015193 _____ C:\Users\Sly\Downloads\FRST.txt
2015-11-17 23:04 - 2015-11-18 00:29 - 00000000 ____D C:\FRST
2015-11-17 23:04 - 2015-11-17 23:04 - 02008576 _____ (Farbar) C:\Users\Sly\Downloads\FRST64 (1).exe
2015-11-17 22:59 - 2015-11-17 22:59 - 02008576 _____ (Farbar) C:\Users\Sly\Downloads\FRST64.exe
2015-11-17 21:57 - 2015-11-17 21:57 - 00002286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-17 21:57 - 2015-11-17 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-17 19:43 - 2015-11-18 00:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-17 19:42 - 2015-11-17 20:21 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-17 19:42 - 2015-11-17 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-17 19:42 - 2015-11-17 19:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-17 19:42 - 2015-11-17 19:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-17 19:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-17 19:42 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-17 19:42 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-17 19:40 - 2015-11-17 19:41 - 21545336 _____ (Malwarebytes Corporation ) C:\Users\Sly\Downloads\mbam-setup-sem-2.1.6.1022.exe
2015-11-17 19:27 - 2015-11-17 19:29 - 156146200 _____ (CURIOLAB S.M.B.A.) C:\Users\Sly\Downloads\ExterminateItSetup.exe
2015-11-17 15:47 - 2015-11-17 15:47 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-17 15:47 - 2015-11-17 15:47 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-17 13:44 - 2015-11-18 00:15 - 00001020 _____ C:\Windows\Tasks\u8SpGsnwKSsz2okQJgm.job
2015-11-17 13:44 - 2015-11-17 13:44 - 00004022 _____ C:\Windows\System32\Tasks\u8SpGsnwKSsz2okQJgm
2015-11-17 13:43 - 2015-11-17 13:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-17 13:28 - 2015-11-17 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne Demo
2015-11-17 12:42 - 2015-11-17 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MafiaDemo
2015-11-17 12:42 - 2015-11-17 12:42 - 00003130 _____ C:\Windows\System32\Tasks\{C95D953D-AB71-4019-A539-00C8D35CBE3B}
2015-11-17 12:42 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-11-17 12:38 - 2015-11-17 15:54 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-11-17 12:37 - 2015-11-17 15:55 - 00000000 ____D C:\Users\Sly\AppData\Roaming\Seznam.cz
2015-11-17 12:07 - 2015-11-17 12:09 - 00000000 ____D C:\Users\Sly\Desktop\main
2015-11-17 12:07 - 1998-08-27 15:40 - 00155648 _____ (3Dfx Interactive, Inc.) C:\Users\Sly\Desktop\3dfxgl.dll
2015-11-17 04:42 - 2015-11-17 06:24 - 1722152586 _____ C:\Users\Sly\Downloads\The.Walking.Dead.S06E06.-HD-720p.---CZ-titulky-by-HanzeST.avi
2015-11-16 08:27 - 2015-11-16 08:55 - 00000000 ____D C:\Users\Sly\Documents\FIFA 12
2015-11-16 08:24 - 2015-11-16 08:25 - 00000000 ____D C:\Users\Sly\AppData\Roaming\WildTangent
2015-11-16 08:12 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00069448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-16 08:12 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-16 08:12 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-16 08:12 - 2008-10-15 07:03 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-16 08:12 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-16 08:12 - 2008-07-30 06:20 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-16 08:12 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-11-16 08:12 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-16 08:12 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-16 08:12 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-16 08:12 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-16 08:12 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-16 08:12 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-16 08:12 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-16 08:12 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-16 08:12 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-16 08:12 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-16 08:12 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-16 08:12 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-16 08:12 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-16 08:12 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-16 08:12 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-16 08:12 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-16 08:11 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-16 08:11 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-16 08:11 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-16 08:11 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-16 08:11 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-16 08:11 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-16 08:11 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-16 08:11 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-16 08:11 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-16 08:11 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-16 08:11 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-16 08:11 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-16 08:11 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-16 08:11 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-16 08:11 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-16 08:11 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-16 08:11 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-16 08:11 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-16 08:11 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-16 08:11 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-16 08:11 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-16 08:11 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-16 08:11 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-16 08:11 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-16 08:11 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-16 08:11 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-16 08:11 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-16 08:11 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-16 08:11 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-16 08:11 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-16 08:11 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-16 08:11 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-16 08:11 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-16 08:11 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-16 08:11 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-16 08:11 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-16 08:11 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-16 08:11 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-16 08:11 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-16 08:11 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-16 08:11 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-16 08:11 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-16 08:11 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-16 08:11 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-16 08:11 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-16 08:11 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-16 08:11 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-16 08:11 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-16 08:11 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-16 08:11 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-16 08:11 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-11-16 08:11 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-11-16 08:11 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-11-16 08:11 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-11-16 08:11 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-11-16 08:11 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-11-16 08:11 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-11-16 08:11 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-11-16 08:11 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-11-16 08:11 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-11-16 08:11 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-11-16 08:11 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-11-16 08:11 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-11-16 08:11 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-11-16 08:11 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-11-16 08:11 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-11-16 08:11 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-11-16 08:11 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-11-16 08:11 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-11-16 08:11 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-11-16 08:11 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-11-16 08:11 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-11-16 08:11 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-11-16 08:11 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-11-15 05:47 - 2015-11-15 05:47 - 00000000 ____D C:\Program Files (x86)\directx
2015-11-15 05:22 - 2015-11-17 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tennis Elbow 2013
2015-11-15 05:22 - 2015-11-15 05:29 - 00000000 ____D C:\Program Files (x86)\Tennis Elbow 2013
2015-11-15 05:22 - 2002-10-06 19:42 - 00237568 _____ () C:\Windows\SysWOW64\OggDS.dll
2015-11-15 05:22 - 2002-10-05 00:04 - 00921600 _____ C:\Windows\SysWOW64\vorbisenc.dll
2015-11-15 05:22 - 2002-10-05 00:04 - 00188416 _____ C:\Windows\SysWOW64\vorbis.dll
2015-11-15 05:22 - 2002-10-05 00:04 - 00045056 _____ C:\Windows\SysWOW64\ogg.dll
2015-11-14 18:43 - 2015-11-14 21:47 - 3313097012 _____ C:\Users\Sly\Downloads\Pahorek-Hill,1965.avi
2015-11-12 08:58 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-12 08:58 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-12 08:58 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-12 08:58 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-12 08:58 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-12 08:58 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-12 08:58 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-11 18:52 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 18:52 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 18:52 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 18:52 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 18:52 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 18:52 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 18:52 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 18:52 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 18:52 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 18:52 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 18:52 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 18:52 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 18:52 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 18:52 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 18:52 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 18:52 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 18:52 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 18:52 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 18:52 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 18:52 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 18:52 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 18:52 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 18:52 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 18:52 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 18:52 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 18:52 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 18:52 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 18:52 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 18:52 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 18:52 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 18:52 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 18:52 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 18:52 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 18:51 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 18:51 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 18:51 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 18:51 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 18:51 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 18:51 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 18:51 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 18:51 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 18:51 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 18:51 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 18:51 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 18:51 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 18:51 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 18:51 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 18:51 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 18:51 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 18:51 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 18:51 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 18:51 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 18:51 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 18:51 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 18:51 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 18:51 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 18:51 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 18:51 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 18:51 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 18:51 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 18:51 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 18:51 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 18:51 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 18:51 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 18:51 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 18:51 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 18:51 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-03 16:54 - 2015-11-03 16:54 - 00000000 ____D C:\Users\Sly\restore
2015-11-03 16:50 - 2015-11-03 17:04 - 00000000 ____D C:\ProgramData\tmp
2015-11-03 16:50 - 2015-11-03 16:54 - 00000000 ____D C:\ProgramData\hps
2015-11-03 16:43 - 2015-11-03 23:10 - 00000000 ____D C:\Program Files\dm
2015-11-02 08:16 - 2015-07-05 11:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-31 11:33 - 2015-11-01 12:40 - 00000000 ____D C:\Users\Sly\Documents\Rašínovi 2015-28.10
2015-10-30 22:25 - 2015-10-30 23:34 - 1240087410 _____ C:\Users\Sly\Downloads\Kde-je-Fred-(2006)-(CZ)-(Komedie,-Romantický,-Sportovní)-66%.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-18 00:15 - 2015-02-17 05:09 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-18 00:14 - 2015-02-17 05:12 - 00000000 ____D C:\Program Files\Google
2015-11-18 00:14 - 2015-02-17 05:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-18 00:14 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-18 00:02 - 2015-02-17 03:28 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1473081906-491419597-656506198-1001
2015-11-18 00:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-17 23:47 - 2015-02-17 05:09 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-17 21:57 - 2015-02-17 05:09 - 00000000 ____D C:\Users\Sly\AppData\Local\Google
2015-11-17 21:52 - 2015-07-12 13:01 - 00000000 ____D C:\Users\Sly\AppData\Roaming\Opera Software
2015-11-17 21:52 - 2015-07-12 13:01 - 00000000 ____D C:\Users\Sly\AppData\Local\Opera Software
2015-11-17 21:52 - 2015-07-12 12:59 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-17 20:31 - 2014-01-18 07:36 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-11-17 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\IME
2015-11-17 20:21 - 2015-10-18 20:02 - 00001206 _____ C:\Users\Public\Desktop\GOM Player.lnk
2015-11-17 20:21 - 2015-09-22 18:11 - 00000883 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-17 20:21 - 2015-02-17 05:13 - 00002029 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-17 20:21 - 2014-01-18 08:20 - 00002048 _____ C:\Users\Public\Desktop\Additional Information.lnk
2015-11-17 20:21 - 2014-01-18 08:20 - 00002037 _____ C:\Users\Public\Desktop\Manual.lnk
2015-11-17 20:21 - 2014-01-18 08:19 - 00000406 _____ C:\Users\Public\Desktop\TOSHIBA Services.lnk
2015-11-17 20:21 - 2014-01-18 08:10 - 00002615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2015-11-17 20:21 - 2014-01-18 08:10 - 00002609 _____ C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2015-11-17 20:21 - 2013-11-29 00:02 - 00001985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-17 20:20 - 2015-10-18 20:02 - 00001236 _____ C:\Users\Sly\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-11-17 20:20 - 2015-02-17 03:22 - 00001433 _____ C:\Users\Sly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-17 20:19 - 2015-06-08 23:40 - 00001058 _____ C:\Users\Sly\Desktop\KMPlayer.lnk
2015-11-17 20:19 - 2014-01-18 07:48 - 00000000 ____D C:\Program Files (x86)\AmIcoSingLun
2015-11-17 18:30 - 2015-02-17 03:38 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8521745F-E5D4-427D-8B29-8B843DD601F4}
2015-11-17 15:47 - 2015-02-17 05:12 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-17 15:47 - 2015-02-17 05:09 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-17 15:47 - 2015-02-17 05:09 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-17 15:46 - 2015-02-17 05:09 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-17 13:28 - 2013-11-28 23:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-17 12:42 - 2015-02-17 03:22 - 00000000 ____D C:\Users\Sly\AppData\Local\VirtualStore
2015-11-16 08:25 - 2014-01-18 08:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-16 08:25 - 2014-01-18 08:10 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-11-16 08:25 - 2014-01-18 08:09 - 00000000 ____D C:\ProgramData\WildTangent
2015-11-15 05:52 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-15 05:29 - 2015-08-07 16:50 - 00000000 ____D C:\Program Files (x86)\Czech Soccer Manager
2015-11-14 09:43 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-13 07:18 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-12 10:28 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-12 09:09 - 2015-02-20 09:08 - 00000000 ____D C:\Windows\system32\MRT
2015-11-12 09:03 - 2015-02-20 09:08 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 18:30 - 2013-11-28 23:07 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-11 18:30 - 2013-08-28 15:02 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-11-11 18:30 - 2013-08-28 15:02 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-11-07 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-03 16:54 - 2015-02-17 03:21 - 00000000 ____D C:\Users\Sly
2015-11-03 01:23 - 2015-04-16 19:42 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2015-04-16 19:42 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-31 20:53 - 2015-06-09 14:08 - 00000000 ____D C:\Users\Sly\Downloads\Živí mrtví
2015-10-29 16:32 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-10-24 07:08 - 2015-07-21 01:11 - 00000000 ____D C:\Users\Sly\Downloads\Viděl

Some files in TEMP:
====================
C:\Users\Sly\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-15 20:27

==================== End of FRST.txt ============================

Re: Odstranění virů

Napsal: 18 lis 2015 00:35
od Stallone
Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-11-2015
Ran by Sly (2015-11-18 00:32:23)
Running from C:\Users\Sly\Downloads
Windows 8.1 (X64) (2015-02-17 02:21:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1473081906-491419597-656506198-500 - Administrator - Disabled)
Guest (S-1-5-21-1473081906-491419597-656506198-501 - Limited - Disabled)
Sly (S-1-5-21-1473081906-491419597-656506198-1001 - Administrator - Enabled) => C:\Users\Sly

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.303.509 - Alps Electric)
AMD Catalyst Install Manager (HKLM\...\{5D42947B-E961-C0B5-5A70-EA0F753331EB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.71.5231 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Max Payne Demo (HKLM-x32\...\{A9109385-09FE-4469-8B6A-E4A09B6B2AD2}) (Version: - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

27-10-2015 21:37:10 Naplánovaný kontrolní bod
31-10-2015 11:27:29 avast! antivirus system restore point
12-11-2015 09:01:01 Windows Update
15-11-2015 05:45:36 Installed GTA2
16-11-2015 08:08:55 Installed ProductName from default.wxl
17-11-2015 13:28:00 Installed Max Payne Demo

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B279C09-98C2-4705-A695-D329DFFE43F7} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {2441DC95-9927-41A8-9C87-E97004B53028} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {3EA8A4AB-E00C-4F9E-891B-D5235B9ED892} - System32\Tasks\{C95D953D-AB71-4019-A539-00C8D35CBE3B} => pcalua.exe -a "C:\Program Files\MafiaDemo\Game.exe" -d "c:\program files\MafiaDemo\"
Task: {4B6E35E0-9B04-4DE7-9680-3790F66B1628} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {56E1D239-CC28-4DF2-90F5-E4EFF2E8AA98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {702A5C05-C8DD-4A6F-A001-FF840584FD14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {85A496C0-D1B5-4ED5-95F2-5E5B2AED1B98} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {8701740F-F027-4BDF-BCF0-81762AAC3767} - System32\Tasks\u8SpGsnwKSsz2okQJgm => C:\Users\Sly\AppData\Roaming\u8SpGsnwKSsz2okQJgm.exe <==== ATTENTION
Task: {9446DC40-4A0F-4FF8-8A5A-E20AE445D2A7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-17] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\u8SpGsnwKSsz2okQJgm.job => C:\Users\Sly\AppData\Roaming\u8SpGsnwKSsz2okQJgm.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-08-31 04:47 - 2013-08-31 04:47 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-08-24 19:28 - 2015-08-24 19:28 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-08-31 04:47 - 2013-08-31 04:47 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2015-11-17 15:47 - 2015-11-17 15:47 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-11-17 15:47 - 2015-11-17 15:47 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-17 19:42 - 2015-11-17 19:42 - 02991104 _____ () C:\Program Files\AVAST Software\Avast\defs\15111701\algo.dll
2015-11-17 15:47 - 2015-11-17 15:47 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-11-17 15:47 - 2015-11-17 15:47 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-17 21:57 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-17 21:57 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1473081906-491419597-656506198-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Toshiba\Standard.jpg
DNS Servers: 109.70.0.1 - 195.129.12.83
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6FDC00F8-9C0C-4CC5-90CE-A82D73666BD5}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{FE4EBCDF-B359-44CA-83EA-04B64185CC8B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{797A79E4-3C0F-470B-A927-B9D2BDAB9CC7}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{18AEEB2C-F16E-4487-9591-19606F492382}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{FC2233E3-64E0-4752-8171-2FA3205FD7D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/18/2015 00:16:18 AM) (Source: Service1) (EventID: 0) (User: )
Description: Službu nelze spustit. System.Runtime.InteropServices.COMException (0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
v System.Management.ManagementScope.InitializeGuts(Object o)
v System.Management.ManagementScope.Initialize()
v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start()
v dts_apo_service.Service1.StartRegistryWatcher()
v dts_apo_service.Service1.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/18/2015 00:13:34 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/18/2015 00:13:34 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/18/2015 00:13:34 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/18/2015 00:13:34 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (11/18/2015 00:13:34 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Správce modulu plug-in <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows

Podrobnosti:
(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (11/18/2015 00:13:33 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)

Error: (11/18/2015 00:13:33 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
0x8e5e0210 (0x8e5e0210)

Error: (11/18/2015 00:13:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (6572) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0001B.log došlo k chybě -1811 (0xfffff8ed).

Error: (11/17/2015 11:38:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IRENECKA)
Description: Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (11/18/2015 00:27:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Definition Update for Windows Defender - KB2267602 (Definition 1.211.4.0).

Error: (11/18/2015 00:16:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
%%577

Error: (11/18/2015 00:13:35 AM) (Source: DCOM) (EventID: 10010) (User: IRENECKA)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (11/18/2015 00:13:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/18/2015 00:13:34 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126

Error: (11/18/2015 00:13:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Google Update (gupdate) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2015 00:13:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TPCH Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2015 00:13:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TMachInfo byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2015 00:13:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/18/2015 00:13:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TOSHIBA eco Utility Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2015-11-18 00:16:33.501
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-17 20:25:51.491
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-17 15:51:04.741
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-17 15:31:49.628
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-17 15:27:59.429
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-13 07:21:46.049
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-11 18:23:27.336
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-10-31 11:33:52.110
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-07-23 10:06:33.828
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-07-23 10:06:33.253
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 43%
Total physical RAM: 3523.07 MB
Available physical RAM: 1985.18 MB
Total Virtual: 4291.07 MB
Available Virtual: 2231.48 MB

==================== Drives ================================

Drive c: (TI31252900A) (Fixed) (Total:687.52 GB) (Free:579.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Odstranění virů

Napsal: 18 lis 2015 00:41
od altrok
  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CreateRestorePoint:
CloseProcesses:
Folder: C:\Program Files (x86)\Seznam.cz
Folder: C:\Users\Sly\AppData\Roaming\Seznam.cz
HKLM\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-1473081906-491419597-656506198-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
2015-11-18 00:09 - 2015-11-18 00:09 - 01732096 _____ C:\Users\Sly\Downloads\AdwCleaner.exe
2015-11-17 23:53 - 2015-11-18 00:13 - 00000000 ____D C:\AdwCleaner
2015-11-17 23:51 - 2015-11-17 23:52 - 01732096 _____ C:\Users\Sly\Downloads\adwcleaner_5.021.exe
2015-11-17 23:15 - 2015-11-17 23:15 - 00052421 _____ C:\Users\Sly\Desktop\FRST..txt
2015-11-17 23:10 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Desktop\Addition..txt
2015-11-17 23:08 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Downloads\Addition.txt
2015-11-17 23:05 - 2015-11-18 00:29 - 00015193 _____ C:\Users\Sly\Downloads\FRST.txt
2015-11-17 13:44 - 2015-11-18 00:15 - 00001020 _____ C:\Windows\Tasks\u8SpGsnwKSsz2okQJgm.job
2015-11-17 13:44 - 2015-11-17 13:44 - 00004022 _____ C:\Windows\System32\Tasks\u8SpGsnwKSsz2okQJgm
2015-11-17 13:43 - 2015-11-17 13:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
Task: {3EA8A4AB-E00C-4F9E-891B-D5235B9ED892} - System32\Tasks\{C95D953D-AB71-4019-A539-00C8D35CBE3B} => pcalua.exe -a "C:\Program Files\MafiaDemo\Game.exe" -d "c:\program files\MafiaDemo\"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\Sly\AppData\Roaming\u8SpGsnwKSsz2okQJgm.exe
Hosts:
EmptyTemp:
End

Re: Odstranění virů

Napsal: 18 lis 2015 00:58
od Stallone
Uložil jsem prosím vás ten vámi poslaný zelený text do poznámkové bloku s názvem fixlist.txt , poté jsem si spustil znovu http://www.bleepingcomputer.com/downloa ... ool/dl/82/ Ale pokud kliknu ihned na FIX, tak mi to jen zahlásí NO FIXLIST.TXT FOUND. THE FIX SHOULD BE IN THE SAME FOLDER THE TOOL IS LOCATED a aplikace se vypne. Copak dělám prosím špatně? Děkuji.

Re: Odstranění virů

Napsal: 18 lis 2015 01:01
od altrok
Omlouvam se, nevsiml jsem si, ze jste nepostupoval podle navodu na vytvoreni FRST logu http://forum.viry.cz/viewtopic.php?f=13&t=133100

FRST.exe/FRST64.exe a fixlist.txt musi byt ve stejne slozce (v navodech pro jednoduchost uvadime Plochu).

Re: Odstranění virů

Napsal: 18 lis 2015 01:11
od Stallone
Omlouvám se. Zde zasílám:

Fix result of Farbar Recovery Scan Tool (x64) Version:17-11-2015
Ran by Sly (2015-11-18 01:02:23) Run:1
Running from C:\Users\Sly\Desktop
Loaded Profiles: Sly (Available Profiles: Sly)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Folder: C:\Program Files (x86)\Seznam.cz
Folder: C:\Users\Sly\AppData\Roaming\Seznam.cz
HKLM\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-1473081906-491419597-656506198-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
2015-11-18 00:09 - 2015-11-18 00:09 - 01732096 _____ C:\Users\Sly\Downloads\AdwCleaner.exe
2015-11-17 23:53 - 2015-11-18 00:13 - 00000000 ____D C:\AdwCleaner
2015-11-17 23:51 - 2015-11-17 23:52 - 01732096 _____ C:\Users\Sly\Downloads\adwcleaner_5.021.exe
2015-11-17 23:15 - 2015-11-17 23:15 - 00052421 _____ C:\Users\Sly\Desktop\FRST..txt
2015-11-17 23:10 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Desktop\Addition..txt
2015-11-17 23:08 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Downloads\Addition.txt
2015-11-17 23:05 - 2015-11-18 00:29 - 00015193 _____ C:\Users\Sly\Downloads\FRST.txt
2015-11-17 13:44 - 2015-11-18 00:15 - 00001020 _____ C:\Windows\Tasks\u8SpGsnwKSsz2okQJgm.job
2015-11-17 13:44 - 2015-11-17 13:44 - 00004022 _____ C:\Windows\System32\Tasks\u8SpGsnwKSsz2okQJgm
2015-11-17 13:43 - 2015-11-17 13:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
Task: {3EA8A4AB-E00C-4F9E-891B-D5235B9ED892} - System32\Tasks\{C95D953D-AB71-4019-A539-00C8D35CBE3B} => pcalua.exe -a "C:\Program Files\MafiaDemo\Game.exe" -d "c:\program files\MafiaDemo\"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\Sly\AppData\Roaming\u8SpGsnwKSsz2okQJgm.exe
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= Folder: C:\Program Files (x86)\Seznam.cz ========================


====== End of Folder: ======

Re: Odstranění virů

Napsal: 18 lis 2015 01:13
od altrok
Fix neprobehl uspesne. Vytvorte prosim novy fixlist s timto obsahem, zbytek postupu zustava stejny.

Kód: Vybrat vše

Start
Folder: C:\Program Files (x86)\Seznam.cz
Folder: C:\Users\Sly\AppData\Roaming\Seznam.cz
HKLM\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-1473081906-491419597-656506198-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
2015-11-18 00:09 - 2015-11-18 00:09 - 01732096 _____ C:\Users\Sly\Downloads\AdwCleaner.exe
2015-11-17 23:53 - 2015-11-18 00:13 - 00000000 ____D C:\AdwCleaner
2015-11-17 23:51 - 2015-11-17 23:52 - 01732096 _____ C:\Users\Sly\Downloads\adwcleaner_5.021.exe
2015-11-17 23:15 - 2015-11-17 23:15 - 00052421 _____ C:\Users\Sly\Desktop\FRST..txt
2015-11-17 23:10 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Desktop\Addition..txt
2015-11-17 23:08 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Downloads\Addition.txt
2015-11-17 23:05 - 2015-11-18 00:29 - 00015193 _____ C:\Users\Sly\Downloads\FRST.txt
2015-11-17 13:44 - 2015-11-18 00:15 - 00001020 _____ C:\Windows\Tasks\u8SpGsnwKSsz2okQJgm.job
2015-11-17 13:44 - 2015-11-17 13:44 - 00004022 _____ C:\Windows\System32\Tasks\u8SpGsnwKSsz2okQJgm
2015-11-17 13:43 - 2015-11-17 13:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
Task: {3EA8A4AB-E00C-4F9E-891B-D5235B9ED892} - System32\Tasks\{C95D953D-AB71-4019-A539-00C8D35CBE3B} => pcalua.exe -a "C:\Program Files\MafiaDemo\Game.exe" -d "c:\program files\MafiaDemo\"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\Sly\AppData\Roaming\u8SpGsnwKSsz2okQJgm.exe
Hosts:
EmptyTemp:
End

Re: Odstranění virů

Napsal: 18 lis 2015 01:26
od Stallone
Fix result of Farbar Recovery Scan Tool (x64) Version:17-11-2015
Ran by Sly (2015-11-18 01:18:56) Run:2
Running from C:\Users\Sly\Desktop
Loaded Profiles: Sly (Available Profiles: Sly)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Folder: C:\Program Files (x86)\Seznam.cz
Folder: C:\Users\Sly\AppData\Roaming\Seznam.cz
HKLM\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-1473081906-491419597-656506198-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
2015-11-18 00:09 - 2015-11-18 00:09 - 01732096 _____ C:\Users\Sly\Downloads\AdwCleaner.exe
2015-11-17 23:53 - 2015-11-18 00:13 - 00000000 ____D C:\AdwCleaner
2015-11-17 23:51 - 2015-11-17 23:52 - 01732096 _____ C:\Users\Sly\Downloads\adwcleaner_5.021.exe
2015-11-17 23:15 - 2015-11-17 23:15 - 00052421 _____ C:\Users\Sly\Desktop\FRST..txt
2015-11-17 23:10 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Desktop\Addition..txt
2015-11-17 23:08 - 2015-11-17 23:10 - 00019237 _____ C:\Users\Sly\Downloads\Addition.txt
2015-11-17 23:05 - 2015-11-18 00:29 - 00015193 _____ C:\Users\Sly\Downloads\FRST.txt
2015-11-17 13:44 - 2015-11-18 00:15 - 00001020 _____ C:\Windows\Tasks\u8SpGsnwKSsz2okQJgm.job
2015-11-17 13:44 - 2015-11-17 13:44 - 00004022 _____ C:\Windows\System32\Tasks\u8SpGsnwKSsz2okQJgm
2015-11-17 13:43 - 2015-11-17 13:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
Task: {3EA8A4AB-E00C-4F9E-891B-D5235B9ED892} - System32\Tasks\{C95D953D-AB71-4019-A539-00C8D35CBE3B} => pcalua.exe -a "C:\Program Files\MafiaDemo\Game.exe" -d "c:\program files\MafiaDemo\"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\Sly\AppData\Roaming\u8SpGsnwKSsz2okQJgm.exe
Hosts:
EmptyTemp:
End
*****************


========================= Folder: C:\Program Files (x86)\Seznam.cz ========================


====== End of Folder: ======


========================= Folder: C:\Users\Sly\AppData\Roaming\Seznam.cz ========================

2015-11-17 12:38 - 2013-05-16 14:25 - 1062472 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\~~erase-434593-964-69288.$$$
2015-11-17 12:37 - 2013-05-16 14:26 - 2589256 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\~~erase-434609-964-51766.$$$
2015-11-17 15:54 - 2015-11-17 15:55 - 0101421 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\install.log
2015-11-17 12:38 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\~~erase-434984-964-20139.$$$
2015-11-17 12:38 - 2015-05-26 12:37 - 0078504 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\~~erase-434984-964-20139.$$$\~~erase-434609-964-47813.$$$
2015-11-17 12:38 - 2015-02-17 09:35 - 0764416 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\~~erase-434984-964-20139.$$$\~~erase-434609-964-48030.$$$
2015-11-17 12:38 - 2015-05-26 12:35 - 0079872 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\~~erase-434984-964-20139.$$$\~~erase-434609-964-77742.$$$
2015-11-17 12:38 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data
2015-11-17 12:38 - 2015-11-17 15:51 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst
2015-11-17 15:51 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile
2015-11-17 15:55 - 2015-11-17 15:55 - 0000004 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\chrome_shutdown_ms.txt
2015-11-17 15:55 - 2015-11-17 15:55 - 0041197 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Local State
2015-11-17 15:52 - 2015-11-17 15:52 - 0007168 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Safe Browsing Cookies
2015-11-17 15:52 - 2015-11-17 15:52 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Safe Browsing Cookies-journal
2015-11-17 15:51 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default
2015-11-17 15:52 - 2015-11-17 15:55 - 0018432 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Cookies
2015-11-17 15:52 - 2015-11-17 15:55 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Cookies-journal
2015-11-17 15:52 - 2015-11-17 15:55 - 0015413 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Current Session
2015-11-17 15:55 - 2015-11-17 15:55 - 0007018 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Current Tabs
2015-11-17 15:51 - 2015-11-17 15:52 - 0007168 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Extension Cookies
2015-11-17 15:51 - 2015-11-17 15:52 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Extension Cookies-journal
2015-11-17 15:51 - 2015-11-17 15:51 - 0020480 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Favicons
2015-11-17 15:51 - 2015-11-17 15:51 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Favicons-journal
2015-11-17 15:51 - 2015-11-17 15:55 - 0094208 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\History
2015-11-17 15:55 - 2015-11-17 15:55 - 0000835 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\History Provider Cache
2015-11-17 15:51 - 2015-11-17 15:55 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\History-journal
2015-11-17 15:51 - 2015-11-17 15:51 - 0016384 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Login Data
2015-11-17 15:51 - 2015-11-17 15:51 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Login Data-journal
2015-11-17 15:52 - 2015-11-17 15:52 - 0013312 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Network Action Predictor
2015-11-17 15:52 - 2015-11-17 15:52 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Network Action Predictor-journal
2015-11-17 15:55 - 2015-11-17 15:55 - 0007449 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Preferences
2015-11-17 15:52 - 2015-11-17 15:52 - 0013312 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\QuotaManager
2015-11-17 15:52 - 2015-11-17 15:52 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\QuotaManager-journal
2015-11-17 15:52 - 2015-11-17 15:52 - 0012288 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Shortcuts
2015-11-17 15:52 - 2015-11-17 15:52 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Shortcuts-journal
2015-11-17 15:51 - 2015-11-17 15:51 - 0020480 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Top Sites
2015-11-17 15:51 - 2015-11-17 15:51 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Top Sites-journal
2015-11-17 15:51 - 2015-11-17 15:52 - 0131072 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Visited Links
2015-11-17 15:51 - 2015-11-17 15:52 - 0063488 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Web Data
2015-11-17 15:51 - 2015-11-17 15:52 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Web Data-journal
2015-11-17 15:52 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Cache
2015-11-17 15:52 - 2015-11-17 15:55 - 0270336 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Cache\~~erase-434781-964-24473.$$$
2015-11-17 15:52 - 2015-11-17 15:55 - 1056768 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Cache\~~erase-434781-964-37392.$$$
2015-11-17 15:52 - 2015-11-17 15:55 - 0045056 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Cache\~~erase-434781-964-77339.$$$
2015-11-17 15:52 - 2015-11-17 15:55 - 4202496 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Cache\~~erase-434796-964-52863.$$$
2015-11-17 15:52 - 2015-11-17 15:52 - 0524656 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Cache\~~erase-434796-964-60676.$$$
2015-11-17 15:51 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\data_reduction_proxy_leveldb
2015-11-17 15:51 - 2015-11-17 15:51 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\data_reduction_proxy_leveldb\000003.log
2015-11-17 15:51 - 2015-11-17 15:51 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\data_reduction_proxy_leveldb\LOCK
2015-11-17 15:51 - 2015-11-17 15:52 - 0000167 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\data_reduction_proxy_leveldb\LOG
2015-11-17 15:51 - 2015-11-17 15:51 - 0000041 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\data_reduction_proxy_leveldb\MANIFEST-000001
2015-11-17 15:51 - 2015-11-17 15:51 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\databases
2015-11-17 15:51 - 2015-11-17 15:51 - 0007168 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\databases\Databases.db
2015-11-17 15:51 - 2015-11-17 15:51 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\databases\Databases.db-journal
2015-11-17 15:52 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Extension State
2015-11-17 15:52 - 2015-11-17 15:52 - 0000285 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Extension State\000003.log
2015-11-17 15:52 - 2015-11-17 15:52 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Extension State\LOCK
2015-11-17 15:52 - 2015-11-17 15:52 - 0000154 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Extension State\LOG
2015-11-17 15:52 - 2015-11-17 15:52 - 0000041 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Extension State\MANIFEST-000001
2015-11-17 15:52 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\GPUCache
2015-11-17 15:52 - 2015-11-17 15:55 - 0045056 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\GPUCache\~~erase-434859-964-4930.$$$
2015-11-17 15:52 - 2015-11-17 15:55 - 0270336 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\GPUCache\~~erase-434859-964-59320.$$$
2015-11-17 15:52 - 2015-11-17 15:52 - 0008192 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\GPUCache\~~erase-434859-964-7420.$$$
2015-11-17 15:52 - 2015-11-17 15:55 - 4202496 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\GPUCache\~~erase-434859-964-98772.$$$
2015-11-17 15:52 - 2015-11-17 15:52 - 0262512 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\GPUCache\~~erase-434875-964-98952.$$$
2015-11-17 15:55 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\JumpListIcons
2015-11-17 15:55 - 2015-11-17 15:55 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\JumpListIcons\C15A.tmp
2015-11-17 15:55 - 2015-11-17 15:55 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\JumpListIcons\C15B.tmp
2015-11-17 15:53 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Session Storage
2015-11-17 15:53 - 2015-11-17 15:55 - 0000204 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Session Storage\000003.log
2015-11-17 15:53 - 2015-11-17 15:53 - 0000000 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Session Storage\LOCK
2015-11-17 15:53 - 2015-11-17 15:53 - 0000154 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Session Storage\LOG
2015-11-17 15:53 - 2015-11-17 15:53 - 0000041 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\Default\Session Storage\MANIFEST-000001
2015-11-17 15:51 - 2015-11-17 15:51 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\ShaderCache
2015-11-17 15:51 - 2015-11-17 15:55 - 0000000 ____D () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\ShaderCache\GPUCache
2015-11-17 15:51 - 2015-11-17 15:55 - 4202496 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\ShaderCache\GPUCache\~~erase-434890-964-46195.$$$
2015-11-17 15:51 - 2015-11-17 15:51 - 0262512 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\ShaderCache\GPUCache\~~erase-434906-964-89834.$$$
2015-11-17 15:51 - 2015-11-17 15:55 - 0270336 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\ShaderCache\GPUCache\~~erase-434906-964-97337.$$$
2015-11-17 15:51 - 2015-11-17 15:55 - 0045056 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\ShaderCache\GPUCache\~~erase-434906-964-99147.$$$
2015-11-17 15:51 - 2015-11-17 15:51 - 0008192 _____ () C:\Users\Sly\AppData\Roaming\Seznam.cz\data\libchinst\chromeprofile\ShaderCache\GPUCache\~~erase-434921-964-99618.$$$

====== End of Folder: ======

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-1473081906-491419597-656506198-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"C:\Users\Sly\Downloads\AdwCleaner.exe" => not found.
"C:\AdwCleaner" => not found.
"C:\Users\Sly\Downloads\adwcleaner_5.021.exe" => not found.
"C:\Users\Sly\Desktop\FRST..txt" => not found.
"C:\Users\Sly\Desktop\Addition..txt" => not found.
"C:\Users\Sly\Downloads\Addition.txt" => not found.
"C:\Users\Sly\Downloads\FRST.txt" => not found.
"C:\Windows\Tasks\u8SpGsnwKSsz2okQJgm.job" => not found.
"C:\Windows\System32\Tasks\u8SpGsnwKSsz2okQJgm" => not found.
"C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EA8A4AB-E00C-4F9E-891B-D5235B9ED892} => key not found.
C:\Windows\System32\Tasks\{C95D953D-AB71-4019-A539-00C8D35CBE3B} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C95D953D-AB71-4019-A539-00C8D35CBE3B} => key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => not found.
"C:\Users\Sly\AppData\Roaming\u8SpGsnwKSsz2okQJgm.exe" => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 30.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 01:19:13 ====

Re: Odstranění virů

Napsal: 18 lis 2015 01:27
od altrok
Takze jeste uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Re: Odstranění virů

Napsal: 18 lis 2015 01:29
od Stallone
Chci vám moc poděkovat a jen poslední otázka, zda tam tedy ten virus opravdu byl vidět a je pryč? Nemusím tedy notebook řešit přes servis? Děkuji.

Re: Odstranění virů

Napsal: 18 lis 2015 01:48
od altrok
Nemate zac.

Vir v PC byl, ale pred nekolika desitkami minut jsme ho spolecnymi silami smazali. Navsteva servisu z duvodu zavirovaneho PC je tedy v tuto chvili zbytecna.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz