Chyba WindowsUpdate_80070026"

[Maroš]

Zdar,,
nejdou nainstalovat důležité aktualizace na Win 7 64. Po zadaní aktualizace proběhne vytvoření bodu obnovy a pak se vyhodí hláška:
Nepodařilo se nainstalovat aktualizaci.Kód 80070026 u služby Windows update došlo k neznámé chybě.
Nevíte někdo co to znamená ? O chybě jsem nic nenašel.
Dik.

[Rudy]

Zdravím!
PC může být zavirován. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[Maroš]

Zde je log


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2015
Ran by Maros (administrator) on MAROS-PC on 24-02-2015 17:57:22
Running from C:\Users\Maros\Desktop
Loaded Profiles: Maros (Available profiles: Maros)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Users\Maros\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [OneDrive] => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281256 2015-02-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-12] (Microsoft Corporation)
IFEO\bjmyprt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\cnmnsst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\cnmnsu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\nvstlink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\nvstview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-637464676-1487884471-412290308-1000: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF user.js: detected! => C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\user.js
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-12-14]
FF Extension: Slovníky slovenského pravopisu - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\Extensions\sk@dictionaries.addons.mozilla.org [2014-12-21]
FF Extension: Slovak (SK) Language Pack - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2014-12-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-12]
FF HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Maros\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF Extension: Sticky Password Autofill Engine - C:\Users\Maros\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2015-01-02]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-12] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [39704 2014-11-21] (Windows (R) Win 7 DDK provider)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-12] ()
S3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [66840 2014-11-21] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-12] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-06] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2014-01-06] (TuneUp Software)
R1 {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64; C:\Windows\System32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys [48784 2014-12-25] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-24 17:57 - 2015-02-24 17:58 - 00016549 _____ () C:\Users\Maros\Desktop\FRST.txt
2015-02-24 17:57 - 2015-02-24 17:57 - 00000000 ____D () C:\FRST
2015-02-24 17:55 - 2015-02-24 17:55 - 02087424 _____ (Farbar) C:\Users\Maros\Desktop\FRST64.exe
2015-02-24 17:52 - 2015-02-24 17:52 - 00000000 ___HD () C:\OneDriveTemp
2015-02-23 20:35 - 2015-02-23 20:35 - 00347816 _____ (Microsoft Corporation) C:\Users\Maros\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2015-02-23 20:34 - 2015-02-23 20:34 - 00347816 _____ (Microsoft Corporation) C:\Users\Maros\Downloads\MicrosoftFixit.wu.LB.146348146617376915.1.1.Run.exe
2015-02-14 18:33 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-14 18:33 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-14 18:33 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-14 18:33 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-14 05:37 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-14 05:37 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 05:37 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 05:37 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-13 07:35 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-13 07:35 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-13 07:35 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-13 07:35 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-13 07:35 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-13 07:35 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-13 07:35 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-13 07:35 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 07:35 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-13 07:35 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-13 07:35 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-13 07:35 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-13 07:35 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-13 07:35 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-13 07:35 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-13 07:35 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-13 07:35 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-13 07:35 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 07:35 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-13 07:35 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-13 07:35 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-13 07:35 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-13 07:35 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-13 07:35 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-13 07:35 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-13 07:35 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-13 07:35 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-13 07:35 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-13 07:35 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-13 07:35 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 07:35 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-13 07:35 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 07:35 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-13 07:35 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 07:35 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-13 07:35 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-13 07:35 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-13 07:35 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-13 07:35 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-13 07:35 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-13 07:35 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-13 07:35 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-13 07:35 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 07:35 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-13 07:35 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-13 07:35 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-13 07:35 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-13 07:34 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 07:34 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 07:34 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-13 07:34 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-13 07:34 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 07:34 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-13 07:34 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 07:32 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 07:32 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-13 07:32 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-13 07:32 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-13 07:32 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-13 07:32 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-13 07:32 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-13 07:32 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-13 07:31 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 07:31 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-13 07:30 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 07:30 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-13 07:18 - 2015-01-12 04:13 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-13 07:18 - 2015-01-12 04:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-13 07:18 - 2015-01-12 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-13 07:18 - 2015-01-12 04:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-13 07:18 - 2015-01-12 03:47 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-13 07:18 - 2015-01-12 03:47 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-13 07:18 - 2015-01-12 03:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-13 07:17 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-13 07:17 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 07:16 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 11:02 - 2015-02-24 17:51 - 00000000 ___RD () C:\Users\Maros\Disk Google
2015-02-10 10:59 - 2015-02-10 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-02-10 10:58 - 2015-02-24 17:51 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-10 10:58 - 2015-02-23 20:03 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 10:58 - 2015-02-10 10:58 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-10 10:58 - 2015-02-10 10:58 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-10 10:57 - 2015-02-10 10:57 - 00880208 _____ (Google Inc.) C:\Users\Maros\Downloads\googledrivesync.exe
2015-02-10 10:46 - 2015-02-10 10:45 - 07137440 _____ (Microsoft Corporation) C:\Users\Maros\Downloads\OneDriveSetup.exe
2015-02-10 10:17 - 2015-02-10 10:17 - 01507260 _____ () C:\Users\Maros\Downloads\simple-palm-doc-konvertor-pdb-1-0-5-p23866.zip
2015-02-10 10:17 - 2015-02-10 10:17 - 00000000 ____D () C:\Users\Maros\Downloads\simple-palm-doc-konvertor-pdb-1-0-5-p23866
2015-02-07 17:56 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-07 17:55 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-07 17:55 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-02-07 17:55 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-02-07 11:18 - 2014-12-12 07:16 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-01 12:45 - 2015-02-01 12:45 - 00449536 _____ () C:\Users\Maros\Desktop\A150125_VEN_018_DANE_2014B.XLS
2015-02-01 09:19 - 2015-02-01 09:19 - 00000000 __SHD () C:\found.000
2015-01-31 11:18 - 2015-01-31 11:18 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2015-01-31 11:14 - 2015-01-31 11:14 - 00366080 _____ () C:\Users\Maros\Desktop\Priznani_FO_5405_21.xls
2015-01-29 08:28 - 2015-02-24 17:51 - 00005983 _____ () C:\Windows\setupact.log
2015-01-29 08:28 - 2015-02-14 05:11 - 00001478 _____ () C:\Windows\PFRO.log
2015-01-29 08:28 - 2015-01-29 08:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-27 19:50 - 2015-01-27 19:50 - 05325208 _____ (Piriform Ltd) C:\Users\Maros\Downloads\ccsetup502.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-24 17:58 - 2009-07-14 05:45 - 00024048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 17:58 - 2009-07-14 05:45 - 00024048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 17:57 - 2014-12-12 08:00 - 01615688 _____ () C:\Windows\WindowsUpdate.log
2015-02-24 17:53 - 2014-12-27 20:21 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-24 17:53 - 2014-12-27 20:21 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-02-24 17:53 - 2014-12-12 08:54 - 00000000 ___SD () C:\Users\Maros\Documents\Sticky Passwords
2015-02-24 17:52 - 2015-01-02 12:01 - 00000000 ___RD () C:\Users\Maros\OneDrive
2015-02-24 17:52 - 2014-12-12 09:17 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Skype
2015-02-24 17:51 - 2014-12-12 07:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-24 17:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-23 20:46 - 2014-12-12 08:33 - 01560204 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-23 20:46 - 2009-07-14 16:18 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2015-02-23 20:46 - 2009-07-14 16:18 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2015-02-23 20:46 - 2009-07-14 06:13 - 01560204 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-23 20:42 - 2014-12-12 09:09 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-22 12:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-20 14:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-20 08:33 - 2015-01-02 12:01 - 00002180 _____ () C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-02-14 21:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-13 15:51 - 2014-12-12 13:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 15:19 - 2009-07-14 05:45 - 00409456 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 15:18 - 2014-12-12 12:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 15:18 - 2014-12-12 12:20 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-13 08:20 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2015-02-13 08:19 - 2014-12-12 09:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 08:14 - 2014-12-12 09:57 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 11:02 - 2014-12-12 07:52 - 00000000 ____D () C:\Users\Maros
2015-02-10 10:59 - 2015-01-11 09:41 - 00000000 ____D () C:\Users\Maros\AppData\Local\Google
2015-02-10 10:59 - 2015-01-11 09:41 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-10 10:09 - 2014-12-12 09:01 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-10 10:09 - 2014-12-12 09:01 - 00000959 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-02-10 10:09 - 2014-12-12 09:01 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-10 10:07 - 2014-12-14 16:05 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\TeamViewer
2015-02-10 07:56 - 2014-12-27 13:48 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2015-02-07 19:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-07 12:14 - 2014-12-12 09:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 12:14 - 2014-12-12 09:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 12:14 - 2014-12-12 09:09 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-07 12:14 - 2014-12-12 09:08 - 00000000 ____D () C:\Users\Maros\AppData\Local\Adobe
2015-02-07 11:19 - 2014-12-12 07:16 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-31 11:18 - 2014-12-14 13:43 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Canon
2015-01-29 08:28 - 2014-12-12 08:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 20:32 - 2015-01-17 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 19:51 - 2014-12-14 16:26 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-27 19:51 - 2014-12-14 16:26 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-27 19:49 - 2014-12-19 21:42 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-27 19:48 - 2014-12-30 21:11 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories =======

2014-12-22 11:55 - 2014-12-22 11:55 - 0000624 _____ () C:\Users\Maros\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-12-22 11:52 - 2014-12-22 11:53 - 0000839 _____ () C:\Users\Maros\AppData\Roaming\Drives Meter_Settings.ini
2014-12-22 11:54 - 2014-12-22 11:54 - 0000282 _____ () C:\Users\Maros\AppData\Roaming\GPU MeterV2_Settings.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 17:50

==================== End Of Log ============================

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Maroš]

AdwCleaner Log je zde.



# AdwCleaner v4.111 - Logfile created 24/02/2015 at 19:53:44
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Maros - MAROS-PC
# Running from : C:\Users\Maros\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64

***** [ Files / Folders ] *****

File Deleted : C:\Windows\System32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys
File Deleted : C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\Softonic

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v35.0.1 (x86 cs)


*************************

AdwCleaner[R0].txt - [1672 bytes] - [24/02/2015 19:47:35]
AdwCleaner[R1].txt - [1731 bytes] - [24/02/2015 19:52:04]
AdwCleaner[S0].txt - [1626 bytes] - [24/02/2015 19:53:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1685 bytes] ##########

[Rudy]

Dejte nový log FRST.

[Maroš]

Nový FRST log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Maros (administrator) on MAROS-PC on 25-02-2015 20:45:03
Running from C:\Users\Maros\Desktop
Loaded Profiles: Maros (Available profiles: Maros)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\Maros\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)
HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Run: [OneDrive] => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281256 2015-02-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-12] (Microsoft Corporation)
IFEO\bjmyprt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\cnmnsst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\cnmnsu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\nvstlink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\nvstview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-637464676-1487884471-412290308-1000: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-12-14]
FF Extension: Slovníky slovenského pravopisu - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\Extensions\sk@dictionaries.addons.mozilla.org [2014-12-21]
FF Extension: Slovak (SK) Language Pack - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2014-12-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-12]
FF HKU\S-1-5-21-637464676-1487884471-412290308-1000\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Maros\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF Extension: Sticky Password Autofill Engine - C:\Users\Maros\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2015-01-02]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-12] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [39704 2014-11-21] (Windows (R) Win 7 DDK provider)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-12] ()
S3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [66840 2014-11-21] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-12] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-06] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2014-01-06] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 20:44 - 2015-02-25 20:44 - 00000000 ____D () C:\Users\Maros\Desktop\FRST-OlderVersion
2015-02-25 19:54 - 2015-02-25 19:54 - 00000000 ___HD () C:\OneDriveTemp
2015-02-24 20:10 - 2014-12-12 07:16 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-24 20:01 - 2015-02-24 20:01 - 00003480 ____N () C:\bootsqm.dat
2015-02-24 19:59 - 2015-02-24 19:59 - 00000000 __SHD () C:\found.001
2015-02-24 19:47 - 2015-02-24 19:53 - 00000000 ____D () C:\AdwCleaner
2015-02-24 19:46 - 2015-02-24 19:46 - 02126848 _____ () C:\Users\Maros\Desktop\adwcleaner_4.111.exe
2015-02-24 17:59 - 2015-02-24 18:11 - 00029330 _____ () C:\Users\Maros\Desktop\Addition.txt
2015-02-24 17:57 - 2015-02-25 20:45 - 00016717 _____ () C:\Users\Maros\Desktop\FRST.txt
2015-02-24 17:57 - 2015-02-25 20:45 - 00000000 ____D () C:\FRST
2015-02-24 17:55 - 2015-02-25 20:44 - 02087936 _____ (Farbar) C:\Users\Maros\Desktop\FRST64.exe
2015-02-23 20:35 - 2015-02-23 20:35 - 00347816 _____ (Microsoft Corporation) C:\Users\Maros\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2015-02-23 20:34 - 2015-02-23 20:34 - 00347816 _____ (Microsoft Corporation) C:\Users\Maros\Downloads\MicrosoftFixit.wu.LB.146348146617376915.1.1.Run.exe
2015-02-14 18:33 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-14 18:33 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-14 18:33 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-14 18:33 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-14 05:37 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-14 05:37 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 05:37 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 05:37 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-13 07:35 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-13 07:35 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-13 07:35 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-13 07:35 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-13 07:35 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-13 07:35 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-13 07:35 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-13 07:35 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-13 07:35 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 07:35 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-13 07:35 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-13 07:35 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-13 07:35 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-13 07:35 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-13 07:35 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-13 07:35 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-13 07:35 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-13 07:35 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-13 07:35 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 07:35 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-13 07:35 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-13 07:35 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-13 07:35 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-13 07:35 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-13 07:35 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-13 07:35 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-13 07:35 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-13 07:35 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-13 07:35 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-13 07:35 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-13 07:35 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 07:35 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-13 07:35 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 07:35 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-13 07:35 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 07:35 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-13 07:35 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-13 07:35 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-13 07:35 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-13 07:35 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-13 07:35 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-13 07:35 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-13 07:35 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-13 07:35 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 07:35 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-13 07:35 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-13 07:35 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-13 07:35 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-13 07:34 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 07:34 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 07:34 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-13 07:34 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-13 07:34 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 07:34 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-13 07:34 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 07:32 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 07:32 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-13 07:32 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-13 07:32 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-13 07:32 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-13 07:32 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-13 07:32 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-13 07:32 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-13 07:31 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 07:31 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-13 07:30 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 07:30 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-13 07:18 - 2015-01-12 04:13 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-13 07:18 - 2015-01-12 04:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-13 07:18 - 2015-01-12 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-13 07:18 - 2015-01-12 04:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-13 07:18 - 2015-01-12 03:47 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-13 07:18 - 2015-01-12 03:47 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-13 07:18 - 2015-01-12 03:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-13 07:17 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-02-13 07:17 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 07:16 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 11:02 - 2015-02-25 19:54 - 00000000 ___RD () C:\Users\Maros\Disk Google
2015-02-10 10:59 - 2015-02-10 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-02-10 10:58 - 2015-02-25 20:03 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 10:58 - 2015-02-25 19:53 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-10 10:58 - 2015-02-10 10:58 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-10 10:58 - 2015-02-10 10:58 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-10 10:57 - 2015-02-10 10:57 - 00880208 _____ (Google Inc.) C:\Users\Maros\Downloads\googledrivesync.exe
2015-02-10 10:46 - 2015-02-10 10:45 - 07137440 _____ (Microsoft Corporation) C:\Users\Maros\Downloads\OneDriveSetup.exe
2015-02-10 10:17 - 2015-02-10 10:17 - 01507260 _____ () C:\Users\Maros\Downloads\simple-palm-doc-konvertor-pdb-1-0-5-p23866.zip
2015-02-10 10:17 - 2015-02-10 10:17 - 00000000 ____D () C:\Users\Maros\Downloads\simple-palm-doc-konvertor-pdb-1-0-5-p23866
2015-02-07 17:56 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-02-07 17:55 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-02-07 17:55 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-02-07 17:55 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-02-01 12:45 - 2015-02-01 12:45 - 00449536 _____ () C:\Users\Maros\Desktop\A150125_VEN_018_DANE_2014B.XLS
2015-02-01 09:19 - 2015-02-01 09:19 - 00000000 __SHD () C:\found.000
2015-01-31 11:18 - 2015-01-31 11:18 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2015-01-31 11:14 - 2015-01-31 11:14 - 00366080 _____ () C:\Users\Maros\Desktop\Priznani_FO_5405_21.xls
2015-01-29 08:28 - 2015-02-25 19:53 - 00006319 _____ () C:\Windows\setupact.log
2015-01-29 08:28 - 2015-02-25 19:53 - 00002296 _____ () C:\Windows\PFRO.log
2015-01-29 08:28 - 2015-01-29 08:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-27 19:50 - 2015-01-27 19:50 - 05325208 _____ (Piriform Ltd) C:\Users\Maros\Downloads\ccsetup502.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 20:43 - 2014-12-12 08:54 - 00000000 ___SD () C:\Users\Maros\Documents\Sticky Passwords
2015-02-25 20:42 - 2014-12-12 09:09 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 20:02 - 2014-12-12 08:00 - 01058069 _____ () C:\Windows\WindowsUpdate.log
2015-02-25 19:59 - 2009-07-14 05:45 - 00024048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-25 19:59 - 2009-07-14 05:45 - 00024048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 19:55 - 2014-12-12 09:17 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Skype
2015-02-25 19:54 - 2015-01-02 12:01 - 00000000 ___RD () C:\Users\Maros\OneDrive
2015-02-25 19:54 - 2014-12-27 20:21 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-25 19:54 - 2014-12-27 20:21 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-02-25 19:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-24 20:11 - 2014-12-12 07:16 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-24 20:10 - 2014-12-12 07:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-23 20:46 - 2014-12-12 08:33 - 01560204 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-23 20:46 - 2009-07-14 16:18 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2015-02-23 20:46 - 2009-07-14 16:18 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2015-02-23 20:46 - 2009-07-14 06:13 - 01560204 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-22 12:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-20 14:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-20 08:33 - 2015-01-02 12:01 - 00002180 _____ () C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-02-14 21:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-13 15:51 - 2014-12-12 13:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 15:19 - 2009-07-14 05:45 - 00409456 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 15:18 - 2014-12-12 12:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 15:18 - 2014-12-12 12:20 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-13 08:20 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2015-02-13 08:19 - 2014-12-12 09:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 08:14 - 2014-12-12 09:57 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 11:02 - 2014-12-12 07:52 - 00000000 ____D () C:\Users\Maros
2015-02-10 10:59 - 2015-01-11 09:41 - 00000000 ____D () C:\Users\Maros\AppData\Local\Google
2015-02-10 10:59 - 2015-01-11 09:41 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-10 10:09 - 2014-12-12 09:01 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-10 10:09 - 2014-12-12 09:01 - 00000959 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-02-10 10:09 - 2014-12-12 09:01 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-10 10:07 - 2014-12-14 16:05 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\TeamViewer
2015-02-10 07:56 - 2014-12-27 13:48 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2015-02-07 19:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-07 12:14 - 2014-12-12 09:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 12:14 - 2014-12-12 09:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 12:14 - 2014-12-12 09:09 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-07 12:14 - 2014-12-12 09:08 - 00000000 ____D () C:\Users\Maros\AppData\Local\Adobe
2015-01-31 11:18 - 2014-12-14 13:43 - 00000000 ____D () C:\Users\Maros\AppData\Roaming\Canon
2015-01-29 08:28 - 2014-12-12 08:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 20:32 - 2015-01-17 09:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 19:51 - 2014-12-14 16:26 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-27 19:51 - 2014-12-14 16:26 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-27 19:49 - 2014-12-19 21:42 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-27 19:48 - 2014-12-30 21:11 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories =======

2014-12-22 11:55 - 2014-12-22 11:55 - 0000624 _____ () C:\Users\Maros\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-12-22 11:52 - 2014-12-22 11:53 - 0000839 _____ () C:\Users\Maros\AppData\Roaming\Drives Meter_Settings.ini
2014-12-22 11:54 - 2014-12-22 11:54 - 0000282 _____ () C:\Users\Maros\AppData\Roaming\GPU MeterV2_Settings.ini

Some content of TEMP:
====================
C:\Users\Maros\AppData\Local\Temp\Quarantine.exe
C:\Users\Maros\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 17:50

==================== End Of Log ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
IFEO\bjmyprt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\cnmnsst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\cnmnsu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\nvstlink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\nvstview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\Maros\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Maroš]

Nový log zde


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Maros at 2015-02-26 07:34:09 Run:1
Running from C:\Users\Maros\Desktop
Loaded Profiles: Maros (Available profiles: Maros)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
IFEO\bjmyprt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\cnmnsst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\cnmnsu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\nvstlink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\nvstview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\Maros\AppData\Local\Temp
End
*****************

"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bjmyprt.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cnmnsst.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cnmnsu.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dtlite.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\excel.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\groove.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\infopath.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\misc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msaccess.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msoxmled.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mspub.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mstore.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nvstlink.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nvstview.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ois.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\onenote.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\outlook.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\powerpnt.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sptdinst-x64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\teamviewer.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\uninst.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\winword.exe" => Key deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.

"C:\Users\Maros\AppData\Local\Temp" directory move:

C:\Users\Maros\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\cbLog_180_105247642.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\cbLog_2776_95518484.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\cbLog_3552_8337934.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\cbLog_4424_17533194.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\cbLog_4536_204349257.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\cbLog_4832_20435884.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\cbLog_4960_1117397.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\cbLog_5012_202447991.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Maros\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Maros\AppData\Local\Temp\FXSTIFFDebugLogFile.txt => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\tuj7A02.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\wct26A2.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\wct3052.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\wct3A12.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\wct81FB.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\wct90AA.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\wctEB19.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\wctFA9.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\~92EC.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\~92EC.tmp.exe => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\bz2.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\gdi32.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\hashobjs_ext.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\kernel32.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\main.exe.manifest => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\mfc90.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\mfc90u.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\mfcm90.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\mfcm90u.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\msvcp100.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\msvcr100.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\psapi.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\pyexpat.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\pysqlite2._sqlite.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\python27.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\pythoncom27.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\PyWinTypes27.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\select.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\shell32.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\unicodedata.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32api.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32com.shell.shell.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32crypt.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32event.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32evtlog.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32file.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32gui.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32inet.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32pdh.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32pipe.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32process.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32profile.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32security.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32trace.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32ts.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32ui.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\win32wnet.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\windows._lib_cacheinvalidation.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wx._animate.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wx._controls_.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wx._core_.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wx._gdi_.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wx._html2.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wx._misc_.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wx._windows_.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wx._wizard.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wxbase294u_net_vc90.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wxbase294u_vc90.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wxmsw294u_adv_vc90.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wxmsw294u_core_vc90.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wxmsw294u_html_vc90.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\wxmsw294u_webview_vc90.dll => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\_ctypes.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\_elementtree.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\_hashlib.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\_multiprocessing.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\_socket.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\_ssl.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\_win32sysloader.pyd => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\support\gen_py\__init__.py => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\mime\drive.mime.types => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\js\XMLHttpRequest.js => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\docs.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gdoc16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gdoc256.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gdoc32.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gdoc48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gdraw16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gdraw256.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gdraw32.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gdraw48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gform16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gform256.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gform32.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gform48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-glink16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-glink256.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-glink32.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-glink48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gsheet16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gsheet256.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gsheet32.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gsheet48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gslides16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gslides256.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gslides32.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-gslides48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-photos-logo.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-sync16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-sync16.xpm => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-sync256.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-sync32.xpm => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\drive-sync64.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\exclaim.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\file.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\folder-mac.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\folder-winseven.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\folder-winxp.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\folder.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gdoc.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gdoc.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gdraw.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gdraw.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gform.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gform.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\glink.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\glink.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gmap.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gmap.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gnote.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gnote.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gscript.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gscript.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gsheet.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gsheet.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gslides.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gslides.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gtable.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\gtable.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_done_24.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_done_48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_drawer_24.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_drawer_48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_folder_mydrive_24.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_folder_mydrive_48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_sync_problem_24.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_warning_grey600_24dp.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_web_24.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\ic_web_48.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\image_resources.py => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\image_resources.pyo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate1-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate1-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate1.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate1_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate2-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate2-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate2.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate2_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate3-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate3-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate3.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate3_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate4-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate4-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate4.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate4_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate5-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate5-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate5.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate5_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate6-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate6-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate6.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate6_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate7-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate7-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate7.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate7_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate8-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate8-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate8.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-animate8_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-error-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-error-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-error.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-error_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-inactive-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-inactive-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-inactive.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-inactive_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-normal-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-normal-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-normal.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-normal_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-pause-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-paused-inverse.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-paused-inverse_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-paused.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\mac-paused_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_backups.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_backups_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_check_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_create.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_create_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_docs_16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_down-arrow.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_down-arrow_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_drive-logo.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_drive-logo_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_error.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_error_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_file_32.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_folder_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_folder_32.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_google-logo-gray.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_google-logo-gray_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_link.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_link_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_settings_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_share.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_share_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sheets_16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_slides_16.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sm_warning_red.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sm_warning_red_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sm_warning_yellow.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sm_warning_yellow_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sync-paused.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sync.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sync_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sync_anim.gif => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sync_anim_2x.gif => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_sync_anim_grey.gif => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_up-arrow.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_up-arrow_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_warning.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_warning_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_warning_color_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\menu_web_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_drive_folder_lin.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_drive_folder_mac.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_drive_folder_win.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_mobile_bottom.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_mobile_right.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_right_click_mac.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_right_click_win.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_taskbar_lin.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_taskbar_mac.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_taskbar_win.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\setup_welcome.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sharedfolder-mac.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sharedfolder-winseven.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sharedfolder-winxp.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\shareguyicon.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sheets.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\slides.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync.icns => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync_128.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync_menu_done.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync_menu_done_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync_menu_error.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync_menu_error_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync_menu_syncing.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\sync_menu_syncing_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\toprighticon.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\warning-hdpi_2x.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\warning_128.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\warning_256.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\warning_64.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-animate1.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-animate2.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-animate3.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-animate4.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-animate5.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-animate6.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-animate7.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-animate8.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win-normal.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win7-error.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win7-inactive.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\win7-paused.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\winxp-error.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\winxp-inactive.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\winxp-paused.png => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\__init__.py => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\__init__.pyo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\overlays\Blacklisted.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\overlays\Shared.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\overlays\Synced.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\images\overlays\Syncing.ico => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\fonts\OpenSans-Light.ttf => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\fonts\Roboto-Bold.ttf => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\fonts\Roboto-Regular.ttf => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\fonts\Roboto-Thin.ttf => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\drive_api\drive.v2.rest.json => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\drive_api\drive.v2internal.rest.json => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\chrome_ext\com.google.drive.nativeproxy.json.template => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\_MEI34482\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx => Moved successfully.
Could not move "C:\Users\Maros\AppData\Local\Temp\Skype\DbTemp\temp-cPt67chpDNlTxKCMkXN30wsa" => Scheduled to move on reboot.
Could not move "C:\Users\Maros\AppData\Local\Temp\Skype\DbTemp\temp-Yre68rpvqgtid4SIFKsY6RRx" => Scheduled to move on reboot.
C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8393c8fd8a839_15f74c7777689be5_0_0.bin => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8393c8fd8a839_15f74c7777689be5_0_0.toc => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8393c8fd8a839_15f74c7777689be5_0_1.bin => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8393c8fd8a839_15f74c7777689be5_1_0.bin => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8393c8fd8a839_15f74c7777689be5_1_0.toc => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8393c8fd8a839_8e912777872ba4e3_0_0.bin => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\30e343e5b0f707dd240618f10b741aa_fce8393c8fd8a839_8e912777872ba4e3_0_0.toc => Moved successfully.
Could not move "C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8393c8fd8a839_6229ccd76215aea1_0_0.bin" => Scheduled to move on reboot.
Could not move "C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8393c8fd8a839_6229ccd76215aea1_0_0.toc" => Scheduled to move on reboot.
C:\Users\Maros\AppData\Local\Temp\MATS-Temp\Results\Windows Update_result.cab => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_1436_135335177.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_1588_14179958.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_1748_141536522.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_1876_9727775.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_2128_142219373.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_2560_112056762.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_2768_181213218.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_2820_103454837.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_3116_114052347.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_3124_93211476.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_3408_12364346.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_3576_83637329.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_3912_14266762.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_4280_125318747.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_4436_16442883.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_4492_114947341.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_4544_141917856.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_4584_202955992.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_4772_9544340.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_5168_123527732.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_5708_14203176.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_5752_12571871.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_5868_185043443.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_5900_151913301.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acro_rd_dir\cbLog_6372_16391705.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acrord32_sbx\cbLog_3212_121648269.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acrord32_sbx\cbLog_4044_11403230.log => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acrord32_sbx\Z@RF981.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acrord32_sbx\Z@RF9C1.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acrord32_sbx\Z@RF9E2.tmp => Moved successfully.
C:\Users\Maros\AppData\Local\Temp\acrord32_sbx\Z@RFA03.tmp => Moved successfully.
Could not move "C:\Users\Maros\AppData\Local\Temp" directory. => Scheduled to move on reboot.


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-26 07:35:40)<=

C:\Users\Maros\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Maros\AppData\Local\Temp\Skype\DbTemp\temp-cPt67chpDNlTxKCMkXN30wsa => Is moved successfully.
C:\Users\Maros\AppData\Local\Temp\Skype\DbTemp\temp-Yre68rpvqgtid4SIFKsY6RRx => Is moved successfully.
"C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8393c8fd8a839_6229ccd76215aea1_0_0.bin" => File could not move.
"C:\Users\Maros\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8393c8fd8a839_6229ccd76215aea1_0_0.toc" => File could not move.
"C:\Users\Maros\AppData\Local\Temp" => Directory could not move.

==== End of Fixlog 07:35:44 ====

[Rudy]

Smazáno vše. Nastala nějaká změna?

[Maroš]

Aktualizace stejně nejdou nainstalovat pořád stejný kód chyby.
Dik za snahu.

[Rudy]

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[Maroš]

Log ComboFix



ComboFix 15-02-16.01 - Maros 28.02.2015 8:59.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2586 [GMT 1:00]
Spuštěný z: c:\users\Maros\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Maros\AppData\Local\Temp\_MEI13202\_ctypes.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\_elementtree.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\_hashlib.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\_multiprocessing.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\_socket.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\_ssl.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\hashobjs_ext.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\pyexpat.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\pysqlite2._sqlite.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\python27.dll
c:\users\Maros\AppData\Local\Temp\_MEI13202\pythoncom27.dll
c:\users\Maros\AppData\Local\Temp\_MEI13202\PyWinTypes27.dll
c:\users\Maros\AppData\Local\Temp\_MEI13202\select.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\unicodedata.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32api.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32com.shell.shell.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32crypt.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32event.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32file.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32gui.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32inet.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32pdh.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32pipe.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32process.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32profile.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32security.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\win32ts.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\windows._lib_cacheinvalidation.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wx._animate.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wx._controls_.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wx._core_.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wx._gdi_.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wx._html2.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wx._misc_.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wx._windows_.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wx._wizard.pyd
c:\users\Maros\AppData\Local\Temp\_MEI13202\wxbase294u_net_vc90.dll
c:\users\Maros\AppData\Local\Temp\_MEI13202\wxbase294u_vc90.dll
c:\users\Maros\AppData\Local\Temp\_MEI13202\wxmsw294u_adv_vc90.dll
c:\users\Maros\AppData\Local\Temp\_MEI13202\wxmsw294u_core_vc90.dll
c:\users\Maros\AppData\Local\Temp\_MEI13202\wxmsw294u_html_vc90.dll
c:\users\Maros\AppData\Local\Temp\_MEI13202\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-28 do 2015-02-28 )))))))))))))))))))))))))))))))
.
.
2015-02-28 08:07 . 2015-02-28 08:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-28 07:19 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1891816D-F8A6-42FA-8888-AC9DF7B14D66}\mpengine.dll
2015-02-28 07:10 . 2015-02-28 07:10 -------- d-----w- C:\OneDriveTemp
2015-02-26 19:58 . 2015-02-26 19:59 -------- d-----w- c:\windows\system32\catroot2
2015-02-26 06:35 . 2015-02-28 08:09 -------- d-----w- c:\users\Maros\AppData\Local\Temp
2015-02-24 19:10 . 2014-12-12 06:16 364512 ----a-w- c:\windows\system32\aswBoot.exe
2015-02-24 18:59 . 2015-02-24 18:59 -------- d-----w- C:\found.001
2015-02-24 18:47 . 2015-02-24 18:53 -------- d-----w- C:\AdwCleaner
2015-02-24 16:57 . 2015-02-26 06:35 -------- d-----w- C:\FRST
2015-02-23 19:35 . 2015-02-23 19:35 -------- d-----w- c:\users\Maros\AppData\Local\ElevatedDiagnostics
2015-02-14 17:33 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-02-14 17:33 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-02-14 17:33 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-02-14 17:33 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-02-14 04:37 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-14 04:37 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-14 04:37 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-14 04:37 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-13 06:34 . 2015-01-12 02:07 92160 ----a-w- c:\windows\system32\mshtmled.dll
2015-02-13 06:34 . 2015-01-12 01:46 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-02-13 06:34 . 2015-01-12 02:48 584192 ----a-w- c:\windows\system32\vbscript.dll
2015-02-13 06:34 . 2015-01-12 01:27 2358272 ----a-w- c:\windows\system32\wininet.dll
2015-02-13 06:34 . 2015-01-12 03:10 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2015-02-13 06:34 . 2015-01-12 02:47 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-02-13 06:34 . 2015-01-12 01:08 382976 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2015-02-13 06:34 . 2015-01-14 05:47 293040 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-02-13 06:34 . 2015-01-12 02:08 199680 ----a-w- c:\windows\system32\msrating.dll
2015-02-13 06:34 . 2015-01-12 02:07 1016832 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-02-13 06:34 . 2015-01-12 03:09 25056256 ----a-w- c:\windows\system32\mshtml.dll
2015-02-13 06:34 . 2015-01-12 02:59 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-02-13 06:32 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-13 06:32 . 2015-01-13 02:49 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-02-13 06:32 . 2014-12-12 05:31 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-13 06:32 . 2014-07-07 02:06 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-13 06:32 . 2014-07-07 02:07 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-13 06:32 . 2014-12-12 05:07 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-13 06:32 . 2014-07-07 01:40 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-02-13 06:32 . 2014-07-07 01:40 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-02-13 06:31 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-13 06:31 . 2014-11-26 03:32 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-02-13 06:30 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-13 06:30 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-13 06:18 . 2015-01-12 03:13 5554104 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-13 06:18 . 2015-01-12 02:47 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-13 06:18 . 2015-01-12 02:47 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-13 06:18 . 2015-01-12 03:10 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-13 06:18 . 2015-01-12 03:10 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-13 06:18 . 2015-01-12 03:10 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-13 06:18 . 2015-01-12 02:45 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-13 06:17 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2015-02-13 06:17 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 06:16 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-10 10:02 . 2015-02-28 07:10 -------- d-----r- c:\users\Maros\Disk Google
2015-02-07 16:56 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-02-07 16:55 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2015-02-07 16:55 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2015-02-07 16:55 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2015-02-01 08:19 . 2015-02-01 08:19 -------- d-----w- C:\found.000
2015-01-31 10:18 . 2015-01-31 10:18 -------- d--h--w- c:\programdata\CanonIJScan
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-21 09:58 . 2014-12-14 11:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2015-02-13 07:14 . 2014-12-12 08:57 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-02-07 11:14 . 2014-12-12 08:09 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-07 11:14 . 2014-12-12 08:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-27 18:48 . 2014-12-30 20:11 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-27 09:30 . 2014-12-26 10:52 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-01-27 08:28 . 2014-12-14 11:35 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-01-12 18:06 . 2015-01-12 18:06 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-12-22 23:41 . 2014-12-12 07:09 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 12:58 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 12:58 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-14 11:30 . 2014-12-14 11:29 507392 ----a-w- c:\windows\system32\drivers\AF15BDA.sys
2014-12-14 11:29 . 2014-12-14 11:30 28672 ----a-w- c:\windows\system32\AF15BDAEX.dll
2014-12-14 11:29 . 2014-12-14 11:30 140 ----a-w- c:\windows\system32\AF15IRTBL.bin
2014-12-12 13:05 . 2014-12-12 13:05 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-12-12 13:05 . 2014-12-12 13:05 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-12-12 13:05 . 2014-12-12 13:05 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-12-12 13:05 . 2014-12-12 13:05 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-12-12 13:05 . 2014-12-12 13:05 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-12-12 13:05 . 2014-12-12 13:05 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-12-12 13:05 . 2014-12-12 13:05 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-12-12 13:05 . 2014-12-12 13:05 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-12-12 13:05 . 2014-12-12 13:05 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-12-12 13:05 . 2014-12-12 13:05 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-12-12 13:05 . 2014-12-12 13:05 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-12-12 13:05 . 2014-12-12 13:05 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-12-12 13:05 . 2014-12-12 13:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-12-12 13:05 . 2014-12-12 13:05 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-12-12 13:05 . 2014-12-12 13:05 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-12-12 13:05 . 2014-12-12 13:05 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-12-12 13:05 . 2014-12-12 13:05 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-12-12 13:05 . 2014-12-12 13:05 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-12-12 13:05 . 2014-12-12 13:05 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-12-12 13:05 . 2014-12-12 13:05 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-12-12 13:05 . 2014-12-12 13:05 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-12-12 13:05 . 2014-12-12 13:05 247808 ----a-w- c:\windows\system32\msls31.dll
2014-12-12 13:05 . 2014-12-12 13:05 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-12-12 13:05 . 2014-12-12 13:05 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-12-12 13:05 . 2014-12-12 13:05 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-12-12 13:05 . 2014-12-12 13:05 81408 ----a-w- c:\windows\system32\icardie.dll
2014-12-12 13:05 . 2014-12-12 13:05 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-12-12 13:05 . 2014-12-12 13:05 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-12-12 13:05 . 2014-12-12 13:05 413696 ----a-w- c:\windows\system32\html.iec
2014-12-12 13:05 . 2014-12-12 13:05 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-12-12 13:05 . 2014-12-12 13:05 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-12-12 13:05 . 2014-12-12 13:05 235520 ----a-w- c:\windows\system32\url.dll
2014-12-12 13:05 . 2014-12-12 13:05 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-12-12 13:05 . 2014-12-12 13:05 143872 ----a-w- c:\windows\system32\wextract.exe
2014-12-12 13:05 . 2014-12-12 13:05 101376 ----a-w- c:\windows\system32\inseng.dll
2014-12-12 13:05 . 2014-12-12 13:05 774144 ----a-w- c:\windows\system32\jscript.dll
2014-12-12 13:05 . 2014-12-12 13:05 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-12-12 13:05 . 2014-12-12 13:05 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-12-12 13:05 . 2014-12-12 13:05 147968 ----a-w- c:\windows\system32\occache.dll
2014-12-12 13:05 . 2014-12-12 13:05 13824 ----a-w- c:\windows\system32\mshta.exe
2014-12-12 13:05 . 2014-12-12 13:05 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-12-12 13:03 . 2014-12-12 13:03 878080 ----a-w- c:\windows\system32\advapi32.dll
2014-12-12 13:03 . 2014-12-12 13:03 859648 ----a-w- c:\windows\system32\tdh.dll
2014-12-12 13:03 . 2014-12-12 13:03 1732032 ----a-w- c:\windows\system32\ntdll.dll
2014-12-12 13:03 . 2014-12-12 13:03 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2014-12-12 13:03 . 2014-12-12 13:03 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2014-12-12 13:03 . 2014-12-12 13:03 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-12-12 13:03 . 2014-12-12 13:03 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-12-12 13:03 . 2014-12-12 13:03 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2014-12-12 13:02 . 2014-12-12 13:02 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-12-12 12:58 . 2014-12-12 12:58 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-12-12 12:58 . 2014-12-12 12:58 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-12-12 12:58 . 2014-12-12 12:58 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-12-12 12:58 . 2014-12-12 12:58 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-12-12 12:58 . 2014-12-12 12:58 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-12-12 12:58 . 2014-12-12 12:58 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-12-12 12:58 . 2014-12-12 12:58 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-12-12 12:58 . 2014-12-12 12:58 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-12-12 12:58 . 2014-12-12 12:58 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-12-12 12:58 . 2014-12-12 12:58 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-12-12 12:58 . 2014-12-12 12:58 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-12-12 12:58 . 2014-12-12 12:58 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-12-12 12:58 . 2014-12-12 12:58 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-12-12 12:58 . 2014-12-12 12:58 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-12-12 12:58 . 2014-12-12 12:58 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-12-12 12:58 . 2014-12-12 12:58 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-12-12 12:58 . 2014-12-12 12:58 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-12-12 12:58 . 2014-12-12 12:58 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-02-20 07:32 329384 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-02-20 07:32 329384 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-02-20 07:32 329384 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30872168]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-01-15 23308256]
"OneDrive"="c:\users\Maros\AppData\Local\Microsoft\OneDrive\OneDrive.exe" [2015-02-20 281256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
R3 ATP;ASUS Touchpad;c:\windows\system32\DRIVERS\AsusTP.sys;c:\windows\SYSNATIVE\DRIVERS\AsusTP.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 11:14]
.
2015-02-28 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-12-27 19:21]
.
2015-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10 09:58]
.
2015-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10 09:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-02-20 07:32 358048 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-02-20 07:32 358048 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-02-20 07:32 358048 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-12 06:16 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-09-17 2460488]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-09-17 2799784]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2780776]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-02-28 09:14:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-28 08:14
.
Před spuštěním: Volných bajtů: 95 555 010 560
Po spuštění: Volných bajtů: 95 796 903 936
.
- - End Of File - - B9CFD4C8F03C402B619978DDFC676B23
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\AutoKMS.job
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job


Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"=-

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Maroš]

Zde je log po dočištění


ComboFix 15-02-28.01 - Maros 28.02.2015 18:14:48.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2611 [GMT 1:00]
Spuštěný z: c:\users\Maros\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Maros\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\AutoKMS\AutoKMS.exe"
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-28 do 2015-02-28 )))))))))))))))))))))))))))))))
.
.
2015-02-28 17:21 . 2015-02-28 17:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-28 07:19 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1891816D-F8A6-42FA-8888-AC9DF7B14D66}\mpengine.dll
2015-02-28 07:10 . 2015-02-28 07:10 -------- d-----w- C:\OneDriveTemp
2015-02-26 19:58 . 2015-02-26 19:59 -------- d-----w- c:\windows\system32\catroot2
2015-02-26 06:35 . 2015-02-28 17:23 -------- d-----w- c:\users\Maros\AppData\Local\Temp
2015-02-24 19:10 . 2014-12-12 06:16 364512 ----a-w- c:\windows\system32\aswBoot.exe
2015-02-24 18:59 . 2015-02-24 18:59 -------- d-----w- C:\found.001
2015-02-24 18:47 . 2015-02-24 18:53 -------- d-----w- C:\AdwCleaner
2015-02-24 16:57 . 2015-02-26 06:35 -------- d-----w- C:\FRST
2015-02-23 19:35 . 2015-02-23 19:35 -------- d-----w- c:\users\Maros\AppData\Local\ElevatedDiagnostics
2015-02-14 17:33 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-02-14 17:33 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-02-14 17:33 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-02-14 17:33 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-02-14 04:37 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-14 04:37 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-14 04:37 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-14 04:37 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-13 06:34 . 2015-01-12 02:07 92160 ----a-w- c:\windows\system32\mshtmled.dll
2015-02-13 06:34 . 2015-01-12 01:46 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-02-13 06:34 . 2015-01-12 02:48 584192 ----a-w- c:\windows\system32\vbscript.dll
2015-02-13 06:34 . 2015-01-12 01:27 2358272 ----a-w- c:\windows\system32\wininet.dll
2015-02-13 06:34 . 2015-01-12 03:10 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2015-02-13 06:34 . 2015-01-12 02:47 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-02-13 06:34 . 2015-01-12 01:08 382976 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2015-02-13 06:34 . 2015-01-14 05:47 293040 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-02-13 06:34 . 2015-01-12 02:08 199680 ----a-w- c:\windows\system32\msrating.dll
2015-02-13 06:34 . 2015-01-12 02:07 1016832 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-02-13 06:34 . 2015-01-12 03:09 25056256 ----a-w- c:\windows\system32\mshtml.dll
2015-02-13 06:34 . 2015-01-12 02:59 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-02-13 06:32 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-13 06:32 . 2015-01-13 02:49 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-02-13 06:32 . 2014-12-12 05:31 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-13 06:32 . 2014-07-07 02:06 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-13 06:32 . 2014-07-07 02:07 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-13 06:32 . 2014-12-12 05:07 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-13 06:32 . 2014-07-07 01:40 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-02-13 06:32 . 2014-07-07 01:40 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-02-13 06:31 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-13 06:31 . 2014-11-26 03:32 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-02-13 06:30 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-13 06:30 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-13 06:18 . 2015-01-12 03:13 5554104 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-13 06:18 . 2015-01-12 02:47 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-13 06:18 . 2015-01-12 02:47 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-13 06:18 . 2015-01-12 03:10 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-13 06:18 . 2015-01-12 03:10 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-13 06:18 . 2015-01-12 03:10 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-13 06:18 . 2015-01-12 02:45 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-13 06:17 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2015-02-13 06:17 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-02-13 06:16 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-10 10:02 . 2015-02-28 07:10 -------- d-----r- c:\users\Maros\Disk Google
2015-02-07 16:56 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-02-07 16:55 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2015-02-07 16:55 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2015-02-07 16:55 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2015-02-01 08:19 . 2015-02-01 08:19 -------- d-----w- C:\found.000
2015-01-31 10:18 . 2015-01-31 10:18 -------- d--h--w- c:\programdata\CanonIJScan
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-21 09:58 . 2014-12-14 11:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2015-02-13 07:14 . 2014-12-12 08:57 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-02-07 11:14 . 2014-12-12 08:09 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-07 11:14 . 2014-12-12 08:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-27 18:48 . 2014-12-30 20:11 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-27 09:30 . 2014-12-26 10:52 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-01-27 08:28 . 2014-12-14 11:35 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-01-12 18:06 . 2015-01-12 18:06 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-12-22 23:41 . 2014-12-12 07:09 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 12:58 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 12:58 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-14 11:30 . 2014-12-14 11:29 507392 ----a-w- c:\windows\system32\drivers\AF15BDA.sys
2014-12-14 11:29 . 2014-12-14 11:30 28672 ----a-w- c:\windows\system32\AF15BDAEX.dll
2014-12-14 11:29 . 2014-12-14 11:30 140 ----a-w- c:\windows\system32\AF15IRTBL.bin
2014-12-12 13:05 . 2014-12-12 13:05 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-12-12 13:05 . 2014-12-12 13:05 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-12-12 13:05 . 2014-12-12 13:05 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-12-12 13:05 . 2014-12-12 13:05 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-12-12 13:05 . 2014-12-12 13:05 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-12-12 13:05 . 2014-12-12 13:05 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-12-12 13:05 . 2014-12-12 13:05 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-12-12 13:05 . 2014-12-12 13:05 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-12-12 13:05 . 2014-12-12 13:05 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-12-12 13:05 . 2014-12-12 13:05 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-12-12 13:05 . 2014-12-12 13:05 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-12-12 13:05 . 2014-12-12 13:05 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-12-12 13:05 . 2014-12-12 13:05 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-12-12 13:05 . 2014-12-12 13:05 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-12-12 13:05 . 2014-12-12 13:05 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-12-12 13:05 . 2014-12-12 13:05 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-12-12 13:05 . 2014-12-12 13:05 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-12-12 13:05 . 2014-12-12 13:05 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-12-12 13:05 . 2014-12-12 13:05 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-12-12 13:05 . 2014-12-12 13:05 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-12-12 13:05 . 2014-12-12 13:05 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-12-12 13:05 . 2014-12-12 13:05 247808 ----a-w- c:\windows\system32\msls31.dll
2014-12-12 13:05 . 2014-12-12 13:05 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-12-12 13:05 . 2014-12-12 13:05 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-12-12 13:05 . 2014-12-12 13:05 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-12-12 13:05 . 2014-12-12 13:05 81408 ----a-w- c:\windows\system32\icardie.dll
2014-12-12 13:05 . 2014-12-12 13:05 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-12-12 13:05 . 2014-12-12 13:05 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-12-12 13:05 . 2014-12-12 13:05 413696 ----a-w- c:\windows\system32\html.iec
2014-12-12 13:05 . 2014-12-12 13:05 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-12-12 13:05 . 2014-12-12 13:05 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-12-12 13:05 . 2014-12-12 13:05 235520 ----a-w- c:\windows\system32\url.dll
2014-12-12 13:05 . 2014-12-12 13:05 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-12-12 13:05 . 2014-12-12 13:05 143872 ----a-w- c:\windows\system32\wextract.exe
2014-12-12 13:05 . 2014-12-12 13:05 101376 ----a-w- c:\windows\system32\inseng.dll
2014-12-12 13:05 . 2014-12-12 13:05 774144 ----a-w- c:\windows\system32\jscript.dll
2014-12-12 13:05 . 2014-12-12 13:05 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-12-12 13:05 . 2014-12-12 13:05 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-12-12 13:05 . 2014-12-12 13:05 147968 ----a-w- c:\windows\system32\occache.dll
2014-12-12 13:05 . 2014-12-12 13:05 13824 ----a-w- c:\windows\system32\mshta.exe
2014-12-12 13:05 . 2014-12-12 13:05 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-12-12 13:03 . 2014-12-12 13:03 878080 ----a-w- c:\windows\system32\advapi32.dll
2014-12-12 13:03 . 2014-12-12 13:03 859648 ----a-w- c:\windows\system32\tdh.dll
2014-12-12 13:03 . 2014-12-12 13:03 1732032 ----a-w- c:\windows\system32\ntdll.dll
2014-12-12 13:03 . 2014-12-12 13:03 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2014-12-12 13:03 . 2014-12-12 13:03 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2014-12-12 13:03 . 2014-12-12 13:03 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-12-12 13:03 . 2014-12-12 13:03 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-12-12 13:03 . 2014-12-12 13:03 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2014-12-12 13:02 . 2014-12-12 13:02 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-12-12 12:58 . 2014-12-12 12:58 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-12-12 12:58 . 2014-12-12 12:58 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-12-12 12:58 . 2014-12-12 12:58 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-12-12 12:58 . 2014-12-12 12:58 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-12-12 12:58 . 2014-12-12 12:58 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-12-12 12:58 . 2014-12-12 12:58 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-12-12 12:58 . 2014-12-12 12:58 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-12-12 12:58 . 2014-12-12 12:58 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-12-12 12:58 . 2014-12-12 12:58 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-12-12 12:58 . 2014-12-12 12:58 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-12-12 12:58 . 2014-12-12 12:58 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-12-12 12:58 . 2014-12-12 12:58 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-12-12 12:58 . 2014-12-12 12:58 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-12-12 12:58 . 2014-12-12 12:58 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-12-12 12:58 . 2014-12-12 12:58 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-12-12 12:58 . 2014-12-12 12:58 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-12-12 12:58 . 2014-12-12 12:58 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-12-12 12:58 . 2014-12-12 12:58 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-12-12 12:58 . 2014-12-12 12:58 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-02-20 07:32 329384 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-02-20 07:32 329384 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-02-20 07:32 329384 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30872168]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-01-15 23308256]
"OneDrive"="c:\users\Maros\AppData\Local\Microsoft\OneDrive\OneDrive.exe" [2015-02-20 281256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
R3 ATP;ASUS Touchpad;c:\windows\system32\DRIVERS\AsusTP.sys;c:\windows\SYSNATIVE\DRIVERS\AsusTP.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 11:14]
.
2015-02-28 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-12-27 19:21]
.
2015-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10 09:58]
.
2015-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-10 09:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-02-20 07:32 358048 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-02-20 07:32 358048 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-02-20 07:32 358048 ----a-w- c:\users\Maros\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-12 06:16 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-09-17 2460488]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-09-17 2799784]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2780776]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\sr3lg0nf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-02-28 18:27:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-28 17:27
ComboFix2.txt 2015-02-28 08:14
.
Před spuštěním: Volných bajtů: 95 048 708 096
Po spuštění: Volných bajtů: 94 988 238 848
.
- - End Of File - - E460D3932DAF7E278B68220FA2DC5C89
A36C5E4F47E84449FF07ED3517B43A31