Udělal jsem první prověření a následně smazaní nálezu přes adwcleaner, teďkom prosím o překontrolovaní logu, díky za reakce.
Logfile of random's system information tool 1.10 (written by random/random)
Run by bobek at 2015-10-17 16:17:18
Microsoft Windows 8.1
System drive C: has 421 GB (44%) free of 954 GB
Total RAM: 8130 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:17:25, on 17. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\bobek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
C:\Program Files (x86)\Gaming Mouse\Monitor.EXE
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Gaming Mouse\OSD.exe
C:\Program Files (x86)\Gaming Mouse\Applets\CpuRam.exe
C:\Program Files (x86)\Gaming Mouse\Applets\EmailPOP3.EXE
C:\Program Files (x86)\Gaming Mouse\Applets\OSDSkype.exe
C:\Program Files (x86)\Gaming Mouse\Applets\OSDMSN.EXE
C:\Program Files\trend micro\bobek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={5D9AABD0- ... 2014-02-05 12:30:41&v=18.7.0.147&pid=safeguard&sg=0&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Gaming Mouse Driver] "C:\Program Files (x86)\Gaming Mouse\Monitor.EXE"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Adobe Updater] C:\ProgramData\adobe\color.vbs
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\bobek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\bobek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Windows] C:\Users\Public\Windows\game.vbs
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [icq] C:\Users\bobek\AppData\Roaming\ICQM\icq.exe -CU
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\bobek\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\bobek\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TalkeyService - myTALKEY s.r.o. - C:\Program Files\myTalkey\TalkeyService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13118 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {fcbf6326-d6fa-4bbd-b8f9533890d1f74d}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\myTalkey\TalkeyService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" df67a357-56cc-4df8-a77c-d209b98d188f
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
taskhostex.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
szndesktop.exe default start
"C:\Users\bobek\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe"
"C:\Program Files (x86)\Gaming Mouse\Monitor.EXE"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files (x86)\Gaming Mouse\OSD.exe"
"C:\Program Files (x86)\Gaming Mouse\Applets\CpuRam.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Gaming Mouse\Applets\EmailPOP3.EXE"
"C:\Program Files (x86)\Gaming Mouse\Applets\OSDSkype.exe"
"C:\Program Files (x86)\Gaming Mouse\Applets\OSDMSN.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\bobek\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ce05edef4190c9.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d08ff86462eee6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1ce818c2c3e927f.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cffeb1ee423f84.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d04174a0a7efdb.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\RegCure Program Check.job - C:\Program Files (x86)\RegCure\RegCure.exe ShowReminders
C:\WINDOWS\tasks\RegCure.job - C:\Program Files (x86)\RegCure\RegCure.exe -t
=========Mozilla firefox=========
ProfilePath - C:\Users\bobek\AppData\Roaming\Mozilla\Firefox\Profiles\uxiru71v.default-1435505574115
prefs.js - "browser.startup.homepage" - "https://www.google.cz/?gws_rd=ssl"
prefs.js - "keyword.URL" - ""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-13 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-13 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-04 2654512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-10-04 1710568]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [2013-05-03 3231032]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"cz.seznam.software.autoupdate"=C:\Users\bobek\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\bobek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"AdobeBridge"= []
"Windows"=C:\Users\Public\Windows\game.vbs [2014-06-30 77]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-11-27 466144]
"icq"=C:\Users\bobek\AppData\Roaming\ICQM\icq.exe [2015-10-12 39738376]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Gaming Mouse Driver"=C:\Program Files (x86)\Gaming Mouse\Monitor.EXE [2011-09-09 200704]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Adobe Updater"=C:\ProgramData\adobe\color.vbs [2014-07-01 105]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-07-27 495616]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-04-17 585048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
"AdobeCEPServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [2013-05-16 1039240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
iSCTsysTray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hmip]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\WINDOWS\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2015-10-17 16:17:19 ----D---- C:\Program Files\trend micro
2015-10-17 16:17:18 ----D---- C:\rsit
2015-10-17 14:58:10 ----A---- C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-10-17 14:54:36 ----D---- C:\AdwCleaner
2015-10-17 10:56:13 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2015-10-17 10:55:22 ----D---- C:\WINDOWS\LastGood.Tmp
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvinitx.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2015-10-17 10:54:19 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-10-16 22:20:41 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-10-16 22:20:34 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-16 22:20:34 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-10-16 22:20:34 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-10-16 22:20:34 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-10-15 15:31:10 ----D---- C:\Program Files\myTalkey
2015-10-15 14:42:28 ----D---- C:\Program Files (x86)\KEYFIND
2015-10-14 22:00:48 ----A---- C:\WINDOWS\system32\invagent.dll
2015-10-14 22:00:48 ----A---- C:\WINDOWS\system32\devinv.dll
2015-10-14 22:00:48 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-10-14 22:00:47 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-10-14 22:00:47 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-10-14 22:00:47 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-10-14 22:00:47 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-10-14 17:38:16 ----D---- C:\Program Files (x86)\KidLogger
2015-10-14 12:12:44 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2015-10-14 12:12:22 ----A---- C:\WINDOWS\system32\d2d1.dll
2015-10-14 12:12:21 ----A---- C:\WINDOWS\system32\shell32.dll
2015-10-14 12:12:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-10-14 12:11:59 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2015-10-14 12:11:59 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2015-10-14 12:11:59 ----A---- C:\WINDOWS\system32\KernelBase.dll
2015-10-14 12:11:59 ----A---- C:\WINDOWS\system32\advapi32.dll
2015-10-14 12:11:54 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 12:11:53 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-10-14 12:11:53 ----A---- C:\WINDOWS\system32\winresume.exe
2015-10-14 12:11:53 ----A---- C:\WINDOWS\system32\winload.exe
2015-10-14 12:11:53 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-10-14 12:11:53 ----A---- C:\WINDOWS\system32\fveapi.dll
2015-10-14 12:11:53 ----A---- C:\WINDOWS\system32\bdesvc.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\NcdAutoSetup.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:11:45 ----A---- C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:11:10 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-10-14 12:11:10 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-10-14 12:11:10 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-10-14 12:11:10 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-10-14 12:11:09 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-10-14 12:11:09 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-10-14 12:11:09 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-10-14 12:11:09 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-10-14 12:11:09 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-10-14 12:11:09 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-10-14 12:11:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-10-14 12:11:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-10-14 12:10:37 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-10-14 12:10:37 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-10-14 12:10:31 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-10-14 12:10:30 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-10-14 12:10:29 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-10-14 12:10:29 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-10-14 12:10:27 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-10-14 12:10:27 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-10-14 12:10:27 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2015-10-14 12:10:27 ----A---- C:\WINDOWS\system32\wininet.dll
2015-10-14 12:10:27 ----A---- C:\WINDOWS\system32\ieui.dll
2015-10-14 12:10:27 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-10-14 12:10:27 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2015-10-14 12:10:26 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-10-14 12:10:26 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-10-14 12:10:26 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-10-14 12:10:26 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-10-14 12:10:26 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-10-14 12:10:26 ----A---- C:\WINDOWS\system32\jscript.dll
2015-10-14 12:10:26 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-10-14 12:10:25 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-10-14 12:10:25 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-10-14 12:10:25 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-10-14 12:10:25 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-10-14 12:10:25 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-10-14 12:10:25 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-10-14 12:10:24 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-10-14 12:10:24 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-10-14 12:10:23 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-10-13 21:14:49 ----D---- C:\Users\bobek\AppData\Roaming\Ashampoo
2015-10-13 21:14:42 ----D---- C:\ProgramData\Ashampoo
2015-10-13 21:14:40 ----D---- C:\Program Files (x86)\Ashampoo
2015-10-12 14:19:41 ----D---- C:\Users\bobek\AppData\Roaming\ICQ-Profile
2015-10-12 14:19:41 ----D---- C:\Users\bobek\AppData\Roaming\ICQM
2015-10-11 16:43:05 ----D---- C:\ProgramData\Malwarebytes
2015-10-11 16:09:21 ----D---- C:\Program Files (x86)\Rockstar Games
2015-10-11 14:03:19 ----D---- C:\Program Files (x86)\GTA V
2015-10-02 18:46:36 ----RD---- C:\Program Files (x86)\Skype
2015-09-29 09:47:22 ----D---- C:\Program Files\CPUID
2015-09-28 19:19:40 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2015-09-28 19:19:40 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2015-09-28 19:19:39 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2015-09-28 19:19:39 ----A---- C:\WINDOWS\system32\nvdispgenco6435598.dll
2015-09-28 19:19:39 ----A---- C:\WINDOWS\system32\nvdispco6435598.dll
2015-09-28 19:19:39 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
======List of files/folders modified in the last 1 month======
2015-10-17 16:17:19 ----RD---- C:\Program Files
2015-10-17 16:11:38 ----D---- C:\WINDOWS\Temp
2015-10-17 16:04:22 ----D---- C:\WINDOWS\Prefetch
2015-10-17 16:00:00 ----D---- C:\WINDOWS\system32\sru
2015-10-17 15:03:42 ----D---- C:\Users\bobek\AppData\Roaming\Seznam.cz
2015-10-17 15:00:06 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-10-17 14:58:10 ----RD---- C:\WINDOWS\System32
2015-10-17 14:57:49 ----D---- C:\ProgramData\NVIDIA
2015-10-17 14:56:59 ----D---- C:\WINDOWS\system32\Tasks
2015-10-17 14:56:58 ----D---- C:\WINDOWS\Tasks
2015-10-17 14:56:56 ----HD---- C:\ProgramData
2015-10-17 14:56:56 ----D---- C:\Program Files (x86)\Common Files
2015-10-17 14:56:55 ----RD---- C:\Program Files (x86)
2015-10-17 14:27:02 ----D---- C:\Users\bobek\AppData\Roaming\BitTorrent
2015-10-17 12:49:20 ----D---- C:\WINDOWS\SysWOW64
2015-10-17 11:18:10 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-17 11:04:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-17 11:04:54 ----D---- C:\Windows
2015-10-17 10:56:32 ----D---- C:\ProgramData\NVIDIA Corporation
2015-10-17 10:56:25 ----D---- C:\WINDOWS\Inf
2015-10-17 10:56:11 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-17 10:55:23 ----D---- C:\WINDOWS\system32\drivers
2015-10-17 10:16:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-10-17 01:35:04 ----SD---- C:\Users\bobek\AppData\Roaming\Microsoft
2015-10-16 20:37:25 ----SHD---- C:\WINDOWS\Installer
2015-10-16 17:07:02 ----D---- C:\WINDOWS\rescache
2015-10-16 15:12:54 ----D---- C:\WINDOWS\system32\drivers\etc
2015-10-16 11:10:08 ----D---- C:\WINDOWS\system32\config
2015-10-16 11:06:24 ----D---- C:\WINDOWS\debug
2015-10-16 10:50:13 ----D---- C:\WINDOWS\SoftwareDistribution
2015-10-15 17:08:20 ----SHD---- C:\System Volume Information
2015-10-15 15:37:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-15 15:04:43 ----D---- C:\Users\bobek\AppData\Roaming\Skype
2015-10-15 13:18:54 ----D---- C:\WINDOWS\WinSxS
2015-10-15 13:18:05 ----D---- C:\WINDOWS\system32\catroot2
2015-10-15 10:21:46 ----RD---- C:\WINDOWS\ToastData
2015-10-15 10:21:46 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-10-15 10:21:45 ----D---- C:\WINDOWS\system32\Boot
2015-10-15 10:21:43 ----D---- C:\WINDOWS\CbsTemp
2015-10-15 10:20:00 ----D---- C:\WINDOWS\apppatch
2015-10-15 00:19:59 ----SD---- C:\WINDOWS\system32\CompatTel
2015-10-15 00:19:58 ----D---- C:\WINDOWS\system32\appraiser
2015-10-15 00:19:58 ----D---- C:\Program Files\Internet Explorer
2015-10-15 00:19:58 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 00:19:57 ----D---- C:\WINDOWS\system32\cs-CZ
2015-10-15 00:19:52 ----D---- C:\ProgramData\Microsoft Help
2015-10-15 00:19:13 ----A---- C:\WINDOWS\win.ini
2015-10-15 00:13:59 ----D---- C:\WINDOWS\system32\MRT
2015-10-15 00:13:57 ----A---- C:\WINDOWS\system32\MRT.exe
2015-10-14 20:26:21 ----D---- C:\Users\bobek\AppData\Roaming\FileZilla
2015-10-13 21:03:45 ----D---- C:\WINDOWS\Cursors
2015-10-12 11:36:29 ----D---- C:\Users\bobek\AppData\Roaming\New Technology Studio
2015-10-11 16:09:00 ----D---- C:\Program Files\Rockstar Games
2015-10-11 11:29:40 ----D---- C:\Program Files (x86)\Hide My IP 6
2015-10-06 23:02:37 ----SD---- C:\WINDOWS\system32\GWX
2015-10-06 22:01:26 ----D---- C:\Program Files (x86)\Steam
2015-10-06 22:00:05 ----DC---- C:\WINDOWS\Panther
2015-10-06 22:00:05 ----D---- C:\WINDOWS\Logs
2015-10-06 16:57:14 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-10-06 14:27:27 ----D---- C:\Users\bobek\AppData\Roaming\Winamp
2015-10-04 10:23:01 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2015-10-04 10:23:01 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2015-10-04 10:22:52 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2015-10-04 10:22:52 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2015-10-03 07:06:17 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2015-10-03 07:06:17 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2015-10-03 07:06:17 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-10-03 07:06:17 ----A---- C:\WINDOWS\system32\OpenCL.dll
2015-10-03 07:06:17 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 07:06:17 ----A---- C:\WINDOWS\system32\nvapi64.dll
2015-10-03 04:49:56 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 04:49:56 ----A---- C:\WINDOWS\system32\nvcpl.dll
2015-10-03 04:49:54 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 04:49:54 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 04:49:54 ----A---- C:\WINDOWS\system32\nvshext.dll
2015-10-03 04:49:54 ----A---- C:\WINDOWS\system32\nvmctray.dll
2015-10-02 18:47:00 ----D---- C:\ProgramData\Skype
2015-10-02 16:24:42 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-09-28 22:25:52 ----D---- C:\Users\bobek\AppData\Roaming\vlc
2015-09-27 10:01:57 ----D---- C:\WINDOWS\system32\wdi
2015-09-22 20:56:38 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2015-09-19 00:09:56 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2013-08-30 22600]
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R1 dtsoftbus01;@oem68.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-10-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;@oem109.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 SpyEmrg;Spy Emergency Driver; C:\WINDOWS\System32\Drivers\spyemrg.sys [2011-04-21 17240]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2013-08-01 91784]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2013-08-01 140736]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2013-08-01 331328]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [2012-07-24 20968]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\imsevent.sys [2012-07-24 19944]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 ISCT;@oem24.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\WINDOWS\System32\drivers\ISCTD64.sys [2012-07-24 46016]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-10-17 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;@oem46.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 NVHDA;@oem96.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-09-19 204648]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-10-03 11114616]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-04 19760]
R3 nvvad_WaveExtensible;@oem101.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8168;@oem4.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2012-07-30 690832]
R3 rzp1endpt;@oem147.inf,%rzp1endpt.SvcDesc%;Razer platform 1 end point; C:\WINDOWS\System32\drivers\rzp1endpt.sys [2014-04-09 39080]
R3 rzudd;@oem160.inf,%Razer.SvcDesc%;Razer Mouse Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2014-04-09 154792]
R3 rzvmouse;@oem155.inf,%rzvmouse%;Razer Virtual Mouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [2014-04-09 31400]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [2011-04-21 18776]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2013-09-17 32600]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [2011-04-21 24408]
S3 tap0901;avast! SecureLine TAP Adapter; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-04-30 40616]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-08-22 20992]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-04 1155376]
R2 hasplms;Sentinel LDK License Manager; C:\Windows\system32\hasplms.exe [2013-08-01 4609928]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-07-24 146984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-06-29 136704]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-04 1872688]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-04 5568816]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-10-03 938800]
R2 SpyEmrgSrv;Spy Emergency Engine Service; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2013-03-11 3284008]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-10-03 417400]
R2 TalkeyService;TalkeyService; C:\Program Files\myTalkey\TalkeyService.exe [2015-07-21 30472]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-21 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-17 147624]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím také o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím také o kontrolu
Krasny den Vam preju 
Odinstalujte V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Odinstalujte - Seznam Software - pokud nepouzivate, protoze velice casto byva instalovan jako adware
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím také o kontrolu
Krásny den i vám přeji, přikládám první log s adwcleaneru, kvůli kterému jsem udělal předchozí log.
Odkaz na vyosek mě google hlásí jako zavirovanou stránku, tak snad je to ok, díky za reakce.
# AdwCleaner v5.013 - Logfile created 17/10/2015 at 14:56:52
# Updated 09/10/2015 by Xplode
# Database : 2015-10-16.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : bobek - HOMEPC
# Running from : C:\Users\bobek\Desktop\adwcleaner_5.013.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files (x86)\Crawler
[-] Folder Deleted : C:\Program Files (x86)\ParetoLogic
[-] Folder Deleted : C:\Program Files (x86)\Winamp Toolbar
[-] Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
[-] Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\SafetyNut
[-] Folder Deleted : C:\ProgramData\Winamp Toolbar
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0615tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1114tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1214tb
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\Users\bobek\AppData\Local\apn
[-] Folder Deleted : C:\Users\bobek\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\bobek\AppData\Local\Winamp Toolbar
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
[-] File Deleted : C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
[-] File Deleted : C:\WINDOWS\SysNative\roboot64.exe
***** [ DLLs ] *****
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk
***** [ Scheduled tasks ] *****
[-] Task Deleted : paretologic registration3
[-] Task Deleted : paretologic update version3
[-] Task Deleted : RegClean Pro_UPDATES
[-] Task Deleted : ParetoLogic Update Version3 Startup Task
[-] Task Deleted : RegCure Pro
[-] Task Deleted : 0215tbUpdateInfo
[-] Task Deleted : 0615tbUpdateInfo
[-] Task Deleted : 0215tbUpdateInfo
[-] Task Deleted : 0615tbUpdateInfo
[-] Task Deleted : AVG-Secure-Search-Update_0214b_rel
[-] Task Deleted : AVG-Secure-Search-Update_0214b_rmv
[-] Task Deleted : AVG-Secure-Search-Update_0414c_rel
[-] Task Deleted : AVG-Secure-Search-Update_0414c_rmv
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
[-] Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctbr.R404Pro
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
[-] Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
[-] Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{008F6853-9CB4-41C5-A950-39D55E5E06BA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B8F85AE-22C7-4EF3-AE53-1F0B7AAC6D83}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Alexa Internet
[-] Key Deleted : HKCU\Software\CToolbar
[-] Key Deleted : HKCU\Software\distromatic
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\Winamp Toolbar
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
[-] Key Deleted : HKLM\SOFTWARE\CToolbar
[-] Key Deleted : HKLM\SOFTWARE\firstsearch
[!] Key Not Deleted : HKLM\SOFTWARE\FirstSearch\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Avg Secure Update
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}
[!] Key Not Deleted : [x64] HKCU\Software\Alexa Internet
[!] Key Not Deleted : [x64] HKCU\Software\CToolbar
[!] Key Not Deleted : [x64] HKCU\Software\distromatic
[!] Key Not Deleted : [x64] HKCU\Software\ParetoLogic
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\Winamp Toolbar
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[!] Key Not Deleted : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\AppDataLow\Software\WinToFlash Suggestor
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data Restored : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main [Search Bar]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{69E3F6F2-423F-48B6-8686-56CDB900DF44}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{69E3F6F2-423F-48B6-8686-56CDB900DF44}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\SearchScopes\{69E3F6F2-423F-48B6-8686-56CDB900DF44}
[-] Data Restored : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [ Web browsers ] *****
[-] [C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : acaoakiamfeidcmgooclgeleejkbaecf
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [23464 bytes] ##########
Odkaz na vyosek mě google hlásí jako zavirovanou stránku, tak snad je to ok, díky za reakce.
# AdwCleaner v5.013 - Logfile created 17/10/2015 at 14:56:52
# Updated 09/10/2015 by Xplode
# Database : 2015-10-16.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : bobek - HOMEPC
# Running from : C:\Users\bobek\Desktop\adwcleaner_5.013.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files (x86)\Crawler
[-] Folder Deleted : C:\Program Files (x86)\ParetoLogic
[-] Folder Deleted : C:\Program Files (x86)\Winamp Toolbar
[-] Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
[-] Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\SafetyNut
[-] Folder Deleted : C:\ProgramData\Winamp Toolbar
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0615tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1114tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1214tb
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\Users\bobek\AppData\Local\apn
[-] Folder Deleted : C:\Users\bobek\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\bobek\AppData\Local\Winamp Toolbar
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
[-] File Deleted : C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
[-] File Deleted : C:\WINDOWS\SysNative\roboot64.exe
***** [ DLLs ] *****
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk
***** [ Scheduled tasks ] *****
[-] Task Deleted : paretologic registration3
[-] Task Deleted : paretologic update version3
[-] Task Deleted : RegClean Pro_UPDATES
[-] Task Deleted : ParetoLogic Update Version3 Startup Task
[-] Task Deleted : RegCure Pro
[-] Task Deleted : 0215tbUpdateInfo
[-] Task Deleted : 0615tbUpdateInfo
[-] Task Deleted : 0215tbUpdateInfo
[-] Task Deleted : 0615tbUpdateInfo
[-] Task Deleted : AVG-Secure-Search-Update_0214b_rel
[-] Task Deleted : AVG-Secure-Search-Update_0214b_rmv
[-] Task Deleted : AVG-Secure-Search-Update_0414c_rel
[-] Task Deleted : AVG-Secure-Search-Update_0414c_rmv
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
[-] Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctbr.R404Pro
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
[-] Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
[-] Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
[-] Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{008F6853-9CB4-41C5-A950-39D55E5E06BA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B8F85AE-22C7-4EF3-AE53-1F0B7AAC6D83}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Alexa Internet
[-] Key Deleted : HKCU\Software\CToolbar
[-] Key Deleted : HKCU\Software\distromatic
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\Winamp Toolbar
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
[-] Key Deleted : HKLM\SOFTWARE\CToolbar
[-] Key Deleted : HKLM\SOFTWARE\firstsearch
[!] Key Not Deleted : HKLM\SOFTWARE\FirstSearch\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Avg Secure Update
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}
[!] Key Not Deleted : [x64] HKCU\Software\Alexa Internet
[!] Key Not Deleted : [x64] HKCU\Software\CToolbar
[!] Key Not Deleted : [x64] HKCU\Software\distromatic
[!] Key Not Deleted : [x64] HKCU\Software\ParetoLogic
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\Winamp Toolbar
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[!] Key Not Deleted : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\AppDataLow\Software\WinToFlash Suggestor
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data Restored : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main [Search Bar]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{69E3F6F2-423F-48B6-8686-56CDB900DF44}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{69E3F6F2-423F-48B6-8686-56CDB900DF44}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\SearchScopes\{69E3F6F2-423F-48B6-8686-56CDB900DF44}
[-] Data Restored : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [ Web browsers ] *****
[-] [C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : acaoakiamfeidcmgooclgeleejkbaecf
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [23464 bytes] ##########
Re: Prosím také o kontrolu
Pouziti FRSTLauncheru (z vyoskovych stranek) neni nezbytne nutne - pouzijte tedy jen samotny FRST64.exequez píše:Odkaz na vyosek mě google hlásí jako zavirovanou stránku, tak snad je to ok
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím také o kontrolu
přikládám log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-10-2015
Ran by bobek (administrator) on HOMEPC (18-10-2015 12:49:12)
Running from C:\Users\bobek\Desktop
Loaded Profiles: bobek (Available Profiles: bobek)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(myTALKEY s.r.o.) C:\Program Files\myTalkey\TalkeyService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
() C:\Program Files (x86)\Gaming Mouse\Monitor.EXE
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Program Files (x86)\Gaming Mouse\OSD.exe
() C:\Program Files (x86)\Gaming Mouse\Applets\CpuRam.exe
() C:\Program Files (x86)\Gaming Mouse\Applets\EmailPOP3.EXE
() C:\Program Files (x86)\Gaming Mouse\Applets\OSDSkype.exe
() C:\Program Files (x86)\Gaming Mouse\Applets\OSDMSN.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [Gaming Mouse Driver] => C:\Program Files (x86)\Gaming Mouse\Monitor.EXE [200704 2011-09-09] ()
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe Updater] => C:\ProgramData\adobe\color.vbs [105 2014-07-01] ()
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [495616 2012-07-27] (MSI)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-04-17] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3231032 2013-05-03] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [Windows] => C:\Users\Public\Windows\game.vbs [77 2014-06-30] ()
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [icq] => C:\Users\bobek\AppData\Roaming\ICQM\icq.exe [39738376 2015-10-12] (ICQ)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\RunOnce: [SeznamInstall-uninstall:a4b4b611b8852b04821f5278a4d460d7] => C:\Users\bobek\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-10-18] () <===== ATTENTION
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {1d619f46-3520-11e5-bf4c-d43d7e49e392} - "F:\iLinker.exe"
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {b1a72d31-c31e-11e4-bf29-d43d7e49e392} - "H:\Startme.exe"
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {ff866d54-e0c0-11e2-becc-64700200442e} - "F:\Startme.exe"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-01-21]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-10-17]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{32555EBC-78AE-428C-9567-123AFA6C5EBC}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A7BC639E-AFAD-48C3-9CB3-880F67350971}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=18.7.0.147&pid=safeguard&sg=0&sap=hp
SearchScopes: HKU\S-1-5-21-2372322122-2752287089-2457871307-1001 -> {2315BCFE-CE4B-404E-A5DA-0C5C4272733F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-13] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-13] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
FireFox:
========
FF ProfilePath: C:\Users\bobek\AppData\Roaming\Mozilla\Firefox\Profiles\uxiru71v.default-1435505574115
FF SelectedSearchEngine: Amazon
FF Homepage: hxxps://www.google.cz/?gws_rd=ssl
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-12-11] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2372322122-2752287089-2457871307-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-12-11] (Pando Networks)
FF Plugin HKU\S-1-5-21-2372322122-2752287089-2457871307-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Extension: Firebug - C:\Users\bobek\AppData\Roaming\Mozilla\Firefox\Profiles\uxiru71v.default-1435505574115\Extensions\firebug@software.joehewitt.com.xpi [2015-07-28]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Thunderbird\Extensions: [myTalkey.Thunderbird@myTalkey.com] - C:\Program Files\myTalkey\extension
FF Extension: myTalkey.Thunderbird - C:\Program Files\myTalkey\extension [2015-10-15] [not signed]
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Profile 1 -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-16]
CHR Extension: (Dokumenty Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-16]
CHR Extension: (Disk Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-16]
CHR Extension: (YouTube) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-16]
CHR Extension: (Vyhledávání Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-16]
CHR Extension: (Tabulky Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-16]
CHR Extension: (Gmail) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-16]
CHR Profile: C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-27]
CHR Extension: (Dokumenty Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-27]
CHR Extension: (Disk Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-27]
CHR Extension: (YouTube) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-27]
CHR Extension: (Vyhledávání Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-27]
CHR Extension: (PanicButton) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2015-10-14]
CHR Extension: (Tabulky Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (AdBlock) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-27]
CHR Extension: (God is Love) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljmoefmiillanibjonlncaemnefahnea [2015-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-27]
CHR Extension: (Gmail) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR Profile: C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-14]
CHR Extension: (Dokumenty Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-14]
CHR Extension: (Disk Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-14]
CHR Extension: (YouTube) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (Vyhledávání Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-14]
CHR Extension: (Tabulky Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-14]
CHR Extension: (Gmail) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [146984 2012-07-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [136704 2012-06-29] (MSI) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3284008 2013-03-11] (NETGATE Technologies s.r.o.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TalkeyService; C:\Program Files\myTalkey\TalkeyService.exe [30472 2015-07-21] (myTALKEY s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32600 2013-09-17] ()
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-10-04] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rzp1endpt; C:\Windows\System32\drivers\rzp1endpt.sys [39080 2014-04-09] (Razer Inc)
R3 rzvmouse; C:\Windows\System32\drivers\rzvmouse.sys [31400 2014-04-09] (Razer Inc)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-10-17] ()
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-18 12:49 - 2015-10-18 12:49 - 00027952 _____ C:\Users\bobek\Desktop\FRST.txt
2015-10-18 12:47 - 2015-10-18 12:49 - 00000000 ____D C:\FRST
2015-10-18 12:45 - 2015-10-18 12:45 - 02196992 _____ (Farbar) C:\Users\bobek\Desktop\FRST64.exe
2015-10-17 18:00 - 2015-10-17 18:01 - 00049881 _____ C:\Users\bobek\Desktop\RSIT info1.txt
2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\rsit
2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\Program Files\trend micro
2015-10-17 16:11 - 2015-10-17 16:11 - 01222144 _____ C:\Users\bobek\Desktop\RSITx64.exe
2015-10-17 15:56 - 2015-10-17 15:56 - 00001137 _____ C:\Users\bobek\Desktop\lod mawar 5x.txt
2015-10-17 15:14 - 2015-10-17 16:16 - 00023754 _____ C:\Users\bobek\Desktop\adwcleaner 1x.txt
2015-10-17 14:58 - 2015-10-17 14:58 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-10-17 14:54 - 2015-10-17 14:56 - 00000000 ____D C:\AdwCleaner
2015-10-17 14:52 - 2015-10-17 14:52 - 01682432 _____ C:\Users\bobek\Desktop\adwcleaner_5.013.exe
2015-10-17 14:35 - 2015-10-17 14:35 - 00087198 _____ C:\Users\bobek\Desktop\jaky uzivatel je to cislo.dib
2015-10-17 14:31 - 2015-10-17 14:31 - 00085649 _____ C:\Users\bobek\Desktop\co to je.dib
2015-10-17 12:34 - 2015-10-17 12:34 - 00000000 ____D C:\Users\bobek\Downloads\programy
2015-10-17 12:34 - 2015-10-17 12:34 - 00000000 ____D C:\Users\bobek\Downloads\filmy
2015-10-17 12:15 - 2015-10-17 14:29 - 00000000 ____D C:\Users\bobek\Downloads\obrazky
2015-10-17 10:56 - 2015-10-17 10:56 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-17 10:56 - 2015-10-03 04:18 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-17 10:55 - 2015-10-17 10:55 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-17 10:54 - 2015-10-03 07:06 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 15716648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-17 10:54 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00879000 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00467912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00388024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-17 10:14 - 2015-10-17 10:14 - 00001139 _____ C:\Users\bobek\Desktop\lof mb2.txt
2015-10-17 01:35 - 2015-10-17 01:35 - 00000000 ____D C:\Users\bobek\Documents\Poznámkové bloky aplikace OneNote
2015-10-16 22:20 - 2015-10-18 12:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-16 22:20 - 2015-10-16 22:28 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-16 22:20 - 2015-10-16 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-16 22:20 - 2015-10-16 22:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-16 22:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-16 22:20 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-16 22:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-16 22:07 - 2015-10-16 22:08 - 00009804 _____ C:\Users\bobek\Desktop\Nový textový dokument.txt
2015-10-16 18:04 - 2015-10-16 18:04 - 00000278 _____ C:\Users\bobek\Desktop\Servisní Zpráva.txt
2015-10-16 15:07 - 2015-10-17 14:57 - 00005212 _____ C:\WINDOWS\PFRO.log
2015-10-16 15:07 - 2015-10-17 14:57 - 00002234 _____ C:\WINDOWS\setupact.log
2015-10-16 15:07 - 2015-10-16 15:07 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-16 10:50 - 2015-10-18 12:37 - 00350062 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-15 19:26 - 2015-10-15 19:26 - 00023612 _____ C:\Users\bobek\Desktop\white women.one
2015-10-15 15:31 - 2015-10-17 11:21 - 00000000 ____D C:\Users\bobek\AppData\Local\myTalkey
2015-10-15 15:31 - 2015-10-15 15:31 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Talkey
2015-10-15 15:31 - 2015-10-15 15:31 - 00000000 ____D C:\Program Files\myTalkey
2015-10-15 14:42 - 2015-10-15 14:42 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KEYFIND
2015-10-15 14:42 - 2015-10-15 14:42 - 00000000 ____D C:\Program Files (x86)\KEYFIND
2015-10-15 09:55 - 2015-10-15 09:55 - 00000000 ____D C:\Users\bobek\DownloadsSoubory ICQ
2015-10-14 22:00 - 2015-09-19 05:18 - 00035384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-10-14 22:00 - 2015-09-18 15:42 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 20:23 - 2015-10-14 20:24 - 00000000 ____D C:\Users\bobek\Desktop\ps
2015-10-14 17:38 - 2015-10-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KidLogger
2015-10-14 17:38 - 2015-10-14 17:38 - 00000000 ____D C:\Program Files (x86)\KidLogger
2015-10-14 16:38 - 2015-10-14 16:38 - 00000000 ____D C:\Users\bobek\Downloads\Battlefield Hardline [R.G. Games]
2015-10-14 16:08 - 2015-10-14 16:09 - 00000000 ____D C:\Users\bobek\Desktop\gt
2015-10-14 16:00 - 2015-10-15 16:07 - 00000000 ____D C:\Users\bobek\Desktop\ostat
2015-10-14 12:12 - 2015-08-27 04:43 - 22372152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 12:12 - 2015-08-27 04:42 - 19795904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 12:12 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-10-14 12:12 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-10-14 12:11 - 2015-09-29 14:31 - 07457624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 12:11 - 2015-09-29 14:31 - 01658536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 12:11 - 2015-09-29 14:31 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 12:11 - 2015-09-29 14:31 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 12:11 - 2015-09-29 14:31 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 12:11 - 2015-09-29 14:29 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-10-14 12:11 - 2015-09-28 20:45 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-14 12:11 - 2015-09-28 20:26 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-10-14 12:11 - 2015-09-28 20:25 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-10-14 12:11 - 2015-09-28 20:25 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-10-14 12:11 - 2015-09-28 20:25 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-10-14 12:11 - 2015-09-28 20:22 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-10-14 12:11 - 2015-09-28 20:22 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-10-14 12:11 - 2015-09-28 20:22 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-10-14 12:11 - 2015-09-28 20:15 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-10-14 12:11 - 2015-09-28 20:13 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-10-14 12:11 - 2015-09-28 20:12 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-10-14 12:11 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2015-10-14 12:11 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2015-10-14 12:11 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-10-14 12:11 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2015-10-14 12:11 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2015-10-14 12:11 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll
2015-10-14 12:10 - 2015-09-10 20:02 - 25851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-14 12:10 - 2015-09-10 19:19 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 12:10 - 2015-09-10 19:18 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-14 12:10 - 2015-09-10 19:18 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-10-14 12:10 - 2015-09-10 19:14 - 05990400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 12:10 - 2015-09-10 19:09 - 20358144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 12:10 - 2015-09-10 19:06 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-10-14 12:10 - 2015-09-10 19:04 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 12:10 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-10-14 12:10 - 2015-09-10 18:39 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 12:10 - 2015-09-10 18:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-10-14 12:10 - 2015-09-10 18:37 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-10-14 12:10 - 2015-09-10 18:35 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-10-14 12:10 - 2015-09-10 18:33 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-14 12:10 - 2015-09-10 18:28 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-10-14 12:10 - 2015-09-10 18:28 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-10-14 12:10 - 2015-09-10 18:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 12:10 - 2015-09-10 18:24 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 12:10 - 2015-09-10 18:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-10-14 12:10 - 2015-09-10 18:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-10-14 12:10 - 2015-09-10 18:19 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-10-14 12:10 - 2015-09-10 18:19 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-10-14 12:10 - 2015-09-10 18:17 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-10-14 12:10 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-10-14 12:10 - 2015-09-10 18:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-10-14 12:10 - 2015-09-10 18:05 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-10-14 12:10 - 2015-09-10 18:02 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 12:10 - 2015-09-10 18:01 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-10-14 12:10 - 2015-09-10 18:00 - 12853760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 12:10 - 2015-09-10 17:57 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-14 12:10 - 2015-09-10 17:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-10-14 12:10 - 2015-09-10 17:55 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-10-14 12:10 - 2015-09-10 17:55 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-10-14 12:10 - 2015-09-10 17:55 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-10-14 12:10 - 2015-09-10 17:45 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-14 12:10 - 2015-09-10 17:34 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-10-14 12:10 - 2015-09-10 17:31 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-14 12:10 - 2015-09-10 17:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-14 12:10 - 2015-09-10 17:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-10-13 21:14 - 2015-10-13 21:14 - 00001873 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk
2015-10-13 21:14 - 2015-10-13 21:14 - 00001337 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 6 FREE.lnk
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Ashampoo
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\Users\bobek\AppData\Local\ashampoo
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\ProgramData\Ashampoo
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2015-10-13 18:49 - 2015-10-13 18:49 - 00000017 _____ C:\Users\bobek\AppData\Local\resmon.resmoncfg
2015-10-12 14:21 - 2015-10-12 14:21 - 00001704 _____ C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2015-10-12 14:21 - 2015-10-12 14:21 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-10-12 14:19 - 2015-10-12 17:12 - 00000000 ____D C:\Users\bobek\AppData\Roaming\ICQM
2015-10-12 14:19 - 2015-10-12 14:23 - 00000000 ____D C:\Users\bobek\AppData\Roaming\ICQ-Profile
2015-10-12 11:36 - 2015-10-12 11:36 - 00001326 _____ C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk
2015-10-12 10:29 - 2015-10-13 15:48 - 00000000 ____D C:\Users\bobek\Desktop\ScriptHookV+spawn bodyguard
2015-10-11 16:43 - 2015-10-11 16:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-11 16:09 - 2015-10-11 16:09 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-10-11 14:56 - 2015-10-11 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA V
2015-10-11 14:03 - 2015-10-14 12:54 - 00000000 ____D C:\Program Files (x86)\GTA V
2015-10-02 18:48 - 2015-10-02 18:48 - 00000000 ____D C:\Users\bobek\Tracing
2015-10-02 18:47 - 2015-10-02 18:47 - 00000000 ____D C:\Users\bobek\AppData\Local\Skype
2015-10-02 18:46 - 2015-10-02 18:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-02 18:46 - 2015-10-02 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-29 09:47 - 2015-09-29 09:47 - 00000946 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-09-29 09:47 - 2015-09-29 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-09-29 09:47 - 2015-09-29 09:47 - 00000000 ____D C:\Program Files\CPUID
2015-09-28 19:19 - 2015-09-19 00:09 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-09-28 19:19 - 2015-09-19 00:09 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-09-28 19:19 - 2015-09-14 02:29 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435598.dll
2015-09-28 19:19 - 2015-09-14 02:29 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435598.dll
2015-09-28 19:19 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-09-28 19:19 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-18 12:48 - 2013-06-23 22:45 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Seznam.cz
2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-10-18 12:17 - 2013-12-03 11:58 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01BE3B13-6197-45C9-8863-F2527A000A6E}
2015-10-18 12:15 - 2013-02-15 17:57 - 00000000 ____D C:\Users\bobek\AppData\Local\Adobe
2015-10-18 12:14 - 2015-05-16 18:50 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08ff86462eee6.job
2015-10-18 12:14 - 2014-06-30 18:50 - 00000000 ____D C:\Users\Public\Windows
2015-10-18 12:14 - 2013-12-03 11:56 - 00000000 __RDO C:\Users\bobek\SkyDrive
2015-10-18 12:14 - 2013-02-08 13:17 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce05edef4190c9.job
2015-10-18 12:13 - 2013-05-09 22:18 - 00000476 _____ C:\WINDOWS\Tasks\RegCure Program Check.job
2015-10-18 12:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-17 23:00 - 2015-02-05 20:50 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04174a0a7efdb.job
2015-10-17 22:55 - 2014-11-12 21:50 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffeb1ee423f84.job
2015-10-17 22:55 - 2013-07-15 20:50 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce818c2c3e927f.job
2015-10-17 18:36 - 2013-02-11 18:37 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Winamp
2015-10-17 16:21 - 2013-02-01 03:30 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2372322122-2752287089-2457871307-1001
2015-10-17 14:58 - 2014-01-21 12:45 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-10-17 14:57 - 2013-12-03 11:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-17 14:57 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-17 14:57 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-17 14:56 - 2013-02-17 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta
2015-10-17 14:35 - 2013-02-01 14:29 - 00983552 ___SH C:\Users\bobek\Desktop\Thumbs.db
2015-10-17 14:27 - 2013-06-21 20:36 - 00000000 ____D C:\Users\bobek\AppData\Roaming\BitTorrent
2015-10-17 12:49 - 2013-06-23 22:45 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-10-17 11:34 - 2015-02-09 18:22 - 00000000 ___RD C:\Users\bobek\Desktop\BRUSHE
2015-10-17 11:04 - 2013-05-09 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-17 11:02 - 2014-01-21 13:48 - 00000000 ____D C:\Users\bobek\AppData\Local\CrashDumps
2015-10-17 10:56 - 2015-03-08 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-17 10:56 - 2013-12-03 11:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-17 10:16 - 2013-05-09 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-17 10:01 - 2013-02-11 18:39 - 00487936 ___SH C:\Users\bobek\Downloads\Thumbs.db
2015-10-16 22:53 - 2015-04-30 11:21 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-10-16 17:32 - 2013-08-22 16:44 - 05212304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-16 17:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-10-15 16:33 - 2015-09-15 09:02 - 00000000 ____D C:\Users\bobek\Desktop\codekit
2015-10-15 16:30 - 2015-06-02 20:41 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-15 16:30 - 2015-06-02 20:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-15 16:05 - 2015-02-08 17:02 - 00000000 ____D C:\Users\bobek\Desktop\cs_CZ
2015-10-15 15:37 - 2013-12-03 11:46 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-15 15:37 - 2013-09-30 05:56 - 00738682 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-15 15:37 - 2013-09-30 05:56 - 00151404 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-15 15:04 - 2013-02-19 14:46 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Skype
2015-10-15 10:21 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-10-15 10:21 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-15 09:55 - 2013-12-03 11:34 - 00000000 ____D C:\Users\bobek
2015-10-15 00:19 - 2014-12-11 21:45 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-15 00:19 - 2014-07-09 13:46 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-10-15 00:19 - 2014-06-30 19:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 00:19 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-10-15 00:13 - 2013-07-31 13:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 00:13 - 2013-02-01 11:11 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 20:26 - 2015-06-30 11:00 - 00000000 ____D C:\Users\bobek\AppData\Roaming\FileZilla
2015-10-14 16:18 - 2015-08-27 21:10 - 00000000 ____D C:\Users\bobek\Desktop\ad
2015-10-14 16:14 - 2014-02-27 20:17 - 00000079 _____ C:\Users\bobek\Desktop\Faith.ini
2015-10-14 16:09 - 2015-06-16 21:56 - 00000000 ____D C:\Users\bobek\Desktop\es
2015-10-13 21:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Cursors
2015-10-13 09:48 - 2015-09-12 11:58 - 00000000 ____D C:\Users\bobek\Desktop\web teplates
2015-10-12 11:36 - 2015-08-24 16:20 - 00000000 ____D C:\Users\bobek\AppData\Roaming\New Technology Studio
2015-10-12 11:31 - 2015-05-27 18:56 - 00000080 _____ C:\Users\bobek\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-10-11 16:09 - 2015-04-29 14:18 - 00000000 ____D C:\Program Files\Rockstar Games
2015-10-11 11:29 - 2015-08-03 09:31 - 00000000 ____D C:\Program Files (x86)\Hide My IP 6
2015-10-06 23:02 - 2015-04-04 10:50 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-10-06 22:01 - 2014-03-03 20:31 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-06 22:00 - 2013-12-03 11:28 - 00000000 ___DC C:\WINDOWS\Panther
2015-10-06 16:57 - 2015-04-04 10:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-10-04 10:23 - 2015-04-30 11:20 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-04 10:23 - 2015-04-30 11:20 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-04 10:22 - 2015-04-30 11:20 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-04 10:22 - 2015-04-30 11:20 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-03 07:06 - 2015-04-30 15:17 - 03154104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2013-10-27 10:12 - 17395512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 07:06 - 2013-10-27 10:12 - 12769408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2013-10-27 10:12 - 03573832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 07:06 - 2013-10-27 10:12 - 00033507 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 07:06 - 2013-02-01 03:22 - 00112944 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 07:06 - 2013-02-01 03:22 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 02982520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 04:49 - 2013-12-03 11:30 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-02 18:47 - 2013-02-19 14:46 - 00000000 ____D C:\ProgramData\Skype
2015-10-02 16:24 - 2014-08-19 08:46 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-02 16:24 - 2014-08-19 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-01 11:33 - 2013-12-03 11:30 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-28 22:25 - 2013-07-12 19:18 - 00000000 ____D C:\Users\bobek\AppData\Roaming\vlc
2015-09-25 17:53 - 2015-08-11 23:11 - 00001456 _____ C:\Users\bobek\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-09-24 19:57 - 2015-04-03 22:10 - 00000000 ____D C:\Users\bobek\Desktop\PATTERNS
2015-09-22 20:56 - 2015-06-30 11:00 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-09-22 20:56 - 2015-06-30 11:00 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-09-19 00:09 - 2015-02-20 02:18 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
==================== Files in the root of some directories =======
2013-06-21 21:12 - 2013-07-12 17:37 - 0000264 _____ () C:\Program Files\abc.ini
2014-03-02 19:37 - 2014-06-02 15:08 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-07-27 10:21 - 2015-07-27 10:21 - 7268370 _____ () C:\Program Files (x86)\wordpress-4.2.2-cs_CZ (1).zip
2013-05-15 13:07 - 2013-05-15 13:07 - 0000004 _____ () C:\Users\bobek\AppData\Roaming\steam_md5.dat
2015-04-25 23:20 - 2015-04-25 23:20 - 182564492 _____ () C:\Users\bobek\AppData\Local\ACCCx3_0_0_74.zip.aamdownload
2015-04-25 23:20 - 2015-04-25 23:20 - 0002194 _____ () C:\Users\bobek\AppData\Local\ACCCx3_0_0_74.zip.aamdownload.aamd
2015-08-11 23:11 - 2015-09-25 17:53 - 0001456 _____ () C:\Users\bobek\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-10-13 18:49 - 2015-10-13 18:49 - 0000017 _____ () C:\Users\bobek\AppData\Local\resmon.resmoncfg
Files to move or delete:
====================
C:\Users\bobek\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Public\AlexaNSISPlugin.956.dll
Some files in TEMP:
====================
C:\Users\bobek\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\bobek\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\bobek\AppData\Local\Temp\nvStInst.exe
C:\Users\bobek\AppData\Local\Temp\sqlite3.dll
C:\Users\bobek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-17 16:21
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-10-2015
Ran by bobek (administrator) on HOMEPC (18-10-2015 12:49:12)
Running from C:\Users\bobek\Desktop
Loaded Profiles: bobek (Available Profiles: bobek)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(myTALKEY s.r.o.) C:\Program Files\myTalkey\TalkeyService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
() C:\Program Files (x86)\Gaming Mouse\Monitor.EXE
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Program Files (x86)\Gaming Mouse\OSD.exe
() C:\Program Files (x86)\Gaming Mouse\Applets\CpuRam.exe
() C:\Program Files (x86)\Gaming Mouse\Applets\EmailPOP3.EXE
() C:\Program Files (x86)\Gaming Mouse\Applets\OSDSkype.exe
() C:\Program Files (x86)\Gaming Mouse\Applets\OSDMSN.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [Gaming Mouse Driver] => C:\Program Files (x86)\Gaming Mouse\Monitor.EXE [200704 2011-09-09] ()
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe Updater] => C:\ProgramData\adobe\color.vbs [105 2014-07-01] ()
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [495616 2012-07-27] (MSI)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-04-17] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3231032 2013-05-03] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [Windows] => C:\Users\Public\Windows\game.vbs [77 2014-06-30] ()
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [icq] => C:\Users\bobek\AppData\Roaming\ICQM\icq.exe [39738376 2015-10-12] (ICQ)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\RunOnce: [SeznamInstall-uninstall:a4b4b611b8852b04821f5278a4d460d7] => C:\Users\bobek\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-10-18] () <===== ATTENTION
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {1d619f46-3520-11e5-bf4c-d43d7e49e392} - "F:\iLinker.exe"
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {b1a72d31-c31e-11e4-bf29-d43d7e49e392} - "H:\Startme.exe"
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {ff866d54-e0c0-11e2-becc-64700200442e} - "F:\Startme.exe"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-01-21]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-10-17]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{32555EBC-78AE-428C-9567-123AFA6C5EBC}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A7BC639E-AFAD-48C3-9CB3-880F67350971}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=18.7.0.147&pid=safeguard&sg=0&sap=hp
SearchScopes: HKU\S-1-5-21-2372322122-2752287089-2457871307-1001 -> {2315BCFE-CE4B-404E-A5DA-0C5C4272733F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-13] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-13] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
FireFox:
========
FF ProfilePath: C:\Users\bobek\AppData\Roaming\Mozilla\Firefox\Profiles\uxiru71v.default-1435505574115
FF SelectedSearchEngine: Amazon
FF Homepage: hxxps://www.google.cz/?gws_rd=ssl
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-12-11] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2372322122-2752287089-2457871307-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-12-11] (Pando Networks)
FF Plugin HKU\S-1-5-21-2372322122-2752287089-2457871307-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Extension: Firebug - C:\Users\bobek\AppData\Roaming\Mozilla\Firefox\Profiles\uxiru71v.default-1435505574115\Extensions\firebug@software.joehewitt.com.xpi [2015-07-28]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Thunderbird\Extensions: [myTalkey.Thunderbird@myTalkey.com] - C:\Program Files\myTalkey\extension
FF Extension: myTalkey.Thunderbird - C:\Program Files\myTalkey\extension [2015-10-15] [not signed]
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Profile 1 -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-16]
CHR Extension: (Dokumenty Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-16]
CHR Extension: (Disk Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-16]
CHR Extension: (YouTube) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-16]
CHR Extension: (Vyhledávání Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-16]
CHR Extension: (Tabulky Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-16]
CHR Extension: (Gmail) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-16]
CHR Profile: C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-27]
CHR Extension: (Dokumenty Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-27]
CHR Extension: (Disk Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-27]
CHR Extension: (YouTube) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-27]
CHR Extension: (Vyhledávání Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-27]
CHR Extension: (PanicButton) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2015-10-14]
CHR Extension: (Tabulky Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (AdBlock) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-27]
CHR Extension: (God is Love) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljmoefmiillanibjonlncaemnefahnea [2015-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-27]
CHR Extension: (Gmail) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR Profile: C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-14]
CHR Extension: (Dokumenty Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-14]
CHR Extension: (Disk Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-14]
CHR Extension: (YouTube) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (Vyhledávání Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-14]
CHR Extension: (Tabulky Google) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-14]
CHR Extension: (Gmail) - C:\Users\bobek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [146984 2012-07-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [136704 2012-06-29] (MSI) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3284008 2013-03-11] (NETGATE Technologies s.r.o.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TalkeyService; C:\Program Files\myTalkey\TalkeyService.exe [30472 2015-07-21] (myTALKEY s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32600 2013-09-17] ()
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-10-04] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rzp1endpt; C:\Windows\System32\drivers\rzp1endpt.sys [39080 2014-04-09] (Razer Inc)
R3 rzvmouse; C:\Windows\System32\drivers\rzvmouse.sys [31400 2014-04-09] (Razer Inc)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-10-17] ()
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-18 12:49 - 2015-10-18 12:49 - 00027952 _____ C:\Users\bobek\Desktop\FRST.txt
2015-10-18 12:47 - 2015-10-18 12:49 - 00000000 ____D C:\FRST
2015-10-18 12:45 - 2015-10-18 12:45 - 02196992 _____ (Farbar) C:\Users\bobek\Desktop\FRST64.exe
2015-10-17 18:00 - 2015-10-17 18:01 - 00049881 _____ C:\Users\bobek\Desktop\RSIT info1.txt
2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\rsit
2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\Program Files\trend micro
2015-10-17 16:11 - 2015-10-17 16:11 - 01222144 _____ C:\Users\bobek\Desktop\RSITx64.exe
2015-10-17 15:56 - 2015-10-17 15:56 - 00001137 _____ C:\Users\bobek\Desktop\lod mawar 5x.txt
2015-10-17 15:14 - 2015-10-17 16:16 - 00023754 _____ C:\Users\bobek\Desktop\adwcleaner 1x.txt
2015-10-17 14:58 - 2015-10-17 14:58 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-10-17 14:54 - 2015-10-17 14:56 - 00000000 ____D C:\AdwCleaner
2015-10-17 14:52 - 2015-10-17 14:52 - 01682432 _____ C:\Users\bobek\Desktop\adwcleaner_5.013.exe
2015-10-17 14:35 - 2015-10-17 14:35 - 00087198 _____ C:\Users\bobek\Desktop\jaky uzivatel je to cislo.dib
2015-10-17 14:31 - 2015-10-17 14:31 - 00085649 _____ C:\Users\bobek\Desktop\co to je.dib
2015-10-17 12:34 - 2015-10-17 12:34 - 00000000 ____D C:\Users\bobek\Downloads\programy
2015-10-17 12:34 - 2015-10-17 12:34 - 00000000 ____D C:\Users\bobek\Downloads\filmy
2015-10-17 12:15 - 2015-10-17 14:29 - 00000000 ____D C:\Users\bobek\Downloads\obrazky
2015-10-17 10:56 - 2015-10-17 10:56 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-17 10:56 - 2015-10-03 04:18 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-17 10:55 - 2015-10-17 10:55 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-17 10:54 - 2015-10-03 07:06 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 15716648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-17 10:54 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00879000 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00467912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00388024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-17 10:54 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-17 10:14 - 2015-10-17 10:14 - 00001139 _____ C:\Users\bobek\Desktop\lof mb2.txt
2015-10-17 01:35 - 2015-10-17 01:35 - 00000000 ____D C:\Users\bobek\Documents\Poznámkové bloky aplikace OneNote
2015-10-16 22:20 - 2015-10-18 12:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-16 22:20 - 2015-10-16 22:28 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-16 22:20 - 2015-10-16 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-16 22:20 - 2015-10-16 22:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-16 22:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-16 22:20 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-16 22:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-16 22:07 - 2015-10-16 22:08 - 00009804 _____ C:\Users\bobek\Desktop\Nový textový dokument.txt
2015-10-16 18:04 - 2015-10-16 18:04 - 00000278 _____ C:\Users\bobek\Desktop\Servisní Zpráva.txt
2015-10-16 15:07 - 2015-10-17 14:57 - 00005212 _____ C:\WINDOWS\PFRO.log
2015-10-16 15:07 - 2015-10-17 14:57 - 00002234 _____ C:\WINDOWS\setupact.log
2015-10-16 15:07 - 2015-10-16 15:07 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-16 10:50 - 2015-10-18 12:37 - 00350062 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-15 19:26 - 2015-10-15 19:26 - 00023612 _____ C:\Users\bobek\Desktop\white women.one
2015-10-15 15:31 - 2015-10-17 11:21 - 00000000 ____D C:\Users\bobek\AppData\Local\myTalkey
2015-10-15 15:31 - 2015-10-15 15:31 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Talkey
2015-10-15 15:31 - 2015-10-15 15:31 - 00000000 ____D C:\Program Files\myTalkey
2015-10-15 14:42 - 2015-10-15 14:42 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KEYFIND
2015-10-15 14:42 - 2015-10-15 14:42 - 00000000 ____D C:\Program Files (x86)\KEYFIND
2015-10-15 09:55 - 2015-10-15 09:55 - 00000000 ____D C:\Users\bobek\DownloadsSoubory ICQ
2015-10-14 22:00 - 2015-09-19 05:18 - 00035384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-10-14 22:00 - 2015-09-18 15:42 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-10-14 22:00 - 2015-09-18 15:42 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 20:23 - 2015-10-14 20:24 - 00000000 ____D C:\Users\bobek\Desktop\ps
2015-10-14 17:38 - 2015-10-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KidLogger
2015-10-14 17:38 - 2015-10-14 17:38 - 00000000 ____D C:\Program Files (x86)\KidLogger
2015-10-14 16:38 - 2015-10-14 16:38 - 00000000 ____D C:\Users\bobek\Downloads\Battlefield Hardline [R.G. Games]
2015-10-14 16:08 - 2015-10-14 16:09 - 00000000 ____D C:\Users\bobek\Desktop\gt
2015-10-14 16:00 - 2015-10-15 16:07 - 00000000 ____D C:\Users\bobek\Desktop\ostat
2015-10-14 12:12 - 2015-08-27 04:43 - 22372152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 12:12 - 2015-08-27 04:42 - 19795904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 12:12 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-10-14 12:12 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-10-14 12:11 - 2015-09-29 14:31 - 07457624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 12:11 - 2015-09-29 14:31 - 01658536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 12:11 - 2015-09-29 14:31 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 12:11 - 2015-09-29 14:31 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 12:11 - 2015-09-29 14:31 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 12:11 - 2015-09-29 14:29 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-10-14 12:11 - 2015-09-28 20:45 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-14 12:11 - 2015-09-28 20:26 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-10-14 12:11 - 2015-09-28 20:25 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-10-14 12:11 - 2015-09-28 20:25 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-10-14 12:11 - 2015-09-28 20:25 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-10-14 12:11 - 2015-09-28 20:22 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-10-14 12:11 - 2015-09-28 20:22 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-10-14 12:11 - 2015-09-28 20:22 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-10-14 12:11 - 2015-09-28 20:15 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-10-14 12:11 - 2015-09-28 20:13 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-10-14 12:11 - 2015-09-28 20:12 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-10-14 12:11 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2015-10-14 12:11 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:11 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2015-10-14 12:11 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2015-10-14 12:11 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-10-14 12:11 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2015-10-14 12:11 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2015-10-14 12:11 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll
2015-10-14 12:10 - 2015-09-10 20:02 - 25851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-14 12:10 - 2015-09-10 19:19 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 12:10 - 2015-09-10 19:18 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-14 12:10 - 2015-09-10 19:18 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-10-14 12:10 - 2015-09-10 19:14 - 05990400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 12:10 - 2015-09-10 19:09 - 20358144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 12:10 - 2015-09-10 19:06 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-10-14 12:10 - 2015-09-10 19:04 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 12:10 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-10-14 12:10 - 2015-09-10 18:39 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 12:10 - 2015-09-10 18:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-10-14 12:10 - 2015-09-10 18:37 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-10-14 12:10 - 2015-09-10 18:35 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-10-14 12:10 - 2015-09-10 18:33 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-14 12:10 - 2015-09-10 18:28 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-10-14 12:10 - 2015-09-10 18:28 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-10-14 12:10 - 2015-09-10 18:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 12:10 - 2015-09-10 18:24 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 12:10 - 2015-09-10 18:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-10-14 12:10 - 2015-09-10 18:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-10-14 12:10 - 2015-09-10 18:19 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-10-14 12:10 - 2015-09-10 18:19 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-10-14 12:10 - 2015-09-10 18:17 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-10-14 12:10 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-10-14 12:10 - 2015-09-10 18:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-10-14 12:10 - 2015-09-10 18:05 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-10-14 12:10 - 2015-09-10 18:02 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 12:10 - 2015-09-10 18:01 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-10-14 12:10 - 2015-09-10 18:00 - 12853760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 12:10 - 2015-09-10 17:57 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-14 12:10 - 2015-09-10 17:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-10-14 12:10 - 2015-09-10 17:55 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-10-14 12:10 - 2015-09-10 17:55 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-10-14 12:10 - 2015-09-10 17:55 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-10-14 12:10 - 2015-09-10 17:45 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-14 12:10 - 2015-09-10 17:34 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-10-14 12:10 - 2015-09-10 17:31 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-14 12:10 - 2015-09-10 17:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-14 12:10 - 2015-09-10 17:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-10-13 21:14 - 2015-10-13 21:14 - 00001873 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk
2015-10-13 21:14 - 2015-10-13 21:14 - 00001337 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 6 FREE.lnk
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Ashampoo
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\Users\bobek\AppData\Local\ashampoo
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\ProgramData\Ashampoo
2015-10-13 21:14 - 2015-10-13 21:14 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2015-10-13 18:49 - 2015-10-13 18:49 - 00000017 _____ C:\Users\bobek\AppData\Local\resmon.resmoncfg
2015-10-12 14:21 - 2015-10-12 14:21 - 00001704 _____ C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2015-10-12 14:21 - 2015-10-12 14:21 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-10-12 14:19 - 2015-10-12 17:12 - 00000000 ____D C:\Users\bobek\AppData\Roaming\ICQM
2015-10-12 14:19 - 2015-10-12 14:23 - 00000000 ____D C:\Users\bobek\AppData\Roaming\ICQ-Profile
2015-10-12 11:36 - 2015-10-12 11:36 - 00001326 _____ C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk
2015-10-12 10:29 - 2015-10-13 15:48 - 00000000 ____D C:\Users\bobek\Desktop\ScriptHookV+spawn bodyguard
2015-10-11 16:43 - 2015-10-11 16:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-11 16:09 - 2015-10-11 16:09 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-10-11 14:56 - 2015-10-11 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA V
2015-10-11 14:03 - 2015-10-14 12:54 - 00000000 ____D C:\Program Files (x86)\GTA V
2015-10-02 18:48 - 2015-10-02 18:48 - 00000000 ____D C:\Users\bobek\Tracing
2015-10-02 18:47 - 2015-10-02 18:47 - 00000000 ____D C:\Users\bobek\AppData\Local\Skype
2015-10-02 18:46 - 2015-10-02 18:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-02 18:46 - 2015-10-02 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-29 09:47 - 2015-09-29 09:47 - 00000946 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-09-29 09:47 - 2015-09-29 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-09-29 09:47 - 2015-09-29 09:47 - 00000000 ____D C:\Program Files\CPUID
2015-09-28 19:19 - 2015-09-19 00:09 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-09-28 19:19 - 2015-09-19 00:09 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-09-28 19:19 - 2015-09-14 02:29 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435598.dll
2015-09-28 19:19 - 2015-09-14 02:29 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435598.dll
2015-09-28 19:19 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-09-28 19:19 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-18 12:48 - 2013-06-23 22:45 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Seznam.cz
2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-10-18 12:17 - 2013-12-03 11:58 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01BE3B13-6197-45C9-8863-F2527A000A6E}
2015-10-18 12:15 - 2013-02-15 17:57 - 00000000 ____D C:\Users\bobek\AppData\Local\Adobe
2015-10-18 12:14 - 2015-05-16 18:50 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08ff86462eee6.job
2015-10-18 12:14 - 2014-06-30 18:50 - 00000000 ____D C:\Users\Public\Windows
2015-10-18 12:14 - 2013-12-03 11:56 - 00000000 __RDO C:\Users\bobek\SkyDrive
2015-10-18 12:14 - 2013-02-08 13:17 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce05edef4190c9.job
2015-10-18 12:13 - 2013-05-09 22:18 - 00000476 _____ C:\WINDOWS\Tasks\RegCure Program Check.job
2015-10-18 12:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-17 23:00 - 2015-02-05 20:50 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04174a0a7efdb.job
2015-10-17 22:55 - 2014-11-12 21:50 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffeb1ee423f84.job
2015-10-17 22:55 - 2013-07-15 20:50 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce818c2c3e927f.job
2015-10-17 18:36 - 2013-02-11 18:37 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Winamp
2015-10-17 16:21 - 2013-02-01 03:30 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2372322122-2752287089-2457871307-1001
2015-10-17 14:58 - 2014-01-21 12:45 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-10-17 14:57 - 2013-12-03 11:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-17 14:57 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-17 14:57 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-17 14:56 - 2013-02-17 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta
2015-10-17 14:35 - 2013-02-01 14:29 - 00983552 ___SH C:\Users\bobek\Desktop\Thumbs.db
2015-10-17 14:27 - 2013-06-21 20:36 - 00000000 ____D C:\Users\bobek\AppData\Roaming\BitTorrent
2015-10-17 12:49 - 2013-06-23 22:45 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-10-17 11:34 - 2015-02-09 18:22 - 00000000 ___RD C:\Users\bobek\Desktop\BRUSHE
2015-10-17 11:04 - 2013-05-09 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-17 11:02 - 2014-01-21 13:48 - 00000000 ____D C:\Users\bobek\AppData\Local\CrashDumps
2015-10-17 10:56 - 2015-03-08 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-17 10:56 - 2013-12-03 11:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-17 10:16 - 2013-05-09 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-17 10:01 - 2013-02-11 18:39 - 00487936 ___SH C:\Users\bobek\Downloads\Thumbs.db
2015-10-16 22:53 - 2015-04-30 11:21 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-10-16 17:32 - 2013-08-22 16:44 - 05212304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-16 17:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-10-15 16:33 - 2015-09-15 09:02 - 00000000 ____D C:\Users\bobek\Desktop\codekit
2015-10-15 16:30 - 2015-06-02 20:41 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-15 16:30 - 2015-06-02 20:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-15 16:05 - 2015-02-08 17:02 - 00000000 ____D C:\Users\bobek\Desktop\cs_CZ
2015-10-15 15:37 - 2013-12-03 11:46 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-15 15:37 - 2013-09-30 05:56 - 00738682 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-15 15:37 - 2013-09-30 05:56 - 00151404 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-15 15:04 - 2013-02-19 14:46 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Skype
2015-10-15 10:21 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-10-15 10:21 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-15 09:55 - 2013-12-03 11:34 - 00000000 ____D C:\Users\bobek
2015-10-15 00:19 - 2014-12-11 21:45 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-15 00:19 - 2014-07-09 13:46 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-10-15 00:19 - 2014-06-30 19:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 00:19 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-10-15 00:13 - 2013-07-31 13:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 00:13 - 2013-02-01 11:11 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 20:26 - 2015-06-30 11:00 - 00000000 ____D C:\Users\bobek\AppData\Roaming\FileZilla
2015-10-14 16:18 - 2015-08-27 21:10 - 00000000 ____D C:\Users\bobek\Desktop\ad
2015-10-14 16:14 - 2014-02-27 20:17 - 00000079 _____ C:\Users\bobek\Desktop\Faith.ini
2015-10-14 16:09 - 2015-06-16 21:56 - 00000000 ____D C:\Users\bobek\Desktop\es
2015-10-13 21:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Cursors
2015-10-13 09:48 - 2015-09-12 11:58 - 00000000 ____D C:\Users\bobek\Desktop\web teplates
2015-10-12 11:36 - 2015-08-24 16:20 - 00000000 ____D C:\Users\bobek\AppData\Roaming\New Technology Studio
2015-10-12 11:31 - 2015-05-27 18:56 - 00000080 _____ C:\Users\bobek\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-10-11 16:09 - 2015-04-29 14:18 - 00000000 ____D C:\Program Files\Rockstar Games
2015-10-11 11:29 - 2015-08-03 09:31 - 00000000 ____D C:\Program Files (x86)\Hide My IP 6
2015-10-06 23:02 - 2015-04-04 10:50 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-10-06 22:01 - 2014-03-03 20:31 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-06 22:00 - 2013-12-03 11:28 - 00000000 ___DC C:\WINDOWS\Panther
2015-10-06 16:57 - 2015-04-04 10:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-10-04 10:23 - 2015-04-30 11:20 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-04 10:23 - 2015-04-30 11:20 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-04 10:22 - 2015-04-30 11:20 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-04 10:22 - 2015-04-30 11:20 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-03 07:06 - 2015-04-30 15:17 - 03154104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2013-10-27 10:12 - 17395512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 07:06 - 2013-10-27 10:12 - 12769408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2013-10-27 10:12 - 03573832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 07:06 - 2013-10-27 10:12 - 00033507 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 07:06 - 2013-02-01 03:22 - 00112944 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 07:06 - 2013-02-01 03:22 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 02982520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 04:49 - 2013-12-03 11:30 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 04:49 - 2013-12-03 11:30 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-02 18:47 - 2013-02-19 14:46 - 00000000 ____D C:\ProgramData\Skype
2015-10-02 16:24 - 2014-08-19 08:46 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-02 16:24 - 2014-08-19 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-01 11:33 - 2013-12-03 11:30 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-28 22:25 - 2013-07-12 19:18 - 00000000 ____D C:\Users\bobek\AppData\Roaming\vlc
2015-09-25 17:53 - 2015-08-11 23:11 - 00001456 _____ C:\Users\bobek\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-09-24 19:57 - 2015-04-03 22:10 - 00000000 ____D C:\Users\bobek\Desktop\PATTERNS
2015-09-22 20:56 - 2015-06-30 11:00 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-09-22 20:56 - 2015-06-30 11:00 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-09-19 00:09 - 2015-02-20 02:18 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
==================== Files in the root of some directories =======
2013-06-21 21:12 - 2013-07-12 17:37 - 0000264 _____ () C:\Program Files\abc.ini
2014-03-02 19:37 - 2014-06-02 15:08 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-07-27 10:21 - 2015-07-27 10:21 - 7268370 _____ () C:\Program Files (x86)\wordpress-4.2.2-cs_CZ (1).zip
2013-05-15 13:07 - 2013-05-15 13:07 - 0000004 _____ () C:\Users\bobek\AppData\Roaming\steam_md5.dat
2015-04-25 23:20 - 2015-04-25 23:20 - 182564492 _____ () C:\Users\bobek\AppData\Local\ACCCx3_0_0_74.zip.aamdownload
2015-04-25 23:20 - 2015-04-25 23:20 - 0002194 _____ () C:\Users\bobek\AppData\Local\ACCCx3_0_0_74.zip.aamdownload.aamd
2015-08-11 23:11 - 2015-09-25 17:53 - 0001456 _____ () C:\Users\bobek\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-10-13 18:49 - 2015-10-13 18:49 - 0000017 _____ () C:\Users\bobek\AppData\Local\resmon.resmoncfg
Files to move or delete:
====================
C:\Users\bobek\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Public\AlexaNSISPlugin.956.dll
Some files in TEMP:
====================
C:\Users\bobek\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\bobek\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\bobek\AppData\Local\Temp\nvStInst.exe
C:\Users\bobek\AppData\Local\Temp\sqlite3.dll
C:\Users\bobek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-17 16:21
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (10.29 KiB) Staženo 59 x
Re: Prosím také o kontrolu
Odinstalujte starou a zranitelnou verzi javy. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit. Verze Javy, ktere v PC mate nainstalovane:- Java 8 Update 40
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: File: C:\Users\Public\AlexaNSISPlugin.956.dll File: C:\Users\bobek\AppData\Roaming\steam_md5.dat File: C:\ProgramData\adobe\color.vbs C:\ProgramData\adobe\color.vbs File: C:\Users\Public\Windows\game.vbs C:\Users\Public\Windows\game.vbs HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Updater] => C:\ProgramData\adobe\color.vbs [105 2014-07-01] () HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated) HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd) HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [Windows] => C:\Users\Public\Windows\game.vbs [77 2014-06-30] () HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\RunOnce: [SeznamInstall-uninstall:a4b4b611b8852b04821f5278a4d460d7] => C:\Users\bobek\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-10-18] () <===== ATTENTION HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {1d619f46-3520-11e5-bf4c-d43d7e49e392} - "F:\iLinker.exe" HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {b1a72d31-c31e-11e4-bf29-d43d7e49e392} - "H:\Startme.exe" HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {ff866d54-e0c0-11e2-becc-64700200442e} - "F:\Startme.exe" AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => No File CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=18.7.0.147&pid=safeguard&sg=0&sap=hp FF SelectedSearchEngine: Amazon CHR HomePage: Profile 1 -> hxxp://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=17.3.1.204&pid=safeguard&sg=0&sap=hp S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S3 MSICDSetup; \??\D:\CDriver64.sys [X] 2015-10-18 12:49 - 2015-10-18 12:49 - 00027952 _____ C:\Users\bobek\Desktop\FRST.txt 2015-10-17 18:00 - 2015-10-17 18:01 - 00049881 _____ C:\Users\bobek\Desktop\RSIT info1.txt 2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\rsit 2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\Program Files\trend micro 2015-10-17 16:11 - 2015-10-17 16:11 - 01222144 _____ C:\Users\bobek\Desktop\RSITx64.exe 2015-10-17 15:14 - 2015-10-17 16:16 - 00023754 _____ C:\Users\bobek\Desktop\adwcleaner 1x.txt 2015-10-17 14:54 - 2015-10-17 14:56 - 00000000 ____D C:\AdwCleaner 2015-10-17 14:52 - 2015-10-17 14:52 - 01682432 _____ C:\Users\bobek\Desktop\adwcleaner_5.013.exe 2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Seznam.cz 2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Program Files (x86)\Seznam.cz Task: {08F18F84-D3EF-4269-9D44-431AC0D4D269} - \RegClean Pro_DEFAULT -> No File <==== ATTENTION Task: {64042889-7F6A-4C93-9DB7-A45B4C5DD950} - System32\Tasks\{F81E82EF-80C0-4329-8E81-80108E58FBFA} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Task: {A6CF7880-B06E-43BC-9B94-EE5D89EB01E8} - System32\Tasks\AVG_SYS_TASK_0415tb_DELETE => C:\ProgramData\Avg_Update_0415tb\AVG-Secure-Search-Update_0415tb.exe Task: {DA5F6EA1-1D29-4AE7-B2F0-93877E35E4AF} - System32\Tasks\0414cUpdateInfo => C:\ProgramData\Avg_Update_0414c\0414c_{06E50644-99D2-4ADB-95A6-AA3F66D871C6}.exe [2014-05-31] () Task: {FF5E52C7-18A2-46C2-9E56-5CCCCA9797A2} - System32\Tasks\{DA27F5DF-AD61-47C4-9860-860CE37ED381} => pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" -c uninstall_game -autologging Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce05edef4190c9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08ff86462eee6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce818c2c3e927f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffeb1ee423f84.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04174a0a7efdb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\RegCure Program Check.job Task: C:\WINDOWS\Tasks\RegCure.job Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím také o kontrolu
díky za rady, posílám log
Fix result of Farbar Recovery Scan Tool (x64) Version:17-10-2015
Ran by bobek (2015-10-18 23:56:22) Run:1
Running from C:\Users\bobek\Desktop
Loaded Profiles: bobek (Available Profiles: bobek)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Public\AlexaNSISPlugin.956.dll
File: C:\Users\bobek\AppData\Roaming\steam_md5.dat
File: C:\ProgramData\adobe\color.vbs
C:\ProgramData\adobe\color.vbs
File: C:\Users\Public\Windows\game.vbs
C:\Users\Public\Windows\game.vbs
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Updater] => C:\ProgramData\adobe\color.vbs [105 2014-07-01] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [Windows] => C:\Users\Public\Windows\game.vbs [77 2014-06-30] ()
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\RunOnce: [SeznamInstall-uninstall:a4b4b611b8852b04821f5278a4d460d7] => C:\Users\bobek\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-10-18] () <===== ATTENTION
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {1d619f46-3520-11e5-bf4c-d43d7e49e392} - "F:\iLinker.exe"
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {b1a72d31-c31e-11e4-bf29-d43d7e49e392} - "H:\Startme.exe"
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {ff866d54-e0c0-11e2-becc-64700200442e} - "F:\Startme.exe"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=18.7.0.147&pid=safeguard&sg=0&sap=hp
FF SelectedSearchEngine: Amazon
CHR HomePage: Profile 1 -> hxxp://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
2015-10-18 12:49 - 2015-10-18 12:49 - 00027952 _____ C:\Users\bobek\Desktop\FRST.txt
2015-10-17 18:00 - 2015-10-17 18:01 - 00049881 _____ C:\Users\bobek\Desktop\RSIT info1.txt
2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\rsit
2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\Program Files\trend micro
2015-10-17 16:11 - 2015-10-17 16:11 - 01222144 _____ C:\Users\bobek\Desktop\RSITx64.exe
2015-10-17 15:14 - 2015-10-17 16:16 - 00023754 _____ C:\Users\bobek\Desktop\adwcleaner 1x.txt
2015-10-17 14:54 - 2015-10-17 14:56 - 00000000 ____D C:\AdwCleaner
2015-10-17 14:52 - 2015-10-17 14:52 - 01682432 _____ C:\Users\bobek\Desktop\adwcleaner_5.013.exe
2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Seznam.cz
2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
Task: {08F18F84-D3EF-4269-9D44-431AC0D4D269} - \RegClean Pro_DEFAULT -> No File <==== ATTENTION
Task: {64042889-7F6A-4C93-9DB7-A45B4C5DD950} - System32\Tasks\{F81E82EF-80C0-4329-8E81-80108E58FBFA} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A6CF7880-B06E-43BC-9B94-EE5D89EB01E8} - System32\Tasks\AVG_SYS_TASK_0415tb_DELETE => C:\ProgramData\Avg_Update_0415tb\AVG-Secure-Search-Update_0415tb.exe
Task: {DA5F6EA1-1D29-4AE7-B2F0-93877E35E4AF} - System32\Tasks\0414cUpdateInfo => C:\ProgramData\Avg_Update_0414c\0414c_{06E50644-99D2-4ADB-95A6-AA3F66D871C6}.exe [2014-05-31] ()
Task: {FF5E52C7-18A2-46C2-9E56-5CCCCA9797A2} - System32\Tasks\{DA27F5DF-AD61-47C4-9860-860CE37ED381} => pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" -c uninstall_game -autologging
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce05edef4190c9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08ff86462eee6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce818c2c3e927f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffeb1ee423f84.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04174a0a7efdb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RegCure Program Check.job
Task: C:\WINDOWS\Tasks\RegCure.job
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\Users\Public\AlexaNSISPlugin.956.dll ========================
File not signed
MD5: 7E9181251A33F1CF894B35B1D9B12F39
Creation and modification date: 2013-05-09 22:29 - 2013-05-09 22:29
Size: 0129536
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\bobek\AppData\Roaming\steam_md5.dat ========================
File not signed
MD5: 23098189FB1F0240CD11F0A66C525357
Creation and modification date: 2013-05-15 13:07 - 2013-05-15 13:07
Size: 0000004
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\ProgramData\adobe\color.vbs ========================
File not signed
MD5: B1AB708FD7EBE85D13DDEB78F5F1B4A3
Creation and modification date: 2013-12-11 19:06 - 2014-07-01 12:02
Size: 0000105
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
C:\ProgramData\adobe\color.vbs => moved successfully
========================= File: C:\Users\Public\Windows\game.vbs ========================
File not signed
MD5: 5803EA8AE02723622968E66ECC0D45C0
Creation and modification date: 2014-06-30 18:50 - 2014-06-30 11:54
Size: 0000077
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
C:\Users\Public\Windows\game.vbs => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Updater => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCEPServiceManager => value removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Windows => value removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:a4b4b611b8852b04821f5278a4d460d7 => value not found.
"HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d619f46-3520-11e5-bf4c-d43d7e49e392}" => key removed successfully
HKCR\CLSID\{1d619f46-3520-11e5-bf4c-d43d7e49e392} => key not found.
"HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1a72d31-c31e-11e4-bf29-d43d7e49e392}" => key removed successfully
HKCR\CLSID\{b1a72d31-c31e-11e4-bf29-d43d7e49e392} => key not found.
"HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff866d54-e0c0-11e2-becc-64700200442e}" => key removed successfully
HKCR\CLSID\{ff866d54-e0c0-11e2-becc-64700200442e} => key not found.
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL" => Value data removed successfully.
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" => Value data removed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Firefox SelectedSearchEngine removed successfully
Chrome HomePage => removed successfully
NTIOLib_1_0_C => service removed successfully
MSICDSetup => service removed successfully
C:\Users\bobek\Desktop\FRST.txt => moved successfully
C:\Users\bobek\Desktop\RSIT info1.txt => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\bobek\Desktop\RSITx64.exe => moved successfully
C:\Users\bobek\Desktop\adwcleaner 1x.txt => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\bobek\Desktop\adwcleaner_5.013.exe => moved successfully
C:\Users\bobek\AppData\Roaming\Seznam.cz => moved successfully
C:\Program Files (x86)\Seznam.cz => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08F18F84-D3EF-4269-9D44-431AC0D4D269}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08F18F84-D3EF-4269-9D44-431AC0D4D269}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64042889-7F6A-4C93-9DB7-A45B4C5DD950}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64042889-7F6A-4C93-9DB7-A45B4C5DD950}" => key removed successfully
C:\WINDOWS\System32\Tasks\{F81E82EF-80C0-4329-8E81-80108E58FBFA} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F81E82EF-80C0-4329-8E81-80108E58FBFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6CF7880-B06E-43BC-9B94-EE5D89EB01E8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6CF7880-B06E-43BC-9B94-EE5D89EB01E8}" => key removed successfully
C:\WINDOWS\System32\Tasks\AVG_SYS_TASK_0415tb_DELETE => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG_SYS_TASK_0415tb_DELETE" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA5F6EA1-1D29-4AE7-B2F0-93877E35E4AF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA5F6EA1-1D29-4AE7-B2F0-93877E35E4AF}" => key removed successfully
C:\WINDOWS\System32\Tasks\0414cUpdateInfo => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0414cUpdateInfo" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF5E52C7-18A2-46C2-9E56-5CCCCA9797A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF5E52C7-18A2-46C2-9E56-5CCCCA9797A2}" => key removed successfully
C:\WINDOWS\System32\Tasks\{DA27F5DF-AD61-47C4-9860-860CE37ED381} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA27F5DF-AD61-47C4-9860-860CE37ED381}" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce05edef4190c9.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08ff86462eee6.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce818c2c3e927f.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffeb1ee423f84.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04174a0a7efdb.job => moved successfully
Task: C:\WINDOWS\Tasks\RegCure Program Check.job => not found.
Task: C:\WINDOWS\Tasks\RegCure.job => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 816 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 23:57:17 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:17-10-2015
Ran by bobek (2015-10-18 23:56:22) Run:1
Running from C:\Users\bobek\Desktop
Loaded Profiles: bobek (Available Profiles: bobek)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Public\AlexaNSISPlugin.956.dll
File: C:\Users\bobek\AppData\Roaming\steam_md5.dat
File: C:\ProgramData\adobe\color.vbs
C:\ProgramData\adobe\color.vbs
File: C:\Users\Public\Windows\game.vbs
C:\Users\Public\Windows\game.vbs
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Updater] => C:\ProgramData\adobe\color.vbs [105 2014-07-01] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\Run: [Windows] => C:\Users\Public\Windows\game.vbs [77 2014-06-30] ()
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\RunOnce: [SeznamInstall-uninstall:a4b4b611b8852b04821f5278a4d460d7] => C:\Users\bobek\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-10-18] () <===== ATTENTION
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {1d619f46-3520-11e5-bf4c-d43d7e49e392} - "F:\iLinker.exe"
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {b1a72d31-c31e-11e4-bf29-d43d7e49e392} - "H:\Startme.exe"
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\...\MountPoints2: {ff866d54-e0c0-11e2-becc-64700200442e} - "F:\Startme.exe"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=18.7.0.147&pid=safeguard&sg=0&sap=hp
FF SelectedSearchEngine: Amazon
CHR HomePage: Profile 1 -> hxxp://mysearch.avg.com?cid={5D9AABD0-0A44-49DB-97A2-574076C90931}&mid=8ccf6f33aa7847d39dc8057438ad0a61-3357036405b722ced3d2384417526b7da54f0664&lang=en&ds=co011&coid=avgtbdisco&cmpid=&pr=sa&d=2014-02-05 12:30:41&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
2015-10-18 12:49 - 2015-10-18 12:49 - 00027952 _____ C:\Users\bobek\Desktop\FRST.txt
2015-10-17 18:00 - 2015-10-17 18:01 - 00049881 _____ C:\Users\bobek\Desktop\RSIT info1.txt
2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\rsit
2015-10-17 16:17 - 2015-10-17 16:17 - 00000000 ____D C:\Program Files\trend micro
2015-10-17 16:11 - 2015-10-17 16:11 - 01222144 _____ C:\Users\bobek\Desktop\RSITx64.exe
2015-10-17 15:14 - 2015-10-17 16:16 - 00023754 _____ C:\Users\bobek\Desktop\adwcleaner 1x.txt
2015-10-17 14:54 - 2015-10-17 14:56 - 00000000 ____D C:\AdwCleaner
2015-10-17 14:52 - 2015-10-17 14:52 - 01682432 _____ C:\Users\bobek\Desktop\adwcleaner_5.013.exe
2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Users\bobek\AppData\Roaming\Seznam.cz
2015-10-18 12:22 - 2013-10-04 19:37 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
Task: {08F18F84-D3EF-4269-9D44-431AC0D4D269} - \RegClean Pro_DEFAULT -> No File <==== ATTENTION
Task: {64042889-7F6A-4C93-9DB7-A45B4C5DD950} - System32\Tasks\{F81E82EF-80C0-4329-8E81-80108E58FBFA} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A6CF7880-B06E-43BC-9B94-EE5D89EB01E8} - System32\Tasks\AVG_SYS_TASK_0415tb_DELETE => C:\ProgramData\Avg_Update_0415tb\AVG-Secure-Search-Update_0415tb.exe
Task: {DA5F6EA1-1D29-4AE7-B2F0-93877E35E4AF} - System32\Tasks\0414cUpdateInfo => C:\ProgramData\Avg_Update_0414c\0414c_{06E50644-99D2-4ADB-95A6-AA3F66D871C6}.exe [2014-05-31] ()
Task: {FF5E52C7-18A2-46C2-9E56-5CCCCA9797A2} - System32\Tasks\{DA27F5DF-AD61-47C4-9860-860CE37ED381} => pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" -c uninstall_game -autologging
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce05edef4190c9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08ff86462eee6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce818c2c3e927f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffeb1ee423f84.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04174a0a7efdb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RegCure Program Check.job
Task: C:\WINDOWS\Tasks\RegCure.job
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\Users\Public\AlexaNSISPlugin.956.dll ========================
File not signed
MD5: 7E9181251A33F1CF894B35B1D9B12F39
Creation and modification date: 2013-05-09 22:29 - 2013-05-09 22:29
Size: 0129536
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\bobek\AppData\Roaming\steam_md5.dat ========================
File not signed
MD5: 23098189FB1F0240CD11F0A66C525357
Creation and modification date: 2013-05-15 13:07 - 2013-05-15 13:07
Size: 0000004
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\ProgramData\adobe\color.vbs ========================
File not signed
MD5: B1AB708FD7EBE85D13DDEB78F5F1B4A3
Creation and modification date: 2013-12-11 19:06 - 2014-07-01 12:02
Size: 0000105
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
C:\ProgramData\adobe\color.vbs => moved successfully
========================= File: C:\Users\Public\Windows\game.vbs ========================
File not signed
MD5: 5803EA8AE02723622968E66ECC0D45C0
Creation and modification date: 2014-06-30 18:50 - 2014-06-30 11:54
Size: 0000077
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
C:\Users\Public\Windows\game.vbs => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Updater => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCEPServiceManager => value removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Windows => value removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:a4b4b611b8852b04821f5278a4d460d7 => value not found.
"HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d619f46-3520-11e5-bf4c-d43d7e49e392}" => key removed successfully
HKCR\CLSID\{1d619f46-3520-11e5-bf4c-d43d7e49e392} => key not found.
"HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1a72d31-c31e-11e4-bf29-d43d7e49e392}" => key removed successfully
HKCR\CLSID\{b1a72d31-c31e-11e4-bf29-d43d7e49e392} => key not found.
"HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff866d54-e0c0-11e2-becc-64700200442e}" => key removed successfully
HKCR\CLSID\{ff866d54-e0c0-11e2-becc-64700200442e} => key not found.
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL" => Value data removed successfully.
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" => Value data removed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-2372322122-2752287089-2457871307-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Firefox SelectedSearchEngine removed successfully
Chrome HomePage => removed successfully
NTIOLib_1_0_C => service removed successfully
MSICDSetup => service removed successfully
C:\Users\bobek\Desktop\FRST.txt => moved successfully
C:\Users\bobek\Desktop\RSIT info1.txt => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\bobek\Desktop\RSITx64.exe => moved successfully
C:\Users\bobek\Desktop\adwcleaner 1x.txt => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\bobek\Desktop\adwcleaner_5.013.exe => moved successfully
C:\Users\bobek\AppData\Roaming\Seznam.cz => moved successfully
C:\Program Files (x86)\Seznam.cz => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08F18F84-D3EF-4269-9D44-431AC0D4D269}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08F18F84-D3EF-4269-9D44-431AC0D4D269}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64042889-7F6A-4C93-9DB7-A45B4C5DD950}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64042889-7F6A-4C93-9DB7-A45B4C5DD950}" => key removed successfully
C:\WINDOWS\System32\Tasks\{F81E82EF-80C0-4329-8E81-80108E58FBFA} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F81E82EF-80C0-4329-8E81-80108E58FBFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6CF7880-B06E-43BC-9B94-EE5D89EB01E8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6CF7880-B06E-43BC-9B94-EE5D89EB01E8}" => key removed successfully
C:\WINDOWS\System32\Tasks\AVG_SYS_TASK_0415tb_DELETE => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG_SYS_TASK_0415tb_DELETE" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA5F6EA1-1D29-4AE7-B2F0-93877E35E4AF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA5F6EA1-1D29-4AE7-B2F0-93877E35E4AF}" => key removed successfully
C:\WINDOWS\System32\Tasks\0414cUpdateInfo => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0414cUpdateInfo" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF5E52C7-18A2-46C2-9E56-5CCCCA9797A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF5E52C7-18A2-46C2-9E56-5CCCCA9797A2}" => key removed successfully
C:\WINDOWS\System32\Tasks\{DA27F5DF-AD61-47C4-9860-860CE37ED381} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA27F5DF-AD61-47C4-9860-860CE37ED381}" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce05edef4190c9.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08ff86462eee6.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce818c2c3e927f.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cffeb1ee423f84.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04174a0a7efdb.job => moved successfully
Task: C:\WINDOWS\Tasks\RegCure Program Check.job => not found.
Task: C:\WINDOWS\Tasks\RegCure.job => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 816 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 23:57:17 ====
Re: Prosím také o kontrolu
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?