HiJackThis

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
mople71
Level 3.5
Level 3.5
Příspěvky: 662
Registrován: listopad 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod mople71 » 21 dub 2015 19:34

Stáhni si prosím FRST: http://www.bleepingcomputer.com/downloa ... ool/dl/81/

Ulož na Plochu, spusť jako Správce, potvrď licenci a klikni na tlačítko Scan. Vše ponech v základním nastavení, nic nezatrhávej.

Po dokončení skenu na tebe vyjedou dva logy, oba sem prosím zkopíruj.
Nahoru
Reklama
Top
Rutherther
Level 2
Level 2
Příspěvky: 227
Registrován: říjen 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod Rutherther » 22 dub 2015 19:10

FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2015
Ran by Nový Účet (administrator) on FANDA-PC on 22-04-2015 19:04:10
Running from C:\Users\Nový Účet\Downloads
Loaded Profiles: Nový Účet (Available profiles: Fanda & sdileni & Nový Účet & Administrator)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Creative Technology Ltd.) C:\Windows\V0470Mon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
() C:\Program Files\OSCAR Editor X7\OscarEditor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Xamarin\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-1.exe
() C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-2.exe
() C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-3.exe
() C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-4.exe
() C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-5.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [V0470Mon.exe] => C:\Windows\V0470Mon.exe [32768 2007-06-04] (Creative Technology Ltd.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM\...\Run: [JPG Files To Animated GIF Converter Software.exe] => [X]
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-726744192-981729432-2719584852-1005\...\Run: [OscarEditor] => C:\Program Files\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-06-01] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-726744192-981729432-2719584852-1005 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-29] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-29] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog5 07 C:\Windows\system32\PrxerNsp.dll [56424] ()

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-29] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31]
CHR Extension: (Google Docs) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31]
CHR Extension: (Google Drive) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-31]
CHR Extension: (YouTube) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-31]
CHR Extension: (Google Search) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-31]
CHR Extension: (Google Sheets) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31]
CHR Extension: (Bookmark Manager) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Google Wallet) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-31]
CHR Extension: (Gmail) - C:\Users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Program Files\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-04-09] (Apple Inc.) [File not signed]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MySQL56; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [11035136 2015-01-19] () [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2014-08-07] (The OpenVPN Project)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-10-14] (Sandboxie Holdings, LLC)
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [833728 2014-09-23] (Valve Corporation) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 Tuio-To-vmulti-Device1; C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-1.exe [97016 2013-01-10] ()
R2 Tuio-To-vmulti-Device2; C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-2.exe [97016 2013-01-10] ()
R2 Tuio-To-vmulti-Device3; C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-3.exe [97016 2013-01-10] ()
R2 Tuio-To-vmulti-Device4; C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-4.exe [97016 2013-01-10] ()
R2 Tuio-To-vmulti-Device5; C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-5.exe [97016 2013-01-10] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [226784 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [166880 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [29664 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [206816 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [269792 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [110048 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-04-07] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-22] (Disc Soft Ltd)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [161288 2014-10-14] (Sandboxie Holdings, LLC)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 VF0470Vid; C:\Windows\System32\DRIVERS\V0470Vid.sys [146720 2007-05-09] (Creative Technology Ltd.)
R3 vmultia; C:\Windows\System32\DRIVERS\vmultia.sys [17648 2013-01-09] (Windows (R) Win 7 DDK provider)
R3 vmultib; C:\Windows\System32\DRIVERS\vmultib.sys [17648 2013-01-09] (Windows (R) Win 7 DDK provider)
R3 vmultic; C:\Windows\System32\DRIVERS\vmultic.sys [17648 2013-01-09] (Windows (R) Win 7 DDK provider)
R3 vmultid; C:\Windows\System32\DRIVERS\vmultid.sys [17648 2013-01-09] (Windows (R) Win 7 DDK provider)
R3 vmultie; C:\Windows\System32\DRIVERS\vmultie.sys [17648 2013-01-09] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\Users\Fanda\AppData\Local\Temp\catchme.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
U4 srservice; No ImagePath
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 19:04 - 2015-04-22 19:05 - 00014429 _____ () C:\Users\Nový Účet\Downloads\FRST.txt
2015-04-22 19:04 - 2015-04-22 19:04 - 00000000 ____D () C:\FRST
2015-04-22 19:03 - 2015-04-22 19:03 - 01139200 _____ (Farbar) C:\Users\Nový Účet\Downloads\FRST.exe
2015-04-22 16:43 - 2015-04-22 16:43 - 00000000 ____D () C:\Program Files\Microsoft ASP.NET
2015-04-21 19:04 - 2015-04-21 19:04 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\AVG2015
2015-04-21 19:03 - 2015-04-21 19:03 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-04-21 19:03 - 2015-04-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-21 19:02 - 2015-04-21 19:04 - 00000000 ____D () C:\ProgramData\AVG2015
2015-04-21 19:02 - 2015-04-21 19:02 - 00000000 ___HD () C:\$AVG
2015-04-21 19:00 - 2015-04-21 19:00 - 00000000 ____D () C:\Program Files\AVG
2015-04-21 18:55 - 2015-04-21 18:55 - 04578040 _____ (AVG Technologies) C:\Users\Nový Účet\Downloads\avg_free_stb_all_2015_5315_ppc1.exe
2015-04-21 18:52 - 2015-04-21 18:52 - 00000000 __SHD () C:\Users\Nový Účet\AppData\Local\EmieUserList
2015-04-21 18:52 - 2015-04-21 18:52 - 00000000 __SHD () C:\Users\Nový Účet\AppData\Local\EmieSiteList
2015-04-21 18:52 - 2015-04-21 18:52 - 00000000 __SHD () C:\Users\Nový Účet\AppData\Local\EmieBrowserModeList
2015-04-21 18:47 - 2015-04-22 16:43 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-21 18:47 - 2015-04-21 19:04 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Avg2015
2015-04-21 18:47 - 2015-04-21 18:47 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\MFAData
2015-04-21 17:40 - 2015-04-21 19:16 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-04-21 17:39 - 2015-04-21 17:46 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-04-20 20:12 - 2015-04-20 21:17 - 00000000 ____D () C:\Users\Nový Účet\Desktop\uTorrent
2015-04-20 20:04 - 2015-04-20 20:04 - 00000000 ____D () C:\Users\Nový%20Účet\.android
2015-04-20 20:04 - 2015-04-20 20:04 - 00000000 ____D () C:\Users\Nový%20Účet
2015-04-20 19:59 - 2015-04-20 19:59 - 00002951 _____ () C:\Users\Nový Účet\Desktop\Xamarin Studio.lnk
2015-04-20 19:59 - 2015-04-20 19:59 - 00000000 ____D () C:\Program Files\MonoDevelop
2015-04-20 19:53 - 2015-04-20 19:53 - 00000000 ____D () C:\Program Files\Xamarin
2015-04-20 19:48 - 2015-04-20 19:54 - 00000000 ____D () C:\ProgramData\Monodoc
2015-04-20 19:19 - 2015-04-20 19:19 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\stetic
2015-04-20 19:18 - 2015-04-20 19:18 - 00000000 ____D () C:\ProgramData\Mono for Android
2015-04-20 19:17 - 2015-04-20 19:17 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\XamarinStudio-5.0
2015-04-20 19:16 - 2015-04-20 19:18 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\XamarinStudio-5.0
2015-04-20 18:25 - 2015-04-20 19:59 - 00000000 ____D () C:\Program Files\Xamarin Studio
2015-04-20 18:22 - 2015-04-20 19:39 - 00000000 ____D () C:\Program Files\GtkSharp
2015-04-20 18:20 - 2015-04-20 20:06 - 00000000 ____D () C:\Users\Nový Účet\.android
2015-04-20 18:20 - 2015-04-20 18:20 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xamarin
2015-04-20 18:12 - 2015-04-20 18:12 - 00000000 ____D () C:\Users\Nový Účet\Documents\Android
2015-04-20 17:33 - 2015-04-20 17:33 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2015-04-20 17:32 - 2015-04-20 17:32 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Android
2015-04-20 17:14 - 2015-04-20 19:24 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-20 17:14 - 2015-04-20 17:14 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Xamarin
2015-04-20 15:44 - 2015-04-21 16:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 15:43 - 2015-04-20 15:43 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 15:43 - 2015-04-20 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-20 15:43 - 2015-04-20 15:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-20 15:43 - 2015-04-20 15:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-20 15:43 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-20 15:43 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-20 15:43 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-20 15:25 - 2015-04-20 15:25 - 16884312 _____ () C:\Users\Nový Účet\Downloads\RogueKiller.exe
2015-04-19 22:18 - 2015-04-19 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-04-19 22:18 - 2015-04-19 22:18 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2015-04-19 22:14 - 2015-04-19 21:32 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-19 21:36 - 2015-04-19 22:19 - 00007971 _____ () C:\zoek-results.log
2015-04-19 21:32 - 2015-04-19 22:09 - 00000000 ____D () C:\zoek_backup
2015-04-19 21:12 - 2015-04-19 21:27 - 00000000 ____D () C:\AdwCleaner
2015-04-19 17:02 - 2015-04-19 17:02 - 00000000 ____D () C:\Users\Fanda\Desktop\RPG server
2015-04-19 16:12 - 2015-04-19 16:30 - 00000000 ____D () C:\Users\Nový Účet\Desktop\RPG server
2015-04-19 12:45 - 2015-04-19 12:46 - 00000600 _____ () C:\Users\Nový Účet\AppData\Local\PUTTY.RND
2015-04-19 12:44 - 2015-04-19 12:44 - 00524288 _____ (Simon Tatham) C:\Users\Nový Účet\Downloads\putty.exe
2015-04-19 11:12 - 2015-04-19 11:12 - 00001061 _____ () C:\Users\Public\Desktop\OpenVPN GUI.lnk
2015-04-19 11:09 - 2015-04-19 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-04-19 11:09 - 2015-04-19 11:12 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-04-19 11:09 - 2015-04-19 11:12 - 00000000 ____D () C:\Program Files\OpenVPN
2015-04-19 11:09 - 2015-04-19 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2015-04-19 11:07 - 2015-04-19 11:57 - 00000000 ____D () C:\Users\Nový Účet\Desktop\certs
2015-04-19 10:51 - 2015-04-19 12:36 - 00001345 _____ () C:\Users\Fanda\Desktop\openvpn.bscp
2015-04-18 21:19 - 2015-04-18 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-04-18 21:17 - 2015-04-18 21:18 - 00000000 ____D () C:\Python27
2015-04-18 21:11 - 2015-04-18 21:21 - 00000000 ____D () C:\Users\Nový Účet\Desktop\New folder
2015-04-18 16:42 - 2015-04-19 10:19 - 00018436 _____ () C:\Users\Nový Účet\Desktop\IPManager.jar
2015-04-18 16:28 - 2015-04-18 16:28 - 00154588 ____H () C:\Windows\system32\mlfcache.dat
2015-04-18 15:56 - 2015-04-08 01:49 - 00775648 _____ () C:\Users\Nový Účet\Desktop\GeoIP.dat
2015-04-18 15:54 - 2015-04-18 15:54 - 00036241 _____ () C:\Users\Nový Účet\Desktop\geoip2-2.1.0.jar
2015-04-18 15:19 - 2015-04-18 15:28 - 00000000 ____D () C:\Users\Nový Účet\Desktop\MCServer17-18-1718
2015-04-18 12:47 - 2015-04-18 13:22 - 00000000 ____D () C:\Users\Nový Účet\Desktop\Packet Logger Tuttogameita Nostale
2015-04-18 12:44 - 2015-04-18 12:45 - 00000000 ____D () C:\Users\Nov� ��et\Downloads\Gameforge Live
2015-04-18 12:44 - 2015-04-18 12:44 - 00000000 ____D () C:\Users\Nov� ��et
2015-04-18 12:43 - 2015-04-18 12:43 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Gameforge4d
2015-04-15 20:24 - 2015-04-15 20:24 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\CustomConsole
2015-04-15 16:21 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 16:21 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 16:21 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 16:21 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 16:21 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 16:21 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 16:21 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 16:21 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 16:21 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 16:21 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 16:21 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 16:21 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 16:21 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 16:21 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 16:21 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 16:21 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 16:21 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 16:21 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 16:21 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 16:21 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 16:21 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 16:21 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 16:21 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 16:21 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 16:21 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 16:21 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 16:20 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 16:20 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 16:20 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 16:20 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 16:20 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 16:20 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 16:20 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 16:20 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 16:20 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 16:20 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 16:20 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 16:20 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 16:20 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 16:20 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 16:20 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 16:20 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 16:20 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 16:20 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 16:20 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 16:20 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 16:20 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 16:20 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 16:20 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 16:20 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 16:20 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 16:20 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 16:20 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 16:20 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 16:20 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 16:20 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 16:20 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 16:20 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 16:20 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 16:20 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 16:20 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 16:20 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 16:20 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 16:20 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 13:05 - 2015-04-15 13:05 - 00206816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2015-04-14 20:04 - 2015-04-14 20:05 - 00000000 ____D () C:\Users\Nový Účet\Desktop\C# stažená díla na učení
2015-04-13 17:11 - 2015-04-13 17:11 - 00000000 ____D () C:\Users\Nový Účet\Desktop\restoration
2015-04-12 11:15 - 2015-04-12 17:45 - 01737507 _____ () C:\Users\Nový Účet\Desktop\GNU.pptx
2015-04-12 08:43 - 2015-04-12 08:43 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\SkypeApp
2015-04-11 15:10 - 2015-04-12 22:12 - 00068096 ___SH () C:\Users\Nový Účet\Desktop\Thumbs.db
2015-04-11 14:37 - 2015-04-11 14:38 - 00000000 ____D () C:\Users\Nový Účet\Documents\Visual Studio 2005
2015-04-11 14:36 - 2006-02-15 23:02 - 00000000 ____D () C:\Users\Nový Účet\Desktop\Skype
2015-04-10 19:53 - 2015-04-11 14:11 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\SkypeKit
2015-04-10 19:52 - 2015-04-10 22:29 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\ISIM messenger
2015-04-10 19:52 - 2015-04-10 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISIM messenger
2015-04-10 19:52 - 2015-04-10 19:52 - 00000000 ____D () C:\Program Files\ISIM messenger
2015-04-09 14:12 - 2015-04-09 14:12 - 00226784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-04-08 21:39 - 2015-04-09 20:08 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\JakDlouhoJsemNaPc
2015-04-08 21:34 - 2015-04-08 21:34 - 00000000 ____D () C:\%appdata%
2015-04-07 12:45 - 2015-04-07 12:45 - 00213984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2015-04-06 10:10 - 2015-04-06 10:10 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Microsoft_Corporation
2015-04-06 10:05 - 2015-04-06 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2015-04-05 11:15 - 2015-04-05 11:15 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\Microsoft FxCop
2015-04-05 09:17 - 2015-04-05 09:17 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 15:21 - 2015-04-04 15:21 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\NuGet
2015-04-04 09:28 - 2015-04-04 09:28 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Hra
2015-04-04 08:39 - 2015-04-04 08:39 - 00001397 _____ () C:\Users\Public\Desktop\JPG Files To Animated GIF Converter Software.lnk
2015-04-04 08:39 - 2015-04-04 08:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JPG Files To Animated GIF Converter Software
2015-04-04 08:39 - 2015-04-04 08:39 - 00000000 ____D () C:\Program Files\JPG Files To Animated GIF Converter Software
2015-04-04 08:39 - 2010-03-19 16:03 - 01347344 _____ (Microsoft Corporation) C:\Windows\system32\Msvbvm50.dll
2015-04-04 08:39 - 2005-06-15 03:00 - 00102400 _____ (TechSmith Corporation) C:\Windows\system32\tsccvid.dll
2015-04-03 19:59 - 2015-04-03 19:59 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\paint.net
2015-04-03 19:26 - 2015-04-03 19:53 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\TS3Client
2015-04-03 16:56 - 2015-04-03 17:08 - 1051721728 _____ () C:\Users\Nový Účet\Downloads\ubuntu-14.04.2-desktop-i386.iso
2015-04-03 15:55 - 2015-04-03 16:01 - 00000581 _____ () C:\Users\Nový Účet\Desktop\reg_on_pipni.html
2015-04-03 09:57 - 2015-04-03 09:57 - 00000000 ____D () C:\Users\Nový Účet\Desktop\Publish - opensource
2015-04-03 09:57 - 2015-04-03 09:57 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\WinRAR
2015-04-03 09:56 - 2015-04-19 12:44 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\FileZilla
2015-04-03 09:56 - 2015-04-03 09:56 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\WinZip
2015-04-03 09:37 - 2015-04-03 09:37 - 00110048 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2015-04-02 18:54 - 2015-04-02 18:54 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\Proxifier
2015-04-02 18:37 - 2015-04-02 18:42 - 00017293 _____ () C:\Users\Nový Účet\Desktop\IPs.jar
2015-04-02 18:14 - 2015-04-02 18:14 - 00000000 ____D () C:\Users\Nový Účet\Desktop\bungee servers
2015-04-02 16:33 - 2015-04-02 16:33 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\java
2015-04-02 16:32 - 2015-04-19 17:18 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\.minecraft
2015-04-02 12:58 - 2015-04-02 12:58 - 00000929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-02 11:48 - 2015-04-02 11:48 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\TeamViewer
2015-04-02 11:06 - 2015-04-02 11:06 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\NVIDIA
2015-04-02 11:05 - 2015-04-20 20:09 - 00000000 ____D () C:\Users\Nový Účet\VirtualBox VMs
2015-04-02 11:04 - 2015-04-20 21:12 - 00000000 ____D () C:\Users\Nový Účet\.VirtualBox
2015-04-01 21:22 - 2015-04-01 21:22 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\Macromedia
2015-04-01 21:14 - 2015-04-18 11:59 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\Skype
2015-04-01 21:14 - 2015-04-01 21:14 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Skype
2015-04-01 16:01 - 2015-04-01 16:02 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\Notepad++
2015-03-31 21:06 - 2015-04-16 16:41 - 00000000 ____D () C:\Users\Nový Účet\Documents\Visual Studio 2012
2015-03-31 21:06 - 2015-04-01 21:24 - 00010752 _____ () C:\Users\Nový Účet\Desktop\Server.exe
2015-03-31 21:06 - 2015-04-01 21:18 - 00014848 _____ () C:\Users\Nový Účet\Desktop\Client.exe
2015-03-31 21:05 - 2015-03-31 21:05 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\NuGet
2015-03-31 21:01 - 2015-03-31 21:01 - 00001156 _____ () C:\Users\Nový Účet\Desktop\UnOfficial Minecraft Client.lnk
2015-03-31 21:01 - 2015-03-31 21:01 - 00000581 _____ () C:\Users\Nový Účet\Desktop\Minecraft.lnk
2015-03-31 21:01 - 2015-03-31 21:01 - 00000000 ____D () C:\Users\Nový Účet\Desktop\Hry
2015-03-31 20:57 - 2015-03-31 20:57 - 00002404 _____ () C:\Users\Nový Účet\Desktop\Bitvise SSH Client.lnk
2015-03-31 20:39 - 2015-03-31 20:50 - 00002201 _____ () C:\Users\Nový Účet\Desktop\Google Chrome.lnk
2015-03-31 20:39 - 2015-03-31 20:39 - 00116872 _____ () C:\Users\Nový Účet\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-31 20:39 - 2015-03-31 20:39 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Google
2015-03-31 20:37 - 2015-04-22 16:38 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\LogMeIn Hamachi
2015-03-31 20:37 - 2015-03-31 20:37 - 00001393 _____ () C:\Users\Nový Účet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-31 20:37 - 2015-03-31 20:37 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\Adobe
2015-03-31 20:37 - 2015-03-31 20:37 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\LogMeIn
2015-03-31 20:36 - 2015-04-20 18:20 - 00000000 ____D () C:\Users\Nový Účet
2015-03-31 20:36 - 2015-03-31 20:36 - 00000020 ___SH () C:\Users\Nový Účet\ntuser.ini
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Šablony
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Soubory cookie
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Poslední
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Okolní tiskárny
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Okolní síť
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Nabídka Start
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Dokumenty
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Documents\Obrázky
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Documents\Hudba
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Documents\Filmy
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\Data aplikací
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-03-31 20:36 - 2015-03-31 20:36 - 00000000 _SHDL () C:\Users\Nový Účet\AppData\Local\Data aplikací
2015-03-31 20:36 - 2014-07-04 08:59 - 00000000 ____D () C:\Users\Nový Účet\AppData\Roaming\TuneUp Software
2015-03-31 20:36 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\Nový Účet\AppData\Local\Microsoft Help
2015-03-31 20:36 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Nový Účet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-31 20:36 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Nový Účet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-31 19:58 - 2015-03-31 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft XNA Game Studio 4.0 Refresh
2015-03-31 19:36 - 2015-03-31 19:36 - 00000000 ____D () C:\Program Files\Microsoft XNA
2015-03-31 19:34 - 2015-03-31 19:34 - 00000000 ____D () C:\Users\Fanda\Desktop\SF
2015-03-31 19:33 - 2015-03-31 19:34 - 24535109 _____ () C:\Users\Fanda\Downloads\XNA Game Studio 4.0.4 (2012).zip
2015-03-31 19:26 - 2015-03-31 19:26 - 51182360 _____ (Microsoft Corporation) C:\Users\Fanda\Downloads\XNAGS40_setup.exe
2015-03-31 17:40 - 2015-04-11 11:02 - 00000000 ____D () C:\Users\Nový Účet\Desktop\afg
2015-03-31 17:39 - 2015-03-31 17:39 - 07571453 _____ () C:\Users\Fanda\Downloads\mcp910-pre1.zip
2015-03-30 16:54 - 2015-03-30 16:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2015-03-30 16:54 - 2015-03-30 16:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\LogMeIn
2015-03-30 16:53 - 2015-04-19 22:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-03-30 16:53 - 2015-03-30 16:53 - 00002197 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk
2015-03-30 16:53 - 2015-03-30 16:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2015-03-30 16:30 - 2015-03-30 16:27 - 00001046 _____ () C:\Users\Fanda\Desktop\cacert.pem
2015-03-30 15:03 - 2015-03-30 15:15 - 00001337 _____ () C:\Users\Fanda\Desktop\pptpd.bscp
2015-03-29 22:21 - 2015-04-22 16:37 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-29 17:43 - 2015-03-29 17:44 - 00337928 _____ () C:\Windows\Minidump\032915-36203-01.dmp
2015-03-29 17:32 - 2015-03-29 17:33 - 00352952 _____ () C:\Windows\Minidump\032915-34890-01.dmp
2015-03-29 16:52 - 2015-03-29 18:02 - 00000000 ____D () C:\Users\Fanda\AppData\Roaming\UnOfficial
2015-03-29 16:47 - 2015-03-29 16:47 - 08283989 _____ () C:\Users\Fanda\Downloads\wolfram-2.2.2.zip
2015-03-29 16:46 - 2015-03-29 16:46 - 12738732 _____ () C:\Users\Fanda\Downloads\wolfram-1.0_beta.zip
2015-03-29 16:12 - 2015-03-29 16:12 - 02012550 _____ () C:\Users\Fanda\Downloads\ShiginimaSE_v1602.zip
2015-03-29 16:08 - 2015-03-29 16:08 - 01932162 _____ () C:\Users\Fanda\Downloads\ShiginimaSE_v1406.zip
2015-03-29 15:48 - 2015-03-29 15:38 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-29 15:47 - 2015-03-29 15:38 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-29 15:47 - 2015-03-29 15:38 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-29 15:39 - 2015-03-29 15:39 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-29 15:39 - 2015-03-29 15:38 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-03-29 15:38 - 2015-03-29 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-29 15:30 - 2015-03-29 15:31 - 184241056 _____ (Oracle Corporation) C:\Users\Fanda\Downloads\jdk-8u40-windows-i586.exe
2015-03-29 15:26 - 2015-03-29 15:27 - 00937896 _____ (Oracle Corporation) C:\Users\Fanda\Downloads\jre-7u75-windows-i586-iftw.exe
2015-03-29 14:55 - 2015-03-29 14:55 - 00010868 _____ () C:\Users\Fanda\Desktop\MinecraftClient.lnk
2015-03-29 12:58 - 2015-03-29 12:58 - 00000977 _____ () C:\Users\Fanda\Desktop\Proxifier.lnk
2015-03-29 12:58 - 2015-03-29 12:58 - 00000000 ____D () C:\Users\Fanda\AppData\Roaming\Proxifier
2015-03-29 12:58 - 2015-03-29 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier
2015-03-29 12:58 - 2015-03-29 12:58 - 00000000 ____D () C:\Program Files\Proxifier
2015-03-29 12:58 - 2012-11-22 18:57 - 00091240 _____ (Initex) C:\Windows\system32\ProxifierShellExt.dll
2015-03-29 12:58 - 2012-11-22 18:57 - 00070248 _____ (Initex) C:\Windows\system32\PrxerDrv.dll
2015-03-29 12:58 - 2012-11-22 18:57 - 00056424 _____ () C:\Windows\system32\PrxerNsp.dll
2015-03-29 12:58 - 1997-06-06 15:52 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\SPORDER.DLL
2015-03-29 12:57 - 2015-03-29 12:57 - 03830776 _____ (Initex ) C:\Users\Fanda\Downloads\ProxifierSetup.exe
2015-03-29 10:54 - 2015-03-29 21:24 - 00001338 _____ () C:\Users\Fanda\Desktop\proxy.bscp
2015-03-29 10:25 - 2015-03-29 10:21 - 00037376 _____ () C:\Users\Fanda\Desktop\Skype.exe
2015-03-29 09:22 - 2015-03-29 09:22 - 02407142 _____ () C:\Users\Fanda\Downloads\dovecot-1.1.20.tar.gz
2015-03-29 09:18 - 2015-03-29 09:18 - 04239248 _____ () C:\Users\Fanda\Downloads\postfix-3.0.0.tar.gz
2015-03-28 20:41 - 2015-03-28 20:41 - 00000022 _____ () C:\Users\Fanda\Downloads\reg.bat
2015-03-28 20:39 - 2015-03-28 20:39 - 01942824 _____ (Skype Technologies) C:\Users\Fanda\Downloads\Skype4COM.dll
2015-03-28 18:47 - 2015-03-28 18:47 - 00090286 _____ () C:\Users\Fanda\Downloads\C# Basic Chat Program.rar
2015-03-28 18:06 - 2015-03-28 18:05 - 00010752 _____ () C:\Users\Fanda\Desktop\Internet.exe
2015-03-28 12:43 - 2015-03-28 12:43 - 06208736 _____ (Tim Kosse) C:\Users\Fanda\Downloads\FileZilla_3.10.2_win32-setup.exe
2015-03-28 11:39 - 2015-03-28 11:39 - 00000000 ____D () C:\Users\Fanda\Downloads\Gameforge Live
2015-03-28 11:37 - 2015-03-28 11:37 - 00305402 _____ () C:\Users\Fanda\Downloads\Demo.zip
2015-03-28 11:37 - 2006-01-31 13:06 - 00000000 ____D () C:\Users\Fanda\Desktop\Demo
2015-03-28 11:04 - 2015-03-28 13:29 - 00010240 _____ () C:\Users\Fanda\Desktop\Server.exe
2015-03-28 11:04 - 2015-03-28 12:59 - 00014336 _____ () C:\Users\Fanda\Desktop\Client.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 18:59 - 2014-12-29 16:39 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-22 18:53 - 2014-06-15 09:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-22 18:02 - 2014-11-23 11:32 - 01869704 _____ () C:\Windows\WindowsUpdate.log
2015-04-22 16:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-22 16:46 - 2009-07-14 06:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-22 16:46 - 2009-07-14 06:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-22 16:38 - 2014-12-29 16:38 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-22 16:37 - 2014-11-23 11:05 - 00013722 _____ () C:\Windows\setupact.log
2015-04-22 16:37 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-22 16:36 - 2014-05-31 16:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-21 18:04 - 2014-11-23 11:29 - 00073936 _____ () C:\Windows\PFRO.log
2015-04-21 16:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2015-04-20 19:48 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-20 17:18 - 2014-06-01 08:46 - 00000000 ____D () C:\Program Files\Java
2015-04-19 19:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2015-04-19 14:53 - 2014-12-25 15:36 - 00000000 ____D () C:\Users\Fanda\eclipse_vetsi_projekty
2015-04-19 12:37 - 2015-03-02 14:18 - 00001347 _____ () C:\Users\Fanda\Desktop\mctest.bscp
2015-04-19 10:13 - 2014-06-08 17:27 - 00000000 ____D () C:\Users\Fanda\Desktop\stara plocha
2015-04-19 09:15 - 2014-07-29 21:40 - 00000000 ____D () C:\Users\Fanda\eclipse
2015-04-17 16:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 16:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-04-16 21:04 - 2014-12-12 16:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 21:04 - 2014-06-03 15:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 16:45 - 2014-05-31 15:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 16:20 - 2014-05-31 17:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 16:20 - 2014-05-31 15:28 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-16 16:16 - 2014-05-31 14:18 - 01569498 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:05 - 2014-06-04 16:07 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 16:04 - 2014-06-04 16:08 - 00000000 ___RD () C:\Program Files\Skype
2015-04-16 16:00 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini
2015-04-15 17:53 - 2014-06-15 09:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 17:53 - 2014-06-15 09:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-12 15:53 - 2014-06-01 09:37 - 00000000 ____D () C:\Users\Fanda\AppData\Roaming\.minecraft
2015-04-11 15:10 - 2014-10-26 14:26 - 00000000 ____D () C:\Users\Fanda\Documents\PSPad
2015-04-06 09:56 - 2014-06-01 12:39 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-04-02 12:58 - 2015-02-08 15:40 - 00000000 ____D () C:\Program Files\TeamViewer
2015-04-01 22:02 - 2014-10-09 17:25 - 00000000 ____D () C:\Users\Fanda\eclipseprojekty
2015-03-31 20:38 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-31 20:27 - 2014-08-04 11:18 - 00000000 ____D () C:\Users\Fanda\AppData\Local\LogMeIn Hamachi
2015-03-31 20:26 - 2009-07-14 06:33 - 00422056 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-31 19:58 - 2014-05-31 16:33 - 00116872 _____ () C:\Users\Fanda\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-31 19:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-30 20:20 - 2014-06-01 09:31 - 00000000 ____D () C:\Users\Fanda\AppData\Roaming\TS3Client
2015-03-30 17:27 - 2015-03-22 18:24 - 00152307 _____ () C:\Users\Fanda\Desktop\Moje oblíbená kniha - Hraničářův učeň.pptx
2015-03-30 16:54 - 2014-05-31 17:02 - 00109664 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-30 15:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-30 15:25 - 2014-08-04 11:20 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-29 17:43 - 2015-02-21 15:57 - 316286891 _____ () C:\Windows\MEMORY.DMP
2015-03-29 17:43 - 2014-08-13 17:16 - 00000000 ____D () C:\Windows\Minidump
2015-03-29 17:43 - 2009-07-14 06:53 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-29 15:48 - 2014-06-01 08:48 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-29 15:14 - 2014-12-17 21:12 - 00002090 _____ () C:\Windows\Sandboxie.ini
2015-03-29 12:56 - 2015-03-02 10:30 - 00000000 ____D () C:\Users\Fanda\.VirtualBox
2015-03-29 12:46 - 2014-06-04 16:08 - 00000000 ____D () C:\Users\Fanda\AppData\Roaming\Skype
2015-03-29 12:42 - 2015-03-02 10:58 - 00000000 ____D () C:\Program Files\Operační systémy
2015-03-28 13:51 - 2014-08-11 21:43 - 00000000 ____D () C:\Users\Fanda\AppData\Roaming\FileZilla
2015-03-28 10:08 - 2014-06-01 12:54 - 00000000 ____D () C:\Users\Fanda\Documents\Visual Studio 2012

==================== Files in the root of some directories =======

2014-10-10 15:31 - 2014-10-12 19:52 - 0000037 _____ () C:\Program Files\zkouska.db
2015-04-11 22:53 - 2015-04-11 22:53 - 0004661 _____ () C:\Users\Nový Účet\AppData\Roaming\avatar.png
2015-04-19 12:45 - 2015-04-19 12:46 - 0000600 _____ () C:\Users\Nový Účet\AppData\Local\PUTTY.RND

Some content of TEMP:
====================
C:\Users\Nový Účet\AppData\Local\Temp\avg-ddac8a6a-0c22-403f-9285-92421209bb51.exe
C:\Users\Nový Účet\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 17:21

==================== End Of Log ============================

Addition log dodám do dalšího příspěvku, zpráva nešla kvůli hodně znakům odeslat
Nahoru
Rutherther
Level 2
Level 2
Příspěvky: 227
Registrován: říjen 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod Rutherther » 22 dub 2015 19:11

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-04-2015
Ran by Nový Účet at 2015-04-22 19:06:19
Running from C:\Users\Nový Účet\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Story CZ 5.0.167 (HKLM\...\4Story_CZ_is1) (Version: 5.0.167 - Gameforge4D GmbH)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Age of Mythology - The Titans Expansion (HKLM\...\Age of Mythology Expansion Pack 1.0) (Version: - )
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5941 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4334 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.5941 - AVG Technologies CZ, s.r.o.) Hidden
Bandicam (HKLM\...\Bandicam) (Version: 2.0.0.638 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Bitvise SSH Client 6.04 (remove only) (HKLM\...\BvSshClient) (Version: - )
Blend for Visual Studio Add-in for Adobe FXG Import (Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Counter-Strike 1.6 (HKLM\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Creative Live! Cam Notebook (VF0470) Driver (1.03.01.00) (HKLM\...\Creative VF0470) (Version: - )
Curse (HKLM\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
FileZilla Client 3.10.1.1 (HKLM\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
Gameforge Live 2.0.6 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
GhostMouse (HKLM\...\GhostMouse_is1) (Version: Free V3.2.2 - ghost-mouse.com)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
HeavyLoad V3.2 (HKLM\...\HeavyLoad_is1) (Version: 3.2 - JAM Software)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Cheat Engine 5.6.1 (HKLM\...\Cheat Engine 5.6.1_is1) (Version: - Dark Byte)
Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
ISIM messenger 1.28 (HKLM\...\{AE67302E-F4EC-4F2E-ACF9-52F649F090AC}_is1) (Version: 1.28 - )
Java 7 Update 75 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 40 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
JetBrains PhpStorm 8.0.2 (HKLM\...\PhpStorm 8.0.2) (Version: 139.732 - JetBrains s.r.o.)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Lightshot-5.2.0.17 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.17 - Skillbrains)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{45A8F8FF-ED9B-40B2-B923-94F46FCF6135}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{D9DA2981-3298-4F1A-9192-F2CF5BD91145}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{83C7F964-AC58-4104-B613-B4D0F61DA8CD}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{CD920828-2B95-49A4-8BFD-1D34BCBF5A27}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM\...\{89690B51-2E21-4E93-914E-F9CAC5B24A84}) (Version: 1.4.0.0 - Microsoft Corporation)
Mini Metro (Beta 3)(2014) (HKLM\...\Mini Metro (Beta 3)(2014)Beta 3) (Version: Beta 3 - Friends in War)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MySQL Connector C++ 1.1.5 (HKLM\...\{CC1F0F55-064C-40F0-A4F5-7B06022C5C42}) (Version: 1.1.5 - Oracle and/or its affiliates)
MySQL Connector J (HKLM\...\{FFDEEDC1-B845-45AD-A5EF-906F044925DA}) (Version: 5.1.34 - Oracle Corporation)
MySQL Connector Net 6.9.5 (HKLM\...\{5E5D3141-7714-4B2E-8BF2-650C8EF65E3E}) (Version: 6.9.5 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{97FEF94D-9E6D-4778-AFF1-77C53C933634}) (Version: 6.1.5 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{4C6A664C-DCA0-4CC6-8752-ED0850E3135A}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.6 (HKLM\...\{4886BA02-7207-45BC-812C-D0ECC1E8C053}) (Version: 5.6.23 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM\...\{713186AE-F19C-4234-91E6-C3652A876DCE}) (Version: 5.6.23 - Oracle Corporation)
MySQL for Visual Studio 1.2.3 (HKLM\...\{EF7630BF-DC4E-4493-9C0F-5B0A739390EF}) (Version: 1.2.3 - Oracle)
MySQL Installer - Community (HKLM\...\{1BF2A017-1067-43B9-873F-9F718CBD97BC}) (Version: 1.4.3.0 - Oracle Corporation)
MySQL Server 5.6 (HKLM\...\{7CCB6F2A-B1BD-4453-A669-C47BF88D53CF}) (Version: 5.6.23 - Oracle Corporation)
MySQL Workbench 6.2 CE (HKLM\...\{DBE945CB-948B-4A68-9465-FC15BF286625}) (Version: 6.2.4 - Oracle Corporation)
Nostale(CZ) (HKLM\...\NosTale(CZ)_is1) (Version: - Gameforge 4D GmbH)
Nostale(DE) (HKLM\...\NosTale(DE)_is1) (Version: - Gameforge 4D GmbH)
Notepad++ (HKLM\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA Ovladač 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenVPN 2.3.2-I006 (HKLM\...\OpenVPN) (Version: 2.3.2-I006 - )
Oracle VM VirtualBox 4.3.22 (HKLM\...\{ADDABE38-EAA2-48B3-A2B0-13FC4E267CD1}) (Version: 4.3.22 - Oracle Corporation)
OSCAR Editor (Version: 12.03.0004 - A4TECH) Hidden
osu! (HKLM\...\{bcad47f9-9e75-4714-b69f-4fd02379ce0d}) (Version: latest - ppy Pty Ltd)
Ovládací panel NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC41}) (Version: 4.0.5 - dotPDN LLC)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Prerequisites for SSDT (HKLM\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Proxifier version 3.21 (HKLM\...\Proxifier_is1) (Version: 3.21 - Initex)
Python 2.7.9 (HKLM\...\{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
Resource Hacker Version 3.6.0 (HKLM\...\ResourceHacker_is1) (Version: - )
ROBLOX Player (HKLM\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Sandboxie 4.14 (32-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
TweakNow RegCleaner (HKLM\...\TweakNow RegCleaner_is1) (Version: 7.3.1 - TweakNow.com)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
Update for (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
X7 Oscar Editor (HKLM\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH)
Xamarin (HKLM\...\{B6091C02-3F6A-47D1-9922-F0DEF910A345}) (Version: 3.9.547.0 - Xamarin)
Xamarin Studio 5.8.3 (HKLM\...\{3C18EE74-02FC-4EED-8E07-C0C3A3C5266A}) (Version: 5.8.3.1 - Xamarin)
Xamarin Universal Installer (HKLM\...\{fa335f5a-0287-44f4-81c7-a8ea083bfd1e}) (Version: 3.5.0.0 - Xamarin, Inc)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

20-04-2015 19:22:19 Xamarin Universal Installer
21-04-2015 19:00:04 Installed AVG 2015
21-04-2015 19:01:13 Installed AVG 2015
22-04-2015 16:41:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2015-04-19 21:37 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B0B67DA-2A20-4B10-8ED5-6920FEFFE01A} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-03-07] (Oracle Corporation)
Task: {0D3F73DD-F84C-4486-8E98-8AA77ADB7D70} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1788DFC3-294C-4CA2-91B2-EB2DA76DFB41} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2836EA72-F76C-4C36-85FA-FDDF35E44B42} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft)
Task: {2B54168B-6312-49AE-93C4-EEECD34B7D75} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {480F46DA-BA6B-4E60-8AC7-A13D242FD36C} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2014-10-31] (Oracle Corporation)
Task: {4AC92D48-D5C3-438A-8C2F-415CCAF4E127} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4E0884D6-9258-47E3-B082-A9499CF4B3D2} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {6F052350-6015-42DD-914F-DDFF21ED712C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {8D711DC4-02D2-4FB0-B3B4-54574638F08B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {9E191F61-BD5A-4413-B252-E8055982E6DE} - System32\Tasks\{7E7F9B60-14B9-4B8C-8E0B-44B205E50365} => Chrome.exe http://ui.skype.com/ui/0/7.3.59.101/cs/ ... age=tsMain
Task: {A3D42148-FE3C-4FB2-AC33-66A6850EE1FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-29] (Google Inc.)
Task: {C36D069A-EA6B-4D95-9DAD-AA2EAAAA7A2B} - System32\Tasks\{98635A07-C025-4BA1-9844-3F655ED181AC} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {D4AC7C3B-7C37-4C0F-A6D1-19B681C81443} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {DE764256-23F6-492A-A1A3-D22044581FD2} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {E590DDC3-A06A-4959-940D-EB5A9379B723} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E7D1B393-1A9D-4891-A636-FB2789A47568} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {E884309F-3F06-47EF-8609-F54D5FC10E41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-29] (Google Inc.)
Task: {EEE4C407-EE22-4B7F-A058-99D1D581B33A} - System32\Tasks\{929EB815-D16D-431E-B1F0-9A93A96AC24F} => Chrome.exe http://ui.skype.com/ui/0/7.3.0.101/en/a ... rogressBar

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-29 12:58 - 2012-11-22 18:57 - 00056424 _____ () C:\Windows\system32\PrxerNsp.dll
2014-05-31 16:13 - 2014-11-12 23:43 - 00106824 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2012-03-20 11:59 - 2012-03-20 11:59 - 03340288 _____ () C:\Program Files\OSCAR Editor X7\OscarEditor.exe
2010-12-02 17:56 - 2010-12-02 17:56 - 00815104 _____ () C:\Program Files\OSCAR Editor X7\Data\X7\Forms\OSD_Text\OSD_Text.dll
2011-01-09 20:45 - 2011-01-09 20:45 - 00088064 _____ () C:\Program Files\OSCAR Editor X7\DLL\DLL_MouseDeviceManager.dll
2012-02-07 11:20 - 2012-02-07 11:20 - 02413568 _____ () C:\Program Files\OSCAR Editor X7\Data\X7\Forms\ScreenCapture\ScreenCapture.dll
2011-03-21 19:33 - 2011-03-21 19:33 - 00999424 _____ () C:\Program Files\OSCAR Editor X7\Data\X7\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 14:18 - 2010-09-20 14:18 - 00085504 _____ () C:\Program Files\OSCAR Editor X7\DLL\DLL_ZoomControl.dll
2010-09-20 14:18 - 2010-09-20 14:18 - 00054272 _____ () C:\Program Files\OSCAR Editor X7\DLL\DLL_ScrollbarControl.dll
2011-04-12 15:14 - 2011-04-12 15:14 - 00063488 _____ () C:\Program Files\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 20:16 - 2010-11-01 20:16 - 00062976 _____ () C:\Program Files\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInOne.dll
2011-08-10 13:43 - 2011-08-10 13:43 - 00118272 _____ () C:\Program Files\OSCAR Editor X7\DLL\DLL_Wheel4D.dll
2015-01-19 16:45 - 2015-01-19 16:45 - 11035136 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
2013-01-10 02:08 - 2013-01-10 02:08 - 00097016 _____ () C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-1.exe
2013-01-10 02:08 - 2013-01-10 02:08 - 00097016 _____ () C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-2.exe
2013-01-10 02:08 - 2013-01-10 02:08 - 00097016 _____ () C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-3.exe
2013-01-10 02:08 - 2013-01-10 02:08 - 00097016 _____ () C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-4.exe
2013-01-10 02:08 - 2013-01-10 02:08 - 00097016 _____ () C:\Program Files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-5.exe
2015-04-18 14:02 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-18 14:02 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-18 14:02 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-726744192-981729432-2719584852-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Nový Účet\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Proxifier => "c:\program files\proxifier\proxifier.exe" aut
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-726744192-981729432-2719584852-500 - Administrator - Enabled) => C:\Users\Administrator
Fanda (S-1-5-21-726744192-981729432-2719584852-1000 - Administrator - Enabled) => C:\Users\Fanda
Guest (S-1-5-21-726744192-981729432-2719584852-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-726744192-981729432-2719584852-1004 - Limited - Enabled)
Nový Účet (S-1-5-21-726744192-981729432-2719584852-1005 - Administrator - Enabled) => C:\Users\Nový Účet
sdileni (S-1-5-21-726744192-981729432-2719584852-1001 - Limited - Enabled) => C:\Users\sdileni

==================== Faulty Device Manager Devices =============

Name: Video adaptér
Description: Video adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2015 06:17:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 06:14:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 06:13:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 06:12:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 06:12:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 05:46:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 05:40:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 05:37:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 05:36:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/22/2015 05:36:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (04/22/2015 04:38:38 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (04/21/2015 09:44:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/21/2015 06:03:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AVG WatchDog byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2015 06:03:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AVGIDSAgent byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2015 04:41:33 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (04/20/2015 03:40:34 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (04/20/2015 03:34:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba AVGIDSAgent ukončena s chybou %%-536753635, specifickou pro službu.

Error: (04/20/2015 03:22:23 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (04/20/2015 03:21:51 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
%%5

Error: (04/19/2015 10:22:25 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
%%5


Microsoft Office Sessions:
=========================
Error: (04/22/2015 06:17:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\totalcmd\TCUNIN64.EXE

Error: (04/22/2015 06:14:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Microsoft Visual Studio 11.0\Common7\Packages\Debugger\X64\msvsmon.exe

Error: (04/22/2015 06:13:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\proxifier\SysSettings64.exe

Error: (04/22/2015 06:12:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Windows Kits\8.0\bin\x64\filetypeverifier.exe

Error: (04/22/2015 06:12:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Windows Kits\8.0\bin\x64\oleview.exe

Error: (04/22/2015 05:46:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\totalcmd\TCUNIN64.EXE

Error: (04/22/2015 05:40:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Microsoft Visual Studio 11.0\Common7\Packages\Debugger\X64\msvsmon.exe

Error: (04/22/2015 05:37:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\proxifier\SysSettings64.exe

Error: (04/22/2015 05:36:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Windows Kits\8.0\bin\x64\filetypeverifier.exe

Error: (04/22/2015 05:36:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Windows Kits\8.0\bin\x64\oleview.exe


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 2.80GHz
Percentage of memory in use: 40%
Total physical RAM: 3062.55 MB
Available physical RAM: 1829.74 MB
Total Pagefile: 7653.85 MB
Available Pagefile: 5710.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:342.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9FF5835A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Nahoru
Rutherther
Level 2
Level 2
Příspěvky: 227
Registrován: říjen 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod Rutherther » 23 dub 2015 16:58

Nevím, jestli jste si nikdo nevšiml logu nebo jste jen ještě neodpověděli.. Ale radši píšu příspěvek, kdybyste si toho náhodou nevšimli, abych pak nečekal třeba týden..
Nahoru
mople71
Level 3.5
Level 3.5
Příspěvky: 662
Registrován: listopad 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod mople71 » 23 dub 2015 17:47

Ahoj, odpovídám do 24h, pokud mě do té doby nezaskočí někdo jiný z Sec. teamu, bumpni se. ;)


Odinstaluj prosím tyto programy:

Kód: Vybrat vše

CCleaner
TweakNow RegCleaner


-----------------------------------------------------

Aplikuj fixlist pro FRST:

Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [JPG Files To Animated GIF Converter Software.exe] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

S3 catchme; \??\C:\Users\Fanda\AppData\Local\Temp\catchme.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

C:\Windows\Tasks\*.job

Task: {2B54168B-6312-49AE-93C4-EEECD34B7D75} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {9E191F61-BD5A-4413-B252-E8055982E6DE} - System32\Tasks\{7E7F9B60-14B9-4B8C-8E0B-44B205E50365} => Chrome.exe http://ui.skype.com/ui/0/7.3.59.101/cs/ ... age=tsMain
Task: {C36D069A-EA6B-4D95-9DAD-AA2EAAAA7A2B} - System32\Tasks\{98635A07-C025-4BA1-9844-3F655ED181AC} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {EEE4C407-EE22-4B7F-A058-99D1D581B33A} - System32\Tasks\{929EB815-D16D-431E-B1F0-9A93A96AC24F} => Chrome.exe http://ui.skype.com/ui/0/7.3.0.101/en/a ... rogressBar

CMD: bitsadmin /reset /allusers

EmptyTemp:
End

Poté otevři FRST a klikni na tlačítko >Fix<. Po restart PC se na Ploše objeví fixlog, jeho obsah prosím vlož do dalšího příspěvku.
Nahoru
Rutherther
Level 2
Level 2
Příspěvky: 227
Registrován: říjen 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod Rutherther » 24 dub 2015 22:20

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-04-2015
Ran by Nový Účet at 2015-04-24 22:07:17 Run:1
Running from C:\Users\Nový Účet\Desktop
Loaded Profiles: Nový Účet (Available profiles: Fanda & sdileni & Nový Účet & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [JPG Files To Animated GIF Converter Software.exe] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

S3 catchme; \??\C:\Users\Fanda\AppData\Local\Temp\catchme.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

C:\Windows\Tasks\*.job

Task: {2B54168B-6312-49AE-93C4-EEECD34B7D75} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {9E191F61-BD5A-4413-B252-E8055982E6DE} - System32\Tasks\{7E7F9B60-14B9-4B8C-8E0B-44B205E50365} => Chrome.exe http://ui.skype.com/ui/0/7.3.59.101/cs/ ... age=tsMain
Task: {C36D069A-EA6B-4D95-9DAD-AA2EAAAA7A2B} - System32\Tasks\{98635A07-C025-4BA1-9844-3F655ED181AC} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {EEE4C407-EE22-4B7F-A058-99D1D581B33A} - System32\Tasks\{929EB815-D16D-431E-B1F0-9A93A96AC24F} => Chrome.exe http://ui.skype.com/ui/0/7.3.0.101/en/a ... rogressBar

CMD: bitsadmin /reset /allusers

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\JPG Files To Animated GIF Converter Software.exe => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
"HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
catchme => Service deleted successfully.
EagleXNt => Service deleted successfully.
taphss6 => Service deleted successfully.
C:\Windows\Tasks\*.job => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B54168B-6312-49AE-93C4-EEECD34B7D75} => Key not found.
C:\Windows\System32\Tasks\CCleanerSkipUAC not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E191F61-BD5A-4413-B252-E8055982E6DE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E191F61-BD5A-4413-B252-E8055982E6DE}" => Key deleted successfully.
C:\Windows\System32\Tasks\{7E7F9B60-14B9-4B8C-8E0B-44B205E50365} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E7F9B60-14B9-4B8C-8E0B-44B205E50365}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C36D069A-EA6B-4D95-9DAD-AA2EAAAA7A2B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C36D069A-EA6B-4D95-9DAD-AA2EAAAA7A2B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{98635A07-C025-4BA1-9844-3F655ED181AC} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{98635A07-C025-4BA1-9844-3F655ED181AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEE4C407-EE22-4B7F-A058-99D1D581B33A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEE4C407-EE22-4B7F-A058-99D1D581B33A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{929EB815-D16D-431E-B1F0-9A93A96AC24F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{929EB815-D16D-431E-B1F0-9A93A96AC24F}" => Key deleted successfully.

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{8D4E568C-0DFF-4FC9-BA2D-1EF854356935} canceled.
{FBBC525B-D3F1-456B-9176-6415DA44C867} canceled.
2 out of 2 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 1.8 GB temporary data.


The system needed a reboot.

==== End of Fixlog 22:09:23 ====


Chci se jen zeptat, všiml jsem si, že je tam něco ve smyslu, že to načetlo profil Nový Účet a ty ostatní jsou jen k dispozici, ale načetlo je to nějak taky? Pokud ne, asi bych to mohl projet ještě na účtu Fanda, ten účet jsem používal docela dlouho, přestal jsem ho používat, protože jsem byl moc líný povypínat věci, které to zpomalovaly a vyčistit si plochu, místo něj jsem si založil tento (Nový Účet).
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod jaro3 » 25 dub 2015 11:30

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Rutherther
Level 2
Level 2
Příspěvky: 227
Registrován: říjen 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod Rutherther » 25 dub 2015 16:48

Zatím RogueKiller, ComboFix ještě dodám:
RogueKiller V10.6.0.0 [Apr 17 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Nový Účet [Práva správce]
Started from : C:\Users\Nový Účet\Downloads\RogueKiller.exe
Mód : Smazat -- Datum : 04/25/2015 16:42:40

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-726744192-981729432-2719584852-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: HGST HTS725050A7E630 ATA Device +++++
--- User ---
[MBR] 80073b3fdbe5b9c49c5c1b67b466d51a
[BSP] 0c9169f0a641e2de810ecd1fb89f34c6 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_04212015_174547.log - RKreport_SCN_04212015_193022.log - RKreport_SCN_04252015_163758.log
Nahoru
Rutherther
Level 2
Level 2
Příspěvky: 227
Registrován: říjen 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod Rutherther » 25 dub 2015 17:51

ComboFix 15-04-19.01 - Nový Účet 25.04.2015 17:00:15.2.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3063.1369 [GMT 2:00]
Spuštěný z: c:\users\Novř -Ŕet\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nový Účet\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-25 do 2015-04-25 )))))))))))))))))))))))))))))))
.
.
2015-04-25 15:28 . 2015-04-25 15:28 -------- d-----w- c:\users\sdileni\AppData\Local\temp
2015-04-25 15:28 . 2015-04-25 15:28 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-04-25 15:28 . 2015-04-25 15:28 -------- d-----w- c:\users\mstore\AppData\Local\temp
2015-04-25 15:28 . 2015-04-25 15:28 -------- d-----w- c:\users\Fanda\AppData\Local\temp
2015-04-25 15:28 . 2015-04-25 15:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-25 15:28 . 2015-04-25 15:28 -------- d-----w- c:\users\AppData\AppData\Local\temp
2015-04-25 15:28 . 2015-04-25 15:28 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-04-24 20:02 . 2015-04-24 20:02 -------- d-----w- c:\program files\Common Files\Java
2015-04-24 15:04 . 2015-04-24 15:04 -------- d-----w- c:\program files\CamStudio 2.7
2015-04-22 17:04 . 2015-04-24 20:14 -------- d-----w- C:\FRST
2015-04-22 14:43 . 2015-04-22 14:43 -------- d-----w- c:\program files\Microsoft ASP.NET
2015-04-21 17:02 . 2015-04-21 17:04 -------- d-----w- c:\programdata\AVG2015
2015-04-21 17:02 . 2015-04-21 17:02 -------- d-----w- C:\$AVG
2015-04-21 17:00 . 2015-04-21 17:00 -------- d-----w- c:\program files\AVG
2015-04-21 16:47 . 2015-04-25 13:07 -------- d-----w- c:\programdata\MFAData
2015-04-21 15:40 . 2015-04-25 14:26 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-04-21 15:39 . 2015-04-21 15:46 -------- d-----w- c:\programdata\RogueKiller
2015-04-20 18:04 . 2015-04-20 18:04 -------- d-----w- c:\users\Nový%20Účet
2015-04-20 17:59 . 2015-04-20 17:59 -------- d-----w- c:\program files\MonoDevelop
2015-04-20 17:53 . 2015-04-20 17:53 -------- d-----w- c:\program files\Xamarin
2015-04-20 17:48 . 2015-04-20 17:54 -------- d-----w- c:\programdata\Monodoc
2015-04-20 17:18 . 2015-04-20 17:18 -------- d-----w- c:\programdata\Mono for Android
2015-04-20 16:25 . 2015-04-20 17:59 -------- d-----w- c:\program files\Xamarin Studio
2015-04-20 16:22 . 2015-04-20 17:39 -------- d-----w- c:\program files\GtkSharp
2015-04-20 15:14 . 2015-04-20 17:24 -------- d-----w- c:\programdata\Package Cache
2015-04-20 13:44 . 2015-04-21 14:59 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-20 13:43 . 2015-04-20 13:43 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-04-20 13:43 . 2015-04-20 13:43 -------- d-----w- c:\programdata\Malwarebytes
2015-04-20 13:43 . 2015-03-17 04:15 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-20 13:43 . 2015-03-17 04:15 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-20 13:43 . 2015-03-17 04:15 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-19 20:18 . 2015-04-19 20:18 -------- d-----w- c:\program files\LogMeIn Hamachi
2015-04-19 20:14 . 2015-04-19 19:32 24064 ----a-w- c:\windows\zoek-delete.exe
2015-04-19 19:32 . 2015-04-19 20:09 -------- d-----w- C:\zoek_backup
2015-04-19 19:12 . 2015-04-19 19:27 -------- d-----w- C:\AdwCleaner
2015-04-19 09:09 . 2015-04-19 09:12 -------- d-----w- c:\program files\TAP-Windows
2015-04-19 09:09 . 2015-04-19 09:12 -------- d-----w- c:\program files\OpenVPN
2015-04-18 19:17 . 2015-04-18 19:18 -------- d-----w- C:\Python27
2015-04-18 10:44 . 2015-04-18 10:44 -------- d-----w-t c:\users\NOVET~2
2015-04-15 14:20 . 2015-03-05 04:06 305152 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 11:05 . 2015-04-15 11:05 206816 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2015-04-10 17:52 . 2015-04-10 17:52 -------- d-----w- c:\program files\ISIM messenger
2015-04-09 12:12 . 2015-04-09 12:12 226784 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2015-04-08 23:45 . 2015-04-08 23:45 43520 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Mono.Cecil.Mdb.dll
2015-04-08 23:45 . 2015-04-08 23:45 43520 ----a-w- c:\program files\MSBuild\Xamarin\Android\Mono.Cecil.Mdb.dll
2015-04-08 23:45 . 2015-04-08 23:45 279552 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Mono.Cecil.dll
2015-04-08 23:45 . 2015-04-08 23:45 279552 ----a-w- c:\program files\MSBuild\Xamarin\Android\Mono.Cecil.dll
2015-04-08 23:35 . 2015-04-08 23:35 6816768 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.iOS.Tasks.dll
2015-04-08 23:35 . 2015-04-08 23:35 9728 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.MacDev.Tasks.dll
2015-04-08 23:35 . 2015-04-08 23:35 957952 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.Components.Ide.dll
2015-04-08 23:35 . 2015-04-08 23:35 76288 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.Components.dll
2015-04-08 23:35 . 2015-04-08 23:35 14848 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.VisualStudio.Build.dll
2015-04-08 23:35 . 2015-04-08 23:35 99328 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.MacDev.Tasks.Core.dll
2015-04-08 23:35 . 2015-04-08 23:35 60928 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.iOS.Tasks.Core.dll
2015-04-08 23:35 . 2015-04-08 23:35 365568 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xwt.dll
2015-04-08 23:35 . 2015-04-08 23:35 391680 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Newtonsoft.Json.dll
2015-04-08 23:35 . 2015-04-08 23:35 284160 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.MacDev.dll
2015-04-08 23:35 . 2015-04-08 23:35 14848 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.ObjcBinding.Tasks.dll
2015-04-08 23:35 . 2015-04-08 23:35 11776 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Xamarin.Utilities.dll
2015-04-08 23:34 . 2015-04-08 23:34 49152 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Mtb.Server.Common.dll
2015-04-08 23:34 . 2015-04-08 23:34 4343808 ----a-w- c:\program files\MSBuild\Xamarin\iOS\MonoTouch.Tools.dll
2015-04-08 23:34 . 2015-04-08 23:34 204288 ----a-w- c:\program files\MSBuild\Xamarin\iOS\btouch.exe
2015-04-08 23:34 . 2015-04-08 23:34 5635086 ----a-w- c:\program files\MSBuild\Xamarin\iOS\mtouch.exe
2015-04-08 23:33 . 2015-04-08 23:33 12113408 ----a-w- c:\program files\MSBuild\Xamarin\Android\mandroid.exe
2015-04-08 23:30 . 2015-04-08 23:30 7855616 ----a-w- c:\program files\MSBuild\Xamarin\iOS\monotouch.dll
2015-04-08 23:30 . 2015-04-08 23:30 2660864 ----a-w- c:\program files\MSBuild\Xamarin\iOS\mscorlib.dll
2015-04-08 23:24 . 2015-04-08 23:24 462336 ----a-w- c:\program files\MSBuild\Xamarin\iOS\Ionic.Zip.dll
2015-04-08 19:34 . 2015-04-08 19:34 -------- d-----w- C:\%appdata%
2015-04-07 10:45 . 2015-04-07 10:45 213984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2015-04-05 07:17 . 2015-04-05 07:17 -------- d-s---w- c:\windows\system32\GWX
2015-04-04 06:39 . 2005-06-15 01:00 102400 ----a-w- c:\windows\system32\tsccvid.dll
2015-04-04 06:39 . 2015-04-04 06:39 -------- d-----w- c:\program files\JPG Files To Animated GIF Converter Software
2015-04-04 06:39 . 2010-03-19 14:03 1347344 ----a-w- c:\windows\system32\Msvbvm50.dll
2015-04-03 07:37 . 2015-04-03 07:37 110048 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2015-03-31 18:36 . 2015-04-20 16:20 -------- d-----w- c:\users\Nový Účet
2015-03-31 17:36 . 2015-03-31 17:36 -------- d-----w- c:\program files\Microsoft XNA
2015-03-30 14:54 . 2015-03-30 14:54 -------- d-----w- c:\users\Administrator\AppData\Local\LogMeIn
2015-03-30 14:54 . 2015-03-30 14:59 -------- d-----w- c:\users\Administrator\AppData\Local\LogMeIn Hamachi
2015-03-30 14:53 . 2015-04-19 20:09 -------- d-----w- c:\users\Administrator\AppData\Local\Google
2015-03-29 14:52 . 2015-03-29 16:02 -------- d-----w- c:\users\Fanda\AppData\Roaming\UnOfficial
2015-03-29 13:39 . 2015-04-24 20:01 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-03-29 10:58 . 2015-03-29 10:58 -------- d-----w- c:\users\Fanda\AppData\Roaming\Proxifier
2015-03-29 10:58 . 2012-11-22 16:57 91240 ----a-w- c:\windows\system32\ProxifierShellExt.dll
2015-03-29 10:58 . 2012-11-22 16:57 70248 ----a-w- c:\windows\system32\PrxerDrv.dll
2015-03-29 10:58 . 2012-11-22 16:57 56424 ----a-w- c:\windows\system32\PrxerNsp.dll
2015-03-29 10:58 . 1997-06-06 13:52 11264 ----a-w- c:\windows\system32\SPORDER.DLL
2015-03-29 10:58 . 2015-03-29 10:58 -------- d-----w- c:\program files\Proxifier
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 15:53 . 2014-06-15 07:22 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-15 15:53 . 2014-06-15 07:22 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-30 13:25 . 2014-08-04 09:20 26176 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-20 10:18 . 2015-03-20 10:18 35808 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2015-03-17 04:57 . 2015-04-15 14:21 248832 ----a-w- c:\windows\system32\schannel.dll
2015-03-11 10:13 . 2015-03-11 10:13 269792 ----a-w- c:\windows\system32\drivers\avglogx.sys
2015-03-11 10:13 . 2015-03-11 10:13 166880 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2015-03-11 10:13 . 2015-03-11 10:13 132576 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2015-03-11 10:08 . 2015-03-11 10:08 29664 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2015-02-26 03:11 . 2015-03-11 17:05 2381312 ----a-w- c:\windows\system32\win32k.sys
2015-02-20 04:13 . 2015-03-11 17:02 26624 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:13 . 2015-03-11 17:02 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:13 . 2015-03-11 17:02 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:13 . 2015-03-11 17:02 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 03:09 . 2015-03-11 17:02 299008 ----a-w- c:\windows\system32\atmfd.dll
2015-02-17 14:26 . 2015-02-17 14:26 1217184 ----a-w- c:\windows\system32\FM20.DLL
2015-02-12 16:16 . 2015-03-02 08:26 748616 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2015-02-12 16:16 . 2015-03-02 08:26 104384 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2015-02-12 16:16 . 2015-02-12 16:16 174888 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2015-02-12 16:16 . 2015-02-12 16:16 127008 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2015-02-12 16:16 . 2015-02-12 16:16 115672 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 02:54 . 2015-03-11 17:01 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-03 03:16 . 2015-03-11 17:01 78784 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:12 . 2015-03-11 17:01 617984 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-11 17:01 179200 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:12 . 2015-03-11 17:06 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:12 . 2015-03-11 17:04 171520 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:12 . 2015-03-11 17:01 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:12 . 2015-03-11 17:01 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:12 . 2015-03-11 17:01 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:12 . 2015-03-11 17:01 1329664 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:12 . 2015-03-11 17:01 519680 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:12 . 2015-03-11 17:01 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:12 . 2015-03-11 17:01 157184 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:12 . 2015-03-11 17:01 28160 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:12 . 2015-03-11 17:01 8192 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:12 . 2015-03-11 17:01 504320 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:12 . 2015-03-11 17:01 265216 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:12 . 2015-03-11 17:01 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:12 . 2015-03-11 17:01 3209728 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:12 . 2015-03-11 17:01 354816 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:12 . 2015-03-11 17:01 103424 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:12 . 2015-03-11 17:01 489984 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:12 . 2015-03-11 17:01 275968 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:12 . 2015-03-11 17:01 988160 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:12 . 2015-03-11 17:01 406016 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:12 . 2015-03-11 17:01 1174528 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:12 . 2015-03-11 17:01 1005056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:12 . 2015-03-11 17:01 103936 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:12 . 2015-03-11 17:01 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-03 03:12 . 2015-03-11 17:01 81408 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:12 . 2015-03-11 17:01 744960 ----a-w- c:\windows\system32\blackbox.dll
2015-02-03 03:12 . 2015-03-11 17:01 475136 ----a-w- c:\windows\system32\audiosrv.dll
2015-02-03 03:12 . 2015-03-11 17:01 374784 ----a-w- c:\windows\system32\AudioEng.dll
2015-02-03 03:12 . 2015-03-11 17:01 50688 ----a-w- c:\windows\system32\appidapi.dll
2015-02-03 03:12 . 2015-03-11 17:01 195584 ----a-w- c:\windows\system32\AudioSes.dll
2015-02-03 03:12 . 2015-03-11 17:01 27648 ----a-w- c:\windows\system32\appidsvc.dll
2015-02-03 03:11 . 2015-03-11 17:01 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2015-02-03 03:11 . 2015-03-11 17:01 9728 ----a-w- c:\windows\system32\pcawrk.exe
2015-02-03 03:11 . 2015-03-11 17:01 8192 ----a-w- c:\windows\system32\pcalua.exe
2015-02-03 03:11 . 2015-03-11 17:01 23040 ----a-w- c:\windows\system32\mfpmp.exe
2015-02-03 03:11 . 2015-03-11 17:01 100864 ----a-w- c:\windows\system32\audiodg.exe
2015-02-03 03:11 . 2015-03-11 17:01 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-02-03 03:11 . 2015-03-11 17:01 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-02-03 03:11 . 2015-03-11 17:01 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2015-02-03 03:10 . 2015-03-11 17:01 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-02-03 03:09 . 2015-03-11 17:01 2048 ----a-w- c:\windows\system32\mferror.dll
2015-02-03 03:00 . 2015-03-11 17:01 593920 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-02-03 02:26 . 2015-03-11 17:01 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2015-01-30 23:56 . 2015-03-11 17:01 370488 ----a-w- c:\windows\system32\drivers\cng.sys
2015-01-27 23:36 . 2015-02-11 15:08 1167520 ----a-w- c:\windows\system32\aitstatic.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files\OSCAR Editor X7\OscarEditor.exe" [2012-03-20 3340288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"V0470Mon.exe"="c:\windows\V0470Mon.exe" [2007-06-03 32768]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2015-04-15 3745232]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-06-01 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19 3696912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2015-03-30 13:29 3978600 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Proxifier]
2012-11-21 02:32 4074600 ----a-w- c:\program files\Proxifier\Proxifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2014-10-14 19:33 632328 ----a-w- c:\program files\Sandboxie\SbieCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-12-11 11:03 30878816 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2015-04-10 09:57 335232 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2015-04-15 3438032]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-03-13 102912]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-03-17 51928]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\system32\DRIVERS\V0470Vid.sys [2007-05-08 146720]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-05-31 1343400]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-12-11 315496]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2015-03-11 166880]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2015-03-11 269792]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2015-04-09 226784]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2015-03-11 29664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2015-04-15 206816]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2015-04-07 213984]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-22 243128]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2015-02-12 748616]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2015-02-12 104384]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [2015-04-15 311792]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2015-03-30 1848168]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-03-30 411920]
S2 MySQL56;MySQL56;c:\program files\MySQL\MySQL Server 5.6\bin\mysqld.exe [2015-01-19 11035136]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 410768]
S2 Tuio-To-vmulti-Device1;Tuio-To-vmulti-Device1;c:\program files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-1.exe [2013-01-10 97016]
S2 Tuio-To-vmulti-Device2;Tuio-To-vmulti-Device2;c:\program files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-2.exe [2013-01-10 97016]
S2 Tuio-To-vmulti-Device3;Tuio-To-vmulti-Device3;c:\program files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-3.exe [2013-01-10 97016]
S2 Tuio-To-vmulti-Device4;Tuio-To-vmulti-Device4;c:\program files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-4.exe [2013-01-10 97016]
S2 Tuio-To-vmulti-Device5;Tuio-To-vmulti-Device5;c:\program files\EcoTuioDriver\Executables\Tuio-to-Vmulti-Service-5.exe [2013-01-10 97016]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-03-17 23256]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2015-02-12 115672]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2015-02-12 127008]
S3 vmultia;vmultia HID;c:\windows\system32\DRIVERS\vmultia.sys [2013-01-08 17648]
S3 vmultib;vmultib HID;c:\windows\system32\DRIVERS\vmultib.sys [2013-01-08 17648]
S3 vmultic;vmultic HID;c:\windows\system32\DRIVERS\vmultic.sys [2013-01-08 17648]
S3 vmultid;vmultid HID;c:\windows\system32\DRIVERS\vmultid.sys [2013-01-08 17648]
S3 vmultie;vmultie HID;c:\windows\system32\DRIVERS\vmultie.sys [2013-01-08 17648]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-18 12:00 988488 ----a-w- c:\program files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-CCleaner Monitoring - c:\program files\CCleaner\CCleaner.exe
AddRemove-{29da3a37-6a61-4767-bb98-86d0515cd0b1} - c:\programdata\Package Cache\{29da3a37-6a61-4767-bb98-86d0515cd0b1}\VS11-KB3002339.exe
AddRemove-{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 - c:\program files\Skillbrains\lightshot\unins000.exe
AddRemove-{312d9252-c71c-4c84-b171-f4ad46e22098} - c:\programdata\Package Cache\{312d9252-c71c-4c84-b171-f4ad46e22098}\VS2012.4.exe
AddRemove-{56ef8912-352f-4fab-9c73-6f1c92a7127f} - c:\programdata\Package Cache\{56ef8912-352f-4fab-9c73-6f1c92a7127f}\patch_KB2781514.exe
AddRemove-{e0efdce9-a486-4676-8aa5-65bb08cbf34c} - c:\programdata\Package Cache\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}\wdexpress_full.exe
AddRemove-{f0080ca2-80ae-4958-b6eb-e8fa916d744a} - c:\programdata\Package Cache\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-04-25 17:33:42
ComboFix-quarantined-files.txt 2015-04-25 15:33
ComboFix2.txt 2015-02-06 16:42
.
Před spuštěním: Volných bajtů: 371 566 239 744
Po spuštění: Volných bajtů: 371 131 920 384
.
- - End Of File - - BF7D8BD24874858720497E26D6CF2F38
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod Orcus » 26 dub 2015 18:15

Prvně se prosím rozhodni, který účet chceš vlastně používat. Máš tam dva, jak sám píšeš. Ten druhý by bylo vhodné odstranit. :-)
http://windows.microsoft.com/cs-cz/wind ... er-account
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
Rutherther
Level 2
Level 2
Příspěvky: 227
Registrován: říjen 14
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod Rutherther » 26 dub 2015 19:29

Ok, vymažu účet Fanda, nechal jsem si ho tam jen kvůli věcem na ploše, nechtěl jsem je hned tahat někam na ten nový účet.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: HiJackThis

Příspěvekod jaro3 » 27 dub 2015 09:04

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\DRIVERS\vmultia.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 74 hostů