Notebook se vypíná Vyřešeno

[Orcus]

Zkus jej nejprve zkopírovat na plochu.

[Reklama]

[norsoncze]

Nejsem si jist, co myslíte. Zkopírovat. Napisi to do vyhledávání win a nic.

Omlouvám se že stále otravuji, ta chyba jw způsobena windowse? Stačilo by přeinstalovat win?

[jaro3]

Stáhni si z některého odkazu SystemLook
SystemLook (32-bit)
http://jpshortstuff.247fixes.com/SystemLook.exe

SystemLook (64-bit)
http://jpshortstuff.247fixes.com/SystemLook_x64.exe

a ulož si ho na plochu.

Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:

Kód: Vybrat vše

:filefind
lafmr.sys.*



Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.

Funguje Ti program Plus500? Combofix smazal jeho složku.
Pokud nejde , chceš složku vrátit zpět?

[norsoncze]

Plus500 Funguje


SystemLook 30.07.11 by jpshortstuff
Log created at 17:10 on 16/12/2015 by Ondra 2
Administrator - Elevation successful

========== filefind ==========

Searching for "lafmr.sys.*"
No files found.

-= EOF =-

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\System32\drivers\lafmr.sys
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf00c34c0a0f47.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d040bd49d93d7.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e41f7f301e7b.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bc418ad6067.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d040bd4fccae2.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d08e455e2cb149.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e41f7f94d3c5.job


Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Common\Google Updater
c:\program files (x86)\Google\Update

Driver::
aksagw
SkypeUpdate

DDS::
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[norsoncze]

ComboFix 15-12-12.01 - Ondra 2 16.12.2015 18:03:45.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3959.2152 [GMT 1:00]
Spuštěný z: c:\users\Ondra 2\Desktop\FUTSAL\Nová složka\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ondra 2\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\System32\drivers\lafmr.sys"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\Google Software Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf00c34c0a0f47.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1d040bd49d93d7.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e41f7f301e7b.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bc418ad6067.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d040bd4fccae2.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d08e455e2cb149.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e41f7f94d3c5.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Common\Google Updater
c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\GoogleUpdate.exec:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\ntuser.pol
c:\users\Ondra 2\AppData\Local\Plus500
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\BigLoading.gif
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_AutoYScaleDown.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_AutoYScaleUp.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_Cancel.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_cashier.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_CrosshairDown.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_CrosshairUp.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_DemoMode.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_downarrow_red.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_Help.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_Help2.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_ChartSettings.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_MoveDown.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_MoveUp.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_OK.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_RateAlerts.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_RealMode.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_Search.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_SetupIndicators.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_SwitchToCandleStick.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_SwitchToFun.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_SwitchToLine.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_SwitchToReal.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_ZoomIn.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_ZoomOut.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\but_ZoomReset.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\challenge_loading.gif
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\iconDelete.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_ABNAMRO.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_AboutWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_ArrowDown.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_ArrowUp.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_Barclays.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_BigBell.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_BigBellSelected.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_BigFavorite.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_BigFavoriteSelected.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_BuySellSeparator.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_BuySellWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierDepositWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierDepositWallpaper_Lock.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierMainWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierMainWallpaper_OneMargin.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierMainWallpaper1.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierMainWallpaper1s.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierMainWallpaper2.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierMainWallpaper2s.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierMainWallpaper3.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierMainWallpaper3s.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierUploadDocRegulation.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CashierUploadDocRegulationNoBonus.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_CommonwealthBank.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_Error.PNG
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_GuaranteedStop.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_ChallengeStandings_Wallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_ChartToolbar.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_IBB.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_InstrumentScreenLeftWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_InstrumentScreenRightWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_LoginWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList0.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList1.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList2.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList3.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList4.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList5.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList6.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList7.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyIconsImageList8.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyLeftWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_MainLobbyRightWallpaper.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\img_RateUs.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\InvestSmallBtns.ssk
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\InvestSoft.ssk
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\Loading.gif
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_AuthorisationForm.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_BankDraft.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_BankStatement.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_BPay.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CashU.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCard.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsAmex.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsDiners.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsDiscover.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsEnRoute.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsIsracard.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsJcb.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsMasterCard.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsUnkown.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_CreditCardsVisa.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_Doc.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_ECard.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_Email.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_ENets.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_GiroPay.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_IDeal.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_ING.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_Nordea.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_OnlineUberweisung.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_Other.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_PayMethod.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_PayPal.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_Phone.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_PhotoID.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_ResidenceVerification.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_SelfPhoto.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_Skrill.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_Sofortuberweisung.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_WesternUnion.png
c:\users\Ondra 2\AppData\Local\Plus500\Languages\en\Images\VC_Wire.png
c:\users\Ondra 2\AppData\Local\Plus500\Main\InvestSoft.log
c:\users\Ondra 2\AppData\Local\Plus500\Main\InvestSoftProject.exe
c:\users\Ondra 2\AppData\Local\Plus500\Main\InvestSoftProject.jdbg
c:\users\Ondra 2\AppData\Local\Plus500\Main\log4delphi.log
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AboutGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AboutGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AddPayMethodsScreenGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AddPayMethodsScreenGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AdjustmentGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AdjustmentGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AlertsGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AlertsGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AMLWarningGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\AMLWarningGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\BuySellGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\BuySellGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierAddressVerificationGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierAddressVerificationGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierBonusAccountGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierBonusAccountGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierDepositGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierDepositGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierEmailVerificationGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierEmailVerificationGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierFullRegistration_ASIC_GUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierFullRegistration_ASIC_GUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierFullRegistration_FSA_GUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierFullRegistration_FSA_GUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierFullRegistrationGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierFullRegistrationGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierGUIbrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierHistoryGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierHistoryGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierChangePasswordGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierChangePasswordGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierMainGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierMainGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierPhoneVerificationGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierPhoneVerificationGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierQuestionnaireFSA_NEW_GUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierQuestionnaireFSA_NEW_GUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierQuestionnaireGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierQuestionnaireGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierReportsGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierReportsGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierSnapshotGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierSnapshotGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierUploadDocsGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierUploadDocsGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierWithdrawGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CashierWithdrawGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ClosePositionGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ClosePositionGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\Countries.xml
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CreateUserGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\CreateUserGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\DontShowAgainGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\DontShowAgainGUIbrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\EquityWarningGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\EquityWarningGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\FavoritesSetupGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\FavoritesSetupGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ForgotPasswordGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ForgotPasswordGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChallengeCreateGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChallengeCreateGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChallengeHelpGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChallengeHelpGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChallengeInviteGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChallengeInviteGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChallengeStandingsGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChallengeStandingsGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChartGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ChartGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsADXGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsADXGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsAligatorGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsAligatorGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsBollingerGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsBollingerGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsEnvelopesGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsEnvelopesGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsMACDOsMAGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsMACDOsMAGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsMovingAverageGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsMovingAverageGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsParabolicSARGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsParabolicSARGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsPeriodGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsPeriodGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsStochasticGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IndicatorsStochasticGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\InstrumentScreenGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\InstrumentScreenGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\InvestSoft.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\InvestSoftBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IsRealGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\IsRealGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\LinkMessageDlgGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\LinkMessageDlgGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\LiveChatGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\LiveChatGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\LoginGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\LoginGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\MainLobbyGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\MainLobbyGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\Nationalities.xml
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\PaymentMEthodsScreenGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ProcessingGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ProcessingGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ProcessingSmallGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\ProcessingSmallGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\RateAlertGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\RateAlertGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\RateAlertSetupGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\RateAlertSetupGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\RateUsGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\RateUsGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\SendBankAccountGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\SendBankAccountGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\SendCreditCardGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\SendCreditCardGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\SettingsGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\SettingsGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\UploadFileControlGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\UploadFileGUI.sil
c:\users\Ondra 2\AppData\Local\Plus500\Main\SIL\UploadFileGUIBrand.sil
c:\users\Ondra 2\AppData\Local\Plus500\Update\500w.exe
c:\users\Ondra 2\AppData\Local\Plus500\Update\500z.exe
c:\users\Ondra 2\AppData\Local\Plus500\Update\product.ico
c:\users\Ondra 2\AppData\Local\Plus500\Update\ResourceChange.exe
c:\users\Ondra 2\AppData\Local\Plus500\Update\uninstall.ico
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf00c34c0a0f47.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d040bd49d93d7.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e41f7f301e7b.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bc418ad6067.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d040bd4fccae2.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d08e455e2cb149.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e41f7f94d3c5.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_aksagw
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-16 do 2015-12-16 )))))))))))))))))))))))))))))))
.
.
2015-12-16 17:16 . 2015-12-16 17:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-12-16 17:16 . 2015-12-16 17:16 -------- d-----w- c:\users\Kuba\AppData\Local\temp
2015-12-16 17:16 . 2015-12-16 17:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-15 16:46 . 2015-11-17 06:43 11138400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1231833D-970E-4620-9AAC-47ED0C341A5E}\mpengine.dll
2015-12-13 19:56 . 2015-12-13 18:51 24064 ----a-w- c:\windows\zoek-delete.exe
2015-12-13 19:56 . 2015-12-16 17:20 -------- d-----w- c:\users\Ondra 2\AppData\Local\Temp
2015-12-13 18:11 . 2015-12-13 19:52 -------- d-----w- C:\zoek_backup
2015-12-13 11:30 . 2015-12-13 17:08 36608 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-12-13 11:30 . 2015-12-13 16:32 -------- d-----w- c:\programdata\RogueKiller
2015-12-12 12:16 . 2015-12-16 17:20 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-12 12:15 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-12 12:15 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-12 12:15 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-12-12 12:15 . 2015-12-12 12:15 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-12-12 12:15 . 2015-12-12 12:15 -------- d-----w- c:\programdata\Malwarebytes
2015-12-12 11:50 . 2015-12-12 11:50 -------- d-----w- C:\AdwCleaner
2015-12-12 11:39 . 2015-12-12 11:39 -------- d-----w- C:\NVIDIA
2015-12-11 18:07 . 2012-02-14 10:49 147456 ----a-w- c:\windows\SysWow64\PCWizard.cpl
2015-12-11 18:07 . 2015-12-11 18:07 -------- d-----w- c:\program files (x86)\CPUID
2015-12-11 16:07 . 2015-12-12 12:43 -------- d-----w- c:\program files (x86)\SpeedFan
2015-12-09 13:22 . 2015-11-11 18:53 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2015-12-09 13:22 . 2015-11-11 18:53 525312 ----a-w- c:\windows\system32\catsrvut.dll
2015-12-09 13:22 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2015-12-09 13:22 . 2015-11-11 18:39 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2015-12-09 13:22 . 2015-11-05 19:02 2048 ----a-w- c:\windows\system32\tzres.dll
2015-12-09 13:22 . 2015-11-05 19:00 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-12-09 13:22 . 2015-11-03 19:04 802304 ----a-w- c:\windows\system32\usp10.dll
2015-12-09 13:22 . 2015-11-03 18:56 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2015-12-09 13:17 . 2015-11-10 18:55 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-12-09 13:16 . 2015-11-11 21:12 293064 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-12-09 13:16 . 2015-11-08 21:34 1018368 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-12-09 13:16 . 2015-11-11 16:21 25837568 ----a-w- c:\windows\system32\mshtml.dll
2015-12-09 13:16 . 2015-11-08 22:27 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-12-09 13:14 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2015-12-09 13:14 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-10 09:56 . 2013-12-23 10:52 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-12-09 19:08 . 2013-12-21 19:59 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-09 19:08 . 2013-12-21 19:59 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-02 12:18 . 2013-12-21 18:56 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-11-03 22:17 . 2015-04-30 14:40 2953096 ----a-w- c:\windows\SysWow64\%InstallDir%speclean.exe
2015-10-29 17:50 . 2015-11-11 13:11 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:50 . 2015-11-11 13:11 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:50 . 2015-11-11 13:11 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 13:11 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 13:11 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 13:11 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:50 . 2015-11-11 13:11 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50 . 2015-11-11 13:11 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-10-29 17:50 . 2015-11-11 13:11 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-10-29 17:49 . 2015-11-11 13:11 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-10-29 17:49 . 2015-11-11 13:11 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 13:11 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 13:11 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 13:11 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:49 . 2015-11-11 13:11 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-10-29 17:39 . 2015-11-11 13:11 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:12 . 2015-11-11 13:12 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 01:12 . 2015-11-11 13:12 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-10-20 01:12 . 2015-11-11 13:12 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 01:09 . 2015-11-11 13:12 1730496 ----a-w- c:\windows\system32\ntdll.dll
2015-10-20 01:06 . 2015-11-11 13:12 243712 ----a-w- c:\windows\system32\wow64.dll
2015-10-20 01:06 . 2015-11-11 13:12 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-10-20 01:06 . 2015-11-11 13:12 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-20 01:06 . 2015-11-11 13:12 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-10-20 01:05 . 2015-11-11 13:12 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-10-20 01:05 . 2015-11-11 13:12 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-10-20 01:05 . 2015-11-11 13:12 503808 ----a-w- c:\windows\system32\srcore.dll
2015-10-20 01:05 . 2015-11-11 13:12 50176 ----a-w- c:\windows\system32\srclient.dll
2015-10-20 01:05 . 2015-11-11 13:12 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-10-20 01:05 . 2015-11-11 13:12 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-10-20 01:05 . 2015-11-11 13:12 28160 ----a-w- c:\windows\system32\secur32.dll
2015-10-20 01:05 . 2015-11-11 13:12 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 01:05 . 2015-11-11 13:12 1216512 ----a-w- c:\windows\system32\rpcrt4.dll
2015-10-20 01:05 . 2015-11-11 13:12 312320 ----a-w- c:\windows\system32\ncrypt.dll
2015-10-20 01:05 . 2015-11-11 13:12 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-10-20 01:05 . 2015-11-11 13:12 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-10-20 01:05 . 2015-11-11 13:12 729600 ----a-w- c:\windows\system32\kerberos.dll
2015-10-20 01:05 . 2015-11-11 13:12 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-10-20 01:05 . 2015-11-11 13:12 1164800 ----a-w- c:\windows\system32\kernel32.dll
2015-10-20 01:05 . 2015-11-11 13:12 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-10-20 01:05 . 2015-11-11 13:12 44032 ----a-w- c:\windows\system32\cryptbase.dll
2015-10-20 01:05 . 2015-11-11 13:12 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-10-20 01:05 . 2015-11-11 13:12 22016 ----a-w- c:\windows\system32\credssp.dll
2015-10-20 01:05 . 2015-11-11 13:12 112640 ----a-w- c:\windows\system32\smss.exe
2015-10-20 01:05 . 2015-11-11 13:12 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-10-20 01:04 . 2015-11-11 13:12 31232 ----a-w- c:\windows\system32\lsass.exe
2015-10-20 01:04 . 2015-11-11 13:12 338432 ----a-w- c:\windows\system32\conhost.exe
2015-10-20 01:04 . 2015-11-11 13:12 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-10-20 01:00 . 2015-11-11 13:12 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-10-20 00:59 . 2015-11-11 13:12 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-20 00:53 . 2015-11-11 13:12 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-10-20 00:53 . 2015-11-11 13:12 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:12 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-10-20 00:53 . 2015-11-11 13:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-20 00:52 . 2015-11-11 13:12 3991488 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52 . 2015-11-11 13:12 3935680 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48 . 2015-11-11 13:12 1311768 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-10-20 00:45 . 2015-11-11 13:12 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-10-20 00:45 . 2015-11-11 13:12 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-10-20 00:45 . 2015-11-11 13:12 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-10-20 00:45 . 2015-11-11 13:12 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-11 13:12 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-10-20 00:45 . 2015-11-11 13:12 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-10-20 00:45 . 2015-11-11 13:12 223232 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-10-20 00:45 . 2015-11-11 13:12 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-10-20 00:45 . 2015-11-11 13:12 552960 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-10-20 00:45 . 2015-11-11 13:12 36864 ----a-w- c:\windows\SysWow64\cryptbase.dll
2015-10-20 00:45 . 2015-11-11 13:12 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-10-20 00:45 . 2015-11-11 13:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Ondra 2\AppData\Local\Akamai\netsession_win.exe" [2015-09-10 4691384]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE" [2013-02-18 774168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
.
c:\users\Ondra 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files (x86)\Common Files\Lingea Shared\luc.exe [2008-7-10 197912]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2014-12-24 576000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UVS11 Preload"=c:\program files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
R3 cpuz137;cpuz137;c:\program files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode;c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys;c:\windows\SYSNATIVE\drivers\TotRec8.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-09 13:24 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.80\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-05-27 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-05-27 521272]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-12-17 4367808]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6988736]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-08-19 5617432]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.60.1.1 10.60.1.43
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
FF - ProfilePath - c:\users\Ondra 2\AppData\Roaming\Mozilla\Firefox\Profiles\2vyvvje9.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
.
**************************************************************************
.
Celkový čas: 2015-12-16 18:27:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-12-16 17:27
ComboFix2.txt 2015-12-13 21:32
.
Před spuštěním: Volných bajtů: 125 546 962 944
Po spuštění: Volných bajtů: 125 236 322 304
.
- - End Of File - - 2B810E82DEA48099A226CB730A0671B4

[norsoncze]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:41:16, on 16.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

FIREFOX: 42.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\Users\Ondra 2\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Ondra 2\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.1.0\ViProtocol.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Core Service (WMCoreService) - Unknown owner - C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11108 bytes

[Orcus]

Odinstaluj Bing Bar.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt

Co problémy?

[norsoncze]

Notebook už pomalu vůbec nekolísá, sem tam trošičku, ale stejně se vypíná :/

# DelFix v1.011 - Logfile created 17/12/2015 at 14:49:10
# Updated 18/08/2015 by Xplode
# Username : Ondra 2 - ONDRA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-12-13-181918.log
Deleted : C:\Users\Ondra 2\Desktop\adwcleaner.rar
Deleted : C:\Users\Ondra 2\Desktop\fss.png.uid-zps
Deleted : C:\Users\Ondra 2\Desktop\JRT.txt
Deleted : C:\Users\Ondra 2\Desktop\HijackThis.exe
Deleted : C:\Users\Ondra 2\Desktop\hijackthis.log
Deleted : C:\Users\Ondra 2\Desktop\SystemLook.txt
Deleted : C:\Users\Ondra 2\Desktop\SystemLook_x64.exe
Deleted : C:\Users\Ondra 2\Downloads\adwcleaner_5.024.exe
Deleted : C:\Users\Ondra 2\Downloads\TFC.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #334 [ComboFix created restore point | 12/16/2015 16:58:25]

New restore point created !

########## - EOF - ##########

[jaro3]

Navštiv sekci problémy s HW. Piokud Ti tam neporadí , vrať se sem.

[norsoncze]

Od nich, jsem přišel se. Mě poslali :)

[jaro3]

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

přesto si myslím , že to viry nebude.