Prosím o kontrolu- zlobí myš, klávesnice.

karbi02 · Příspěvekod **karbi02** » 21 pro 2015 18:37

Ahoj, po instalaci jednoho programu mi začala zlobit klávesnice, myš, z firefoxu mi zmizely záložky a na ploše se objevila složka "Původní data aplikace Firefox". Data do firefoxu se mi již nepodařilo obnovit. Program jsem odinstaloval, provedl obnovení systému. Firefox jsem přeinstaloval. V programu ATF je zašedlá záložka Firefox, nejde vložit zatržítka. Eset našel pár věcí které smazal. Prosím o kontrolu:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:32:17, on 21.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Libor\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Libor\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus Office BX635FWD"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus Office BX635FWD"
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9076 bytes

# AdwCleaner v5.026 - Logfile created 21/12/2015 at 18:19:28
# Updated 21/12/2015 by Xplode
# Database : 2015-12-21.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Libor - LIBOR-PC
# Running from : C:\Users\Libor\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : C:\ProgramData\simplitec

***** [ Files ] *****

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\UpdateStar
Key Found : HKCU\Software\PRODUCTSETUP
Key Found : HKLM\SOFTWARE\simplitec

***** [ Web browsers ] *****

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [738 bytes] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21.12.2015
Čas skenování: 18:23
Protokol: MAM.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.12.21.05
Databáze rootkitů: v2015.12.18.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Libor

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 339910
Uplynulý čas: 6 min, 43 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.InstallCore, HKU\S-1-5-21-43297863-2672691824-2558519543-1000\SOFTWARE\ICSW1.14, , [794021868308a88e812c1490768d2ad6],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.OpenCandy, C:\Users\Libor\Downloads\ac3filter_2_6_0b.exe, , [6356b1f67e0d42f44af819b58a779a66],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Reklama

Příspěvekod **jerabina** » 21 pro 2015 18:52

Ehm .. jaký program jsi nainstaloval?

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

karbi02 · Příspěvekod **karbi02** » 21 pro 2015 21:31

Po vyčištění MbAM přestal fungovat Firefox a Thunderbird. Zkusil jsem přeinstalovat i obnovu systému. Když spustím firefox, přijde hláška "Aplikace Firefox je již spuštěna, ale neodpovídá. Pro otevření nového okna musíte nejprve ukončit původní proces Firefox, nebo restartovat systém". Thunderbird po potvrzení hodí hlášku " Profil Thunderbird nelze nahrát. Pravděpodobně chybí nebo je nedostupný." Ve správci úloh vidět nejsou. Explorer nefunguje taky, jen naběhne úvodní okno. Stáhnul jsem operu, ta zatím jde....
ADW cleaner nejde aktualizovat, chce Firefox.
Přidáno: Opera si nepamatuje přihlašovací hesla, i když se ptá... Dále hraji hru trackmania. Při spuštění mi to píše " Neúspěšný zápis nastavení do C:/User/Libor/Documents/TrackMania/Config/Default.SystemConfig.Gbx". Skype má taky nějaký problém, automaticky se nepřihlásil, heslo mi nějak nefunguje, ale s tím si nejsem jistý, jestli mám správné, to budu řešit zítra. Ještě dodám, že RK vyhodil adresu C:/User/Libor/Download..., tak jsem hledal složku download a nenašel. Zkoušel jsem různá nastavení skrytých souborů a nenašel. Doufám, že jsem toto nějak nerozvrtal a tam není zakopaný pes těch dalších problémů. Jednu chvíli jsem měl zašedlé všechny ikony na ploše.
RogueKiller chce Firefox, ale jde to přeskočit:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 21.12.2015
Čas skenování: 20:34
Protokol: MBam.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.12.21.05
Databáze rootkitů: v2015.12.18.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Libor

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 341475
Uplynulý čas: 8 min, 18 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.InstallCore, HKU\S-1-5-21-43297863-2672691824-2558519543-1000\SOFTWARE\ICSW1.14, Do karantény, [6e4b4364523942f47b32e0c455ae34cc],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.OpenCandy, C:\Users\Libor\Downloads\ac3filter_2_6_0b.exe, Do karantény, [e8d18d1a7d0e1b1b5ce6a42aad54ad53],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

# AdwCleaner v5.026 - Logfile created 21/12/2015 at 19:18:25
# Updated 21/12/2015 by Xplode
# Database : 2015-12-21.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Libor - LIBOR-PC
# Running from : C:\Users\Libor\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\simplitec

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\UpdateStar
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKLM\SOFTWARE\simplitec

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [854 bytes] ##########
# AdwCleaner v5.023 - Logfile created 21/12/2015 at 20:50:32
# Updated 30/11/2015 by Xplode
# Database : 2015-12-21.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Libor - LIBOR-PC
# Running from : C:\Users\Libor\Downloads\adwcleaner_5.023.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\UpdateStar
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKLM\SOFTWARE\simplitec

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1747 bytes] ##########

RogueKiller V11.0.4.0 (x64) [Dec 20 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Libor [Práva správce]
Started from : C:\Users\Libor\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 12/21/2015 21:24:38

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([X]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4631885D-673B-4C36-8284-FA03D9245D67} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4631885D-673B-4C36-8284-FA03D9245D67} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{4631885D-673B-4C36-8284-FA03D9245D67} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] 77146d76e59a69724b2a77313bf4a04f
[BSP] 9f6cbe41f8e7b024444951d5b86b9a2c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 253768 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 519923712 | Size: 699999 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Verbatim STORE N GO USB Device +++++
--- User ---
[MBR] 19d256ac7ae08e55872cefafd553c9fc
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 35328 | Size: 30991 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Příspěvekod **jaro3** » 22 pro 2015 10:15

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

karbi02 · Příspěvekod **karbi02** » 22 pro 2015 11:38

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Libor (Administrator) on Łt 22.12.2015 at 10:25:03,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 22.12.2015 at 10:26:00,17
End of JRT log

RogueKiller V11.0.4.0 (x64) [Dec 20 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Libor [Práva správce]
Started from : C:\Users\Libor\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 12/22/2015 10:50:59

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4631885D-673B-4C36-8284-FA03D9245D67} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4631885D-673B-4C36-8284-FA03D9245D67} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{4631885D-673B-4C36-8284-FA03D9245D67} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 5 ¤¤¤
[FIREFX:Addon] 548jcbde.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[FIREFX:Addon] 548jcbde.default : Mozilla Firefox hotfix [firefox-hotfix@mozilla.org] -> Smazáno
[FIREFX:Addon] 548jcbde.default : Norton Toolbar [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] -> Smazáno
[FIREFX:Addon] dlyheg5l.default-1450712720565 : Mozilla Firefox hotfix [firefox-hotfix@mozilla.org] -> Smazáno
[FIREFX:Addon] dlyheg5l.default-1450712720565 : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] 77146d76e59a69724b2a77313bf4a04f
[BSP] 9f6cbe41f8e7b024444951d5b86b9a2c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 253768 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 519923712 | Size: 699999 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Zoek.exe v5.0.0.1 Updated 21-December-2015
Tool run by Libor on Łt 22.12.2015 at 10:53:14,66.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Libor\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.12.2015 10:54:16 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\Libor\AppData\Local\Adobe deleted successfully
C:\Users\Libor\AppData\Local\Skype deleted successfully
C:\Users\Libor\AppData\Local\Sparta deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\zuhd5oss.default-1450709288212\prefs.js:

Added to C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\zuhd5oss.default-1450709288212\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Libor\AppData\Roaming\Thunderbird\Profiles\ttw7969e.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Libor\AppData\Roaming\Thunderbird\Profiles\ttw7969e.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\548jcbde.default\prefs.js:

Added to C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\548jcbde.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\dlyheg5l.default-1450712720565\prefs.js:

Added to C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\dlyheg5l.default-1450712720565\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\3Planesoft 3D Screensavers All in One deleted
C:\Users\Libor\AppData\Roaming\sparta111 deleted
C:\PROGRA~3\Package Cache deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\zuhd5oss.default-1450709288212
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Libor\AppData\Roaming\Thunderbird\Profiles\ttw7969e.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\548jcbde.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\dlyheg5l.default-1450712720565
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Libor\AppData\Roaming\Thunderbird\Profiles\ttw7969e.default
- MinimizeToTray Plus - %ProfilePath%\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Extra Folder Columns - %ProfilePath%\extensions\extra-cols@jminta_gmail.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\zuhd5oss.default-1450709288212
5DF56521E8985BFD8F21A3D97A4D4574 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll - Shockwave Flash

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]

==== Chromium Fix ======================

C:\Users\Libor\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Libor\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?linkid=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?linkid=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Libor\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Libor\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Libor\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Libor\AppData\Local\Mozilla\Firefox\Profiles\dlyheg5l.default-1450712720565\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Libor\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=946 folders=123 3589105226 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Libor\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Libor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 22.12.2015 at 11:25:06,93 ======================

ComboFix 15-12-16.01 - Libor 22.12.2015 11:29:49.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8136.5663 [GMT 1:00]
Spuštěný z: c:\users\Libor\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-22 do 2015-12-22 )))))))))))))))))))))))))))))))
.
.
2015-12-22 10:07 . 2015-12-22 09:53 24064 ----a-w- c:\windows\zoek-delete.exe
2015-12-22 09:53 . 2015-12-22 10:06 -------- d-----w- C:\zoek_backup
2015-12-22 07:37 . 2015-12-22 07:37 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-12-22 07:37 . 2015-12-22 07:37 -------- d-----r- c:\program files (x86)\Skype
2015-12-21 21:41 . 2015-12-22 07:45 -------- d-----w- c:\users\Libor\AppData\Local\Google
2015-12-21 21:41 . 2015-12-22 07:46 -------- d-----w- c:\program files (x86)\Google
2015-12-21 19:47 . 2015-12-22 09:27 36608 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-12-21 19:47 . 2015-12-21 19:47 -------- d-----w- c:\programdata\RogueKiller
2015-12-21 19:34 . 2015-12-22 10:25 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-21 19:34 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-21 19:34 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-12-21 19:18 . 2015-12-22 10:30 -------- d-----w- c:\program files (x86)\Opera
2015-12-21 18:43 . 2015-12-21 19:11 -------- d-----w- c:\program files\Mozilla Firefox
2015-12-21 17:22 . 2015-12-21 19:34 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-12-21 17:22 . 2015-12-21 17:22 -------- d-----w- c:\programdata\Malwarebytes
2015-12-21 17:22 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-21 17:10 . 2015-12-21 18:18 -------- d-----w- C:\AdwCleaner
2015-12-19 08:33 . 2015-12-21 14:48 -------- d-----w- C:\Hry
2015-12-18 13:22 . 2015-12-18 13:22 -------- d-----w- c:\programdata\Nokia
2015-12-18 13:21 . 2013-01-23 10:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2015-12-18 12:49 . 2015-12-21 19:06 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2015-12-18 12:33 . 2015-12-18 12:33 -------- d-----w- c:\programdata\Applications
2015-12-16 20:59 . 2015-12-21 19:07 -------- d-----w- c:\users\Libor\AppData\Roaming\mojosoft
2015-12-16 20:59 . 2015-12-16 20:59 -------- d-----w- c:\program files (x86)\mojosoft
2015-12-07 11:53 . 2015-12-07 11:53 -------- d-----w- C:\Games
2015-11-24 14:36 . 2015-11-24 14:36 -------- d-----w- c:\program files (x86)\3Planesoft Screensaver Manager
2015-11-24 14:35 . 2013-02-06 10:02 2526736 ----a-w- c:\windows\SysWow64\Valentine_3D_Screensaver.scr
2015-11-24 14:34 . 2013-10-21 18:10 2723344 ----a-w- c:\windows\SysWow64\Sharks_3D_Screensaver.scr
2015-11-24 14:33 . 2013-02-06 09:34 2522632 ----a-w- c:\windows\SysWow64\Fog_Lake_Screensaver.scr
2015-11-24 14:32 . 2013-02-06 09:17 2541600 ----a-w- c:\windows\SysWow64\Autumn_Wonderland_3D_Screensaver.scr
2015-11-24 14:32 . 2013-02-06 09:17 2656792 ----a-w- c:\windows\SysWow64\Autumn_Forest_3D_Screensaver.scr
2015-11-24 14:32 . 2013-02-06 09:16 2512928 ----a-w- c:\windows\SysWow64\Ancient_Castle_3D_Screensaver.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-21 21:43 . 2015-10-31 20:52 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-21 21:43 . 2015-10-31 20:52 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-09 21:59 . 2015-10-31 14:10 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-11-02 19:09 . 2015-11-02 19:09 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-11-01 22:36 . 2015-11-01 22:36 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-11-01 22:36 . 2015-11-01 22:36 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-11-01 22:36 . 2015-11-01 22:36 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-11-01 22:36 . 2015-11-01 22:36 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-11-01 22:36 . 2015-11-01 22:36 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-11-01 22:36 . 2015-11-01 22:36 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-11-01 22:36 . 2015-11-01 22:36 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-11-01 22:36 . 2015-11-01 22:36 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-11-01 22:36 . 2015-11-01 22:36 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-11-01 22:36 . 2015-11-01 22:36 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-11-01 22:36 . 2015-11-01 22:36 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-11-01 22:36 . 2015-11-01 22:36 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-11-01 22:36 . 2015-11-01 22:36 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-11-01 22:36 . 2015-11-01 22:36 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-11-01 22:36 . 2015-11-01 22:36 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-11-01 22:36 . 2015-11-01 22:36 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-11-01 22:36 . 2015-11-01 22:36 247808 ----a-w- c:\windows\system32\msls31.dll
2015-11-01 22:36 . 2015-11-01 22:36 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-11-01 22:36 . 2015-11-01 22:36 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-11-01 22:36 . 2015-11-01 22:36 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-11-01 22:36 . 2015-11-01 22:36 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-11-01 22:36 . 2015-11-01 22:36 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-11-01 22:36 . 2015-11-01 22:36 81408 ----a-w- c:\windows\system32\icardie.dll
2015-11-01 22:36 . 2015-11-01 22:36 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-11-01 22:36 . 2015-11-01 22:36 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-11-01 22:36 . 2015-11-01 22:36 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-11-01 22:36 . 2015-11-01 22:36 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-11-01 22:36 . 2015-11-01 22:36 235520 ----a-w- c:\windows\system32\url.dll
2015-11-01 22:36 . 2015-11-01 22:36 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-11-01 22:36 . 2015-11-01 22:36 143872 ----a-w- c:\windows\system32\wextract.exe
2015-11-01 22:36 . 2015-11-01 22:36 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-11-01 22:36 . 2015-11-01 22:36 101376 ----a-w- c:\windows\system32\inseng.dll
2015-11-01 22:36 . 2015-11-01 22:36 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-11-01 22:36 . 2015-11-01 22:36 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-11-01 22:36 . 2015-11-01 22:36 13824 ----a-w- c:\windows\system32\mshta.exe
2015-11-01 22:36 . 2015-11-01 22:36 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-11-01 22:29 . 2015-11-01 22:29 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-11-01 22:29 . 2015-11-01 22:29 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2015-11-01 22:29 . 2015-11-01 22:29 363008 ----a-w- c:\windows\system32\dxgi.dll
2015-11-01 22:29 . 2015-11-01 22:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2015-11-01 22:29 . 2015-11-01 22:29 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2015-11-01 22:29 . 2015-11-01 22:29 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2015-11-01 22:29 . 2015-11-01 22:29 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2015-11-01 22:29 . 2015-11-01 22:29 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2015-11-01 22:29 . 2015-11-01 22:29 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-11-01 22:29 . 2015-11-01 22:29 296960 ----a-w- c:\windows\system32\d3d10core.dll
2015-11-01 22:29 . 2015-11-01 22:29 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2015-11-01 22:29 . 2015-11-01 22:29 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-11-01 22:29 . 2015-11-01 22:29 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2015-11-01 22:29 . 2015-11-01 22:29 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2015-11-01 22:29 . 2015-11-01 22:29 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2015-11-01 22:29 . 2015-11-01 22:29 1238528 ----a-w- c:\windows\system32\d3d10.dll
2015-11-01 22:29 . 2015-11-01 22:29 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2015-11-01 22:29 . 2015-11-01 22:29 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2015-11-01 22:29 . 2015-11-01 22:29 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2015-11-01 22:29 . 2015-11-01 22:29 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2015-10-31 18:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-10-31 18:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-10-29 17:50 . 2015-11-11 10:01 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:50 . 2015-11-11 10:01 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:50 . 2015-11-11 10:01 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:50 . 2015-11-11 10:01 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 10:01 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 10:01 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 10:01 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50 . 2015-11-11 10:01 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-10-29 17:50 . 2015-11-11 10:01 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-10-29 17:49 . 2015-11-11 10:01 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-10-29 17:49 . 2015-11-11 10:01 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 10:01 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 10:01 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 10:01 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:49 . 2015-11-11 10:01 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-10-29 17:39 . 2015-11-11 10:01 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 03:33 . 2015-10-31 11:14 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C755012A-9938-451F-AB50-DE3E91841FFD}\mpengine.dll
2015-10-20 01:12 . 2015-11-11 10:01 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 01:12 . 2015-11-11 10:01 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 01:12 . 2015-11-11 10:01 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Libor\AppData\Roaming\uTorrent\utorrent.exe" [2015-02-22 416168]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 4468056]
"EPLTarget\P0000000000000001"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE" [2012-07-12 241280]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-17 50385536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2015-09-12 136992]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2015-06-15 296216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2015-7-8 24211456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MSICDSetup;MSICDSetup;f:\cdriver64.sys;f:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;f:\ntiolib_x64.sys;f:\NTIOLib_X64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-22 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-21 21:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-06 7205592]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5595848]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\dlyheg5l.default-1450712720565\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-{4fcf070a-daac-45e9-a8b0-6850941f7ed8} - c:\programdata\Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
AddRemove-{6E0D4A47-36E0-42CC-94B9-D8A67F277794}_is1 - c:\program files (x86)\3Planesoft 3D Screensavers All in One\Uninstall\unins000.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{c7f54569-0018-439c-809a-48046a4d4ebc} - c:\programdata\Package Cache\{c7f54569-0018-439c-809a-48046a4d4ebc}\SetupChipset.exe
AddRemove-Realtek High Definition Audio Driver Packages - c:\users\Libor\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C\Realtek High Definition Audio Driver Packages\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-12-22 11:35:15
ComboFix-quarantined-files.txt 2015-12-22 10:35
.
Před spuštěním: Volných bajtů: 143 642 714 112
Po spuštění: Volných bajtů: 143 242 776 576
.
- - End Of File - - 6C375212C299C775C749CF485164FBF3
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **jaro3** » 22 pro 2015 16:35

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

karbi02 · Příspěvekod **karbi02** » 22 pro 2015 16:53

ComboFix 15-12-16.01 - Libor 22.12.2015 16:40:11.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8136.6609 [GMT 1:00]
Spuštěný z: c:\users\Libor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Libor\Desktop\CFScript.txt
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-22 do 2015-12-22 )))))))))))))))))))))))))))))))
.
.
2015-12-22 10:07 . 2015-12-22 15:45 -------- d-----w- c:\users\Libor\AppData\Local\Temp
2015-12-22 10:07 . 2015-12-22 09:53 24064 ----a-w- c:\windows\zoek-delete.exe
2015-12-22 09:53 . 2015-12-22 10:06 -------- d-----w- C:\zoek_backup
2015-12-22 07:37 . 2015-12-22 07:37 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-12-22 07:37 . 2015-12-22 15:43 -------- d-----r- c:\program files (x86)\Skype
2015-12-21 21:41 . 2015-12-22 07:45 -------- d-----w- c:\users\Libor\AppData\Local\Google
2015-12-21 21:41 . 2015-12-22 07:46 -------- d-----w- c:\program files (x86)\Google
2015-12-21 19:47 . 2015-12-22 09:27 36608 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-12-21 19:47 . 2015-12-21 19:47 -------- d-----w- c:\programdata\RogueKiller
2015-12-21 19:34 . 2015-12-22 15:45 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-21 19:34 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-21 19:34 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-12-21 19:18 . 2015-12-22 12:36 -------- d-----w- c:\program files (x86)\Opera
2015-12-21 18:43 . 2015-12-21 19:11 -------- d-----w- c:\program files\Mozilla Firefox
2015-12-21 17:22 . 2015-12-21 19:34 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-12-21 17:22 . 2015-12-21 17:22 -------- d-----w- c:\programdata\Malwarebytes
2015-12-21 17:22 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-21 17:10 . 2015-12-21 18:18 -------- d-----w- C:\AdwCleaner
2015-12-19 08:33 . 2015-12-21 14:48 -------- d-----w- C:\Hry
2015-12-18 13:22 . 2015-12-18 13:22 -------- d-----w- c:\programdata\Nokia
2015-12-18 13:21 . 2013-01-23 10:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2015-12-18 12:49 . 2015-12-21 19:06 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2015-12-18 12:33 . 2015-12-18 12:33 -------- d-----w- c:\programdata\Applications
2015-12-16 20:59 . 2015-12-21 19:07 -------- d-----w- c:\users\Libor\AppData\Roaming\mojosoft
2015-12-16 20:59 . 2015-12-16 20:59 -------- d-----w- c:\program files (x86)\mojosoft
2015-12-07 11:53 . 2015-12-07 11:53 -------- d-----w- C:\Games
2015-11-24 14:36 . 2013-02-06 10:11 2519576 ----a-w- c:\windows\SysWow64\Zodiac_Clock_3D_Screensaver.scr
2015-11-24 14:36 . 2013-04-04 16:18 2535968 ----a-w- c:\windows\SysWow64\Winter_Wonderland_3D_Screensaver.scr
2015-11-24 14:36 . 2013-02-06 10:09 2551832 ----a-w- c:\windows\SysWow64\Wildflowers_3D_Screensaver.scr
2015-11-24 14:36 . 2013-02-06 10:09 2621984 ----a-w- c:\windows\SysWow64\White_Christmas_3D_Screensaver.scr
2015-11-24 14:36 . 2013-02-06 10:08 981024 ----a-w- c:\windows\SysWow64\Western_Railway_3D_Screensaver.scr
2015-11-24 14:36 . 2013-02-06 10:07 2509328 ----a-w- c:\windows\SysWow64\Watermill_3D_Screensaver.scr
2015-11-24 14:36 . 2013-04-05 14:16 2530328 ----a-w- c:\windows\SysWow64\Water_Clock_3D_Screensaver.scr
2015-11-24 14:36 . 2013-02-06 10:06 953896 ----a-w- c:\windows\SysWow64\Voyage_of_Columbus_3D_Screensaver.scr
2015-11-24 14:36 . 2013-04-04 16:21 2525728 ----a-w- c:\windows\SysWow64\Vintage_Aircraft_3D_Screensaver.scr
2015-11-24 14:36 . 2013-02-06 10:03 2653728 ----a-w- c:\windows\SysWow64\Venice_Carnival_3D_Screensaver.scr
2015-11-24 14:36 . 2013-02-06 10:03 2678312 ----a-w- c:\windows\SysWow64\Valentine_Musicbox_3D_Screensaver.scr
2015-11-24 14:34 . 2013-10-21 18:10 2723344 ----a-w- c:\windows\SysWow64\Sharks_3D_Screensaver.scr
2015-11-24 14:33 . 2013-02-06 09:34 2522632 ----a-w- c:\windows\SysWow64\Fog_Lake_Screensaver.scr
2015-11-24 14:32 . 2013-02-06 09:17 2541600 ----a-w- c:\windows\SysWow64\Autumn_Wonderland_3D_Screensaver.scr
2015-11-24 14:32 . 2013-02-06 09:17 2656792 ----a-w- c:\windows\SysWow64\Autumn_Forest_3D_Screensaver.scr
2015-11-24 14:32 . 2013-02-06 09:16 2512928 ----a-w- c:\windows\SysWow64\Ancient_Castle_3D_Screensaver.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-21 21:43 . 2015-10-31 20:52 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-21 21:43 . 2015-10-31 20:52 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-09 21:59 . 2015-10-31 14:10 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-11-02 19:09 . 2015-11-02 19:09 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-11-01 22:36 . 2015-11-01 22:36 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-11-01 22:36 . 2015-11-01 22:36 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-11-01 22:36 . 2015-11-01 22:36 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-11-01 22:36 . 2015-11-01 22:36 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-11-01 22:36 . 2015-11-01 22:36 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-11-01 22:36 . 2015-11-01 22:36 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-11-01 22:36 . 2015-11-01 22:36 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-11-01 22:36 . 2015-11-01 22:36 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-11-01 22:36 . 2015-11-01 22:36 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-11-01 22:36 . 2015-11-01 22:36 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-11-01 22:36 . 2015-11-01 22:36 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-11-01 22:36 . 2015-11-01 22:36 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-11-01 22:36 . 2015-11-01 22:36 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-11-01 22:36 . 2015-11-01 22:36 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-11-01 22:36 . 2015-11-01 22:36 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-11-01 22:36 . 2015-11-01 22:36 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-11-01 22:36 . 2015-11-01 22:36 247808 ----a-w- c:\windows\system32\msls31.dll
2015-11-01 22:36 . 2015-11-01 22:36 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-11-01 22:36 . 2015-11-01 22:36 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-11-01 22:36 . 2015-11-01 22:36 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-11-01 22:36 . 2015-11-01 22:36 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-11-01 22:36 . 2015-11-01 22:36 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-11-01 22:36 . 2015-11-01 22:36 81408 ----a-w- c:\windows\system32\icardie.dll
2015-11-01 22:36 . 2015-11-01 22:36 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-11-01 22:36 . 2015-11-01 22:36 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-11-01 22:36 . 2015-11-01 22:36 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-11-01 22:36 . 2015-11-01 22:36 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-11-01 22:36 . 2015-11-01 22:36 235520 ----a-w- c:\windows\system32\url.dll
2015-11-01 22:36 . 2015-11-01 22:36 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-11-01 22:36 . 2015-11-01 22:36 143872 ----a-w- c:\windows\system32\wextract.exe
2015-11-01 22:36 . 2015-11-01 22:36 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-11-01 22:36 . 2015-11-01 22:36 101376 ----a-w- c:\windows\system32\inseng.dll
2015-11-01 22:36 . 2015-11-01 22:36 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-11-01 22:36 . 2015-11-01 22:36 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-11-01 22:36 . 2015-11-01 22:36 13824 ----a-w- c:\windows\system32\mshta.exe
2015-11-01 22:36 . 2015-11-01 22:36 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-11-01 22:29 . 2015-11-01 22:29 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-11-01 22:29 . 2015-11-01 22:29 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2015-11-01 22:29 . 2015-11-01 22:29 363008 ----a-w- c:\windows\system32\dxgi.dll
2015-11-01 22:29 . 2015-11-01 22:29 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2015-11-01 22:29 . 2015-11-01 22:29 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2015-11-01 22:29 . 2015-11-01 22:29 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2015-11-01 22:29 . 2015-11-01 22:29 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-11-01 22:29 . 2015-11-01 22:29 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2015-11-01 22:29 . 2015-11-01 22:29 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2015-11-01 22:29 . 2015-11-01 22:29 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-11-01 22:29 . 2015-11-01 22:29 296960 ----a-w- c:\windows\system32\d3d10core.dll
2015-11-01 22:29 . 2015-11-01 22:29 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2015-11-01 22:29 . 2015-11-01 22:29 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-11-01 22:29 . 2015-11-01 22:29 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2015-11-01 22:29 . 2015-11-01 22:29 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2015-11-01 22:29 . 2015-11-01 22:29 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2015-11-01 22:29 . 2015-11-01 22:29 1238528 ----a-w- c:\windows\system32\d3d10.dll
2015-11-01 22:29 . 2015-11-01 22:29 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2015-11-01 22:29 . 2015-11-01 22:29 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2015-11-01 22:29 . 2015-11-01 22:29 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2015-11-01 22:29 . 2015-11-01 22:29 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2015-10-31 18:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-10-31 18:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-10-29 17:50 . 2015-11-11 10:01 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:50 . 2015-11-11 10:01 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:50 . 2015-11-11 10:01 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:50 . 2015-11-11 10:01 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 10:01 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 10:01 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 10:01 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50 . 2015-11-11 10:01 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-10-29 17:50 . 2015-11-11 10:01 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-10-29 17:49 . 2015-11-11 10:01 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-10-29 17:49 . 2015-11-11 10:01 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 10:01 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 10:01 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 10:01 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:49 . 2015-11-11 10:01 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-10-29 17:39 . 2015-11-11 10:01 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 03:33 . 2015-10-31 11:14 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C755012A-9938-451F-AB50-DE3E91841FFD}\mpengine.dll
2015-10-20 01:12 . 2015-11-11 10:01 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 01:12 . 2015-11-11 10:01 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 01:12 . 2015-11-11 10:01 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Libor\AppData\Roaming\uTorrent\utorrent.exe" [2015-02-22 416168]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 4468056]
"EPLTarget\P0000000000000001"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE" [2012-07-12 241280]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-17 50385536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2015-09-12 136992]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2015-06-15 296216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2015-7-8 24211456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MSICDSetup;MSICDSetup;f:\cdriver64.sys;f:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;f:\ntiolib_x64.sys;f:\NTIOLib_X64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-22 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-21 21:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-06 7205592]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5595848]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\dlyheg5l.default-1450712720565\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{4fcf070a-daac-45e9-a8b0-6850941f7ed8} - c:\programdata\Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{c7f54569-0018-439c-809a-48046a4d4ebc} - c:\programdata\Package Cache\{c7f54569-0018-439c-809a-48046a4d4ebc}\SetupChipset.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-12-22 16:48:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-12-22 15:48
ComboFix2.txt 2015-12-22 10:35
.
Před spuštěním: Volných bajtů: 142 948 585 472
Po spuštění: Volných bajtů: 142 330 544 128
.
- - End Of File - - 8D656C675AF89225363B6AFD7E438254
A36C5E4F47E84449FF07ED3517B43A31

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:51:15, on 22.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Opera\34.0.2036.41\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.41\opera_crashreporter.exe
C:\Program Files (x86)\Opera\34.0.2036.41\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.41\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.41\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.41\opera.exe
C:\Users\Libor\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Libor\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus Office BX635FWD"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8563 bytes

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-12-22 16:49:32
-----------------------------
16:49:32.442 OS Version: Windows x64 6.1.7601 Service Pack 1
16:49:32.442 Number of processors: 4 586 0x5E03
16:49:32.442 ComputerName: LIBOR-PC UserName: Libor
16:49:32.772 Initialize success
16:49:32.862 VM: initialized successfully
16:49:32.872 VM: Intel CPU supported
16:49:35.532 VM: supported disk I/O ataport.SYS
16:49:40.792 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
16:49:40.802 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 11
16:49:40.872 VM: Disk 0 MBR read successfully
16:49:40.872 Disk 0 MBR scan
16:49:40.882 Disk 0 Windows 7 default MBR code
16:49:40.882 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:49:40.892 Disk 0 default boot code
16:49:40.902 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 253768 MB offset 206848
16:49:40.912 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 699999 MB offset 519923712
16:49:40.922 Disk 0 scanning C:\Windows\system32\drivers
16:49:45.742 Service scanning
16:49:48.452 Service ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys **LOCKED** 5
16:49:48.642 Service epfw C:\Windows\system32\DRIVERS\epfw.sys **LOCKED** 5
16:49:48.672 Service EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys **LOCKED** 5
16:49:48.702 Service epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys **LOCKED** 5
16:49:55.762 Modules scanning
16:49:55.772 Disk 0 trace - called modules:
16:49:55.782 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:49:55.792 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80084b2060]
16:49:55.802 3 CLASSPNP.SYS[fffff8800181843f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80081bb060]
16:49:55.802 Disk 0 statistics 95974/0/22 @ 12,07 MB/s
16:49:55.812 Scan finished successfully
16:50:06.222 Disk 0 MBR has been saved successfully to "C:\Users\Libor\Desktop\MBR.dat"
16:50:06.232 The log file has been saved successfully to "C:\Users\Libor\Desktop\aswMBR.txt"

Příspěvekod **Orcus** » 22 pro 2015 20:06

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt

Co problémy?

karbi02 · Příspěvekod **karbi02** » 22 pro 2015 20:32

Tak klávesnice i myš fungují v pořádku. Ale jsou stále stejné problémy, jak už jsem psal, zkopíruju to sem ještě jednou, akorát IE fungovat začal, hesla si taky nepamatuje:
Po vyčištění MbAM přestal fungovat Firefox a Thunderbird. Zkusil jsem přeinstalovat i obnovu systému. Když spustím firefox, přijde hláška "Aplikace Firefox je již spuštěna, ale neodpovídá. Pro otevření nového okna musíte nejprve ukončit původní proces Firefox, nebo restartovat systém". Thunderbird po potvrzení hodí hlášku " Profil Thunderbird nelze nahrát. Pravděpodobně chybí nebo je nedostupný." Ve správci úloh vidět nejsou. Explorer nefunguje taky, jen naběhne úvodní okno. Stáhnul jsem operu, ta zatím jde....
Opera si nepamatuje přihlašovací hesla, i když se ptá... Dále hraji hru trackmania. Při spuštění mi to píše " Neúspěšný zápis nastavení do C:/User/Libor/Documents/TrackMania/Config/Default.SystemConfig.Gbx". Skype má taky nějaký problém, nepřihlásím se do něj. Ještě dodám, že RK vyhodil adresu C:/User/Libor/Download..., tak jsem hledal složku download a nenašel. Zkoušel jsem různá nastavení skrytých souborů a nenašel. Doufám, že jsem toto nějak nerozvrtal a tam není zakopaný pes těch dalších problémů. Jednu chvíli jsem měl zašedlé všechny ikony na ploše.
Dodatek: TEď jsem zjistil, že nejde po ploše přemisťovat některé ikony.

# DelFix v1.011 - Logfile created 22/12/2015 at 20:19:02
# Updated 18/08/2015 by Xplode
# Username : Libor - LIBOR-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\Users\Libor\Desktop\aswmbr.exe
Deleted : C:\Users\Libor\Desktop\aswMBR.txt
Deleted : C:\Users\Libor\Desktop\JRT.exe
Deleted : C:\Users\Libor\Desktop\jrt1.txt
Deleted : C:\Users\Libor\Desktop\hijackthis.log
Deleted : C:\Users\Libor\Desktop\hijackthis.txt
Deleted : C:\Users\Libor\Desktop\MBR.dat
Deleted : C:\Users\Libor\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Libor\Desktop\zoek-results.log
Deleted : C:\Users\Libor\Desktop\zoek.exe
Deleted : C:\Users\Libor\Downloads\adwcleaner_5.023 (1).exe
Deleted : C:\Users\Libor\Downloads\adwcleaner_5.023.exe
Deleted : C:\Users\Libor\Downloads\hijackthis.exe
Deleted : C:\Users\Libor\Downloads\hijackthis.log
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #47 [ComboFix created restore point | 12/22/2015 19:10:51]
Deleted : RP #48 [Removed 3D Pinball. | 12/22/2015 19:16:35]

New restore point created !

########## - EOF - ##########

Příspěvekod **Orcus** » 23 pro 2015 06:15

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

karbi02 · Příspěvekod **karbi02** » 23 pro 2015 08:25

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
Ran by Libor (administrator) on LIBOR-PC (23-12-2015 08:16:36)
Running from C:\Users\Libor\Desktop
Loaded Profiles: Libor & (Available Profiles: Libor)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(BitTorrent, Inc.) C:\Users\Libor\AppData\Roaming\uTorrent\utorrent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7205592 2013-11-06] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-09-12] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\...\Run: [uTorrent] => C:\Users\Libor\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Libor\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-10-31]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{4631885D-673B-4C36-8284-FA03D9245D67}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-43297863-2672691824-2558519543-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-43297863-2672691824-2558519543-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FireFox:
========
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\zuhd5oss.default-1450709288212
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-12] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-31] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-31] (Symantec Corporation)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [179456 2015-08-31] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-23 08:16 - 2015-12-23 08:16 - 00014061 _____ C:\Users\Libor\Desktop\FRST.txt
2015-12-23 08:16 - 2015-12-23 08:16 - 00000000 ____D C:\FRST
2015-12-23 08:14 - 2015-12-23 08:14 - 02370560 _____ (Farbar) C:\Users\Libor\Desktop\FRST64.exe
2015-12-22 21:00 - 2015-12-22 21:00 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-22 21:00 - 2015-12-22 21:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-22 21:00 - 2015-12-22 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-22 20:58 - 2015-12-22 20:59 - 54286488 _____ C:\Users\Libor\Downloads\SkypeSetupFull.exe
2015-12-22 20:24 - 2015-12-22 20:24 - 00249600 _____ C:\Users\Libor\Downloads\Firefox Setup Stub 43.0.1 (1).exe
2015-12-22 20:24 - 2015-12-22 20:24 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-22 20:24 - 2015-12-22 20:24 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-22 20:24 - 2015-12-22 20:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-22 20:23 - 2015-12-22 20:23 - 00249600 _____ C:\Users\Libor\Downloads\Firefox Setup Stub 43.0.1.exe
2015-12-22 20:19 - 2015-12-22 20:19 - 00001407 _____ C:\DelFix.txt
2015-12-22 20:11 - 2015-12-22 20:11 - 06805328 _____ (Piriform Ltd) C:\Users\Libor\Downloads\ccsetup513.exe
2015-12-22 20:11 - 2015-12-22 20:11 - 06805328 _____ (Piriform Ltd) C:\Users\Libor\Downloads\ccsetup513 (1).exe
2015-12-22 20:11 - 2015-12-22 20:11 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-22 20:11 - 2015-12-22 20:11 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-22 20:11 - 2015-12-22 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-22 20:11 - 2015-12-22 20:11 - 00000000 ____D C:\Program Files\CCleaner
2015-12-22 11:28 - 2015-12-22 20:10 - 00000000 ____D C:\Windows\erdnt
2015-12-22 11:07 - 2015-12-22 10:53 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-12-22 08:44 - 2015-12-22 08:44 - 00003836 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1450770291
2015-12-22 08:44 - 2015-12-22 08:44 - 00001135 _____ C:\Users\Public\Desktop\Opera.lnk
2015-12-22 08:44 - 2015-12-22 08:44 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-22 08:43 - 2015-12-22 08:44 - 00720344 _____ (Opera Software) C:\Users\Libor\Downloads\Opera_NI_stable.exe
2015-12-21 23:09 - 2015-12-22 23:03 - 00011238 _____ C:\Users\Libor\Desktop\Kopie - Nový List aplikace Microsoft Office Excel.xlsx
2015-12-21 22:41 - 2015-12-22 08:46 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-21 22:41 - 2015-12-22 08:45 - 00000000 ____D C:\Users\Libor\AppData\Local\Google
2015-12-21 22:40 - 2015-12-22 08:35 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-21 22:40 - 2015-12-21 22:43 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-12-21 20:47 - 2015-12-22 10:27 - 00036608 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-12-21 20:47 - 2015-12-21 20:47 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-21 20:34 - 2015-12-23 08:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-21 20:34 - 2015-12-21 20:34 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-21 20:34 - 2015-12-21 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-21 20:34 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-21 20:34 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-21 20:26 - 2015-12-21 20:26 - 00000000 ____D C:\ProgramData\Mozilla
2015-12-21 20:18 - 2015-12-22 13:36 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-21 19:43 - 2015-12-21 20:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-21 18:22 - 2015-12-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-21 18:22 - 2015-12-21 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-21 18:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-20 12:25 - 2015-12-21 20:07 - 00000000 ____D C:\Users\Libor\Desktop\Původní data aplikace Firefox
2015-12-20 10:17 - 2015-12-20 10:17 - 00000000 ____D C:\Users\Libor\Documents\My Games
2015-12-19 10:45 - 2015-12-19 10:45 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-12-19 09:33 - 2015-12-21 15:48 - 00000000 ____D C:\Hry
2015-12-18 14:22 - 2015-12-18 14:22 - 00000000 ____D C:\ProgramData\Nokia
2015-12-18 14:21 - 2013-01-23 11:31 - 00057856 _____ (Nokia) C:\Windows\system32\nmwcdclsX64.dll
2015-12-18 14:13 - 2015-12-18 14:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-12-18 13:33 - 2015-12-18 13:33 - 06745792 ____R (Microsoft Corporation) C:\Users\Libor\Downloads\WindowsPhone.exe
2015-12-18 13:33 - 2015-12-18 13:33 - 00000000 ____D C:\ProgramData\Applications
2015-12-16 22:28 - 2015-12-16 22:28 - 00517125 ____R C:\Users\Libor\Desktop\50015.bcw
2015-12-16 22:01 - 2015-12-16 22:02 - 09088576 _____ (mojosoft ) C:\Users\Libor\Downloads\BusinessCardsMX500-update.exe
2015-12-16 22:00 - 2015-12-21 20:11 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BusinessCards MX
2015-12-16 22:00 - 2015-12-16 22:02 - 00001222 _____ C:\Users\Libor\Desktop\BusinessCardsMX.lnk
2015-12-16 21:59 - 2015-12-21 20:07 - 00000000 ____D C:\Users\Libor\AppData\Roaming\mojosoft
2015-12-16 21:59 - 2015-12-16 22:00 - 00000000 ____D C:\Users\Libor\Documents\BusinessCardsMX templates
2015-12-16 21:59 - 2015-12-16 21:59 - 00000000 ____D C:\Program Files (x86)\mojosoft
2015-12-11 19:06 - 2015-12-11 19:06 - 00239273 ____R C:\Users\Libor\Downloads\201511.7030776.7515168747.S.pdf
2015-12-09 22:35 - 2015-12-09 22:35 - 00024308 ____R C:\Users\Libor\Downloads\CZ-Nákupy Penny.ov2
2015-12-09 22:35 - 2015-12-09 22:35 - 00001550 ____R C:\Users\Libor\Downloads\CZ-Nákupy Penny.bmp
2015-12-09 20:45 - 2015-12-09 20:45 - 00002990 _____ C:\Windows\System32\Tasks\{B2D0B7BC-2BAA-4FFA-AA9E-10A44EBB5ED6}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{905D650A-7879-4F0A-8761-C741E9DD1B50}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{1EAA0F60-20EC-459B-A6EE-914550D6C29C}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{18838483-6C95-4E0E-8CC2-55F80783DC84}
2015-12-09 13:42 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 13:42 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 13:42 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 13:42 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 13:42 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 13:42 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 13:42 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 13:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 13:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 13:42 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 13:42 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 13:42 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 13:42 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 13:42 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 13:42 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 13:42 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 13:42 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 13:42 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 13:42 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 13:42 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 13:42 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 13:42 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 13:42 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 13:42 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 13:42 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 13:42 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 13:42 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 13:42 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 13:42 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 13:42 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 13:42 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 13:42 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 13:42 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 13:42 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 13:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 13:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 13:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 13:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 13:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 13:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 13:42 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 13:42 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 13:42 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 13:41 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 13:41 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 13:41 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 13:41 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 13:41 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 13:41 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 13:41 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 13:41 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 13:41 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 13:41 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 13:41 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 13:41 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 13:41 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 13:41 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 13:41 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 13:41 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 13:41 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 13:41 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 13:41 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 13:41 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 13:41 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 13:41 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 13:41 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 13:41 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 13:41 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 13:41 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 13:41 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 13:41 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 13:41 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 13:41 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 13:41 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 13:41 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 13:41 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 13:41 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 13:41 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 13:41 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 13:41 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 13:41 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 13:41 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 13:41 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 13:41 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 13:41 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 13:41 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 13:41 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 13:41 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 13:41 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 13:41 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 13:41 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 13:41 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 13:41 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 13:41 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 13:41 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 13:41 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 13:41 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 13:41 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 13:41 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 13:41 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 13:41 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 13:41 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 13:41 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 13:41 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 13:41 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 13:41 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 13:41 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 13:41 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 13:41 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 12:54 - 2015-12-21 20:11 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ski Challenge 16
2015-12-07 12:54 - 2015-12-07 12:54 - 00001619 _____ C:\Users\Libor\Desktop\Run Ski Challenge 16.lnk
2015-12-07 12:53 - 2015-12-07 12:53 - 00000000 ____D C:\Games
2015-12-07 12:50 - 2015-12-07 12:53 - 476729232 _____ (Greentube GmbH) C:\Users\Libor\Downloads\SkiChallenge16_v2.exe
2015-12-05 21:44 - 2015-12-17 22:26 - 00010805 ____R C:\Users\Libor\Desktop\zkouška.xlsx
2015-12-04 21:21 - 2015-12-20 22:05 - 00011247 ____R C:\Users\Libor\Desktop\Nový List aplikace Microsoft Office Excel.xlsx
2015-11-28 22:20 - 2015-11-28 22:21 - 00000000 ____D C:\Users\Libor\Desktop\Anglie - listopad
2015-11-24 15:37 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-11-24 15:37 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-11-24 15:37 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-11-24 15:37 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-11-24 15:37 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-11-24 15:37 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-11-24 15:37 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-11-24 15:37 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-11-24 15:37 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-11-24 15:37 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-11-24 15:37 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-11-24 15:37 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-11-24 15:37 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-11-24 15:37 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-11-24 15:37 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-11-24 15:37 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-11-24 15:37 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-11-24 15:37 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-11-24 15:37 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-11-24 15:37 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-11-24 15:37 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-11-24 15:37 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-24 15:37 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-11-24 15:37 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-11-24 15:37 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-24 15:37 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-24 15:37 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-24 15:37 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-24 15:37 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-24 15:37 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-24 15:37 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-24 15:37 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-11-24 15:37 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-24 15:37 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-24 15:37 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-24 15:37 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-24 15:37 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-24 15:37 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-24 15:37 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-24 15:37 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll

karbi02 · Příspěvekod **karbi02** » 23 pro 2015 08:26

2015-11-24 15:37 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-24 15:37 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-24 15:37 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-24 15:37 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-24 15:37 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-24 15:37 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-24 15:37 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-24 15:37 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-24 15:37 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-24 15:37 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-24 15:37 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-24 15:37 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-24 15:37 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-24 15:37 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-24 15:37 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-24 15:37 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-24 15:37 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-11-24 15:37 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-24 15:37 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-11-24 15:37 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-24 15:37 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-11-24 15:37 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-24 15:37 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-24 15:37 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-24 15:37 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-24 15:37 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-24 15:37 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-24 15:37 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-24 15:37 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-24 15:37 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-24 15:37 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-24 15:37 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-24 15:37 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-24 15:37 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-24 15:37 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-24 15:37 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-24 15:37 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-24 15:37 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-24 15:37 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-24 15:37 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-24 15:37 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-24 15:37 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-24 15:37 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-24 15:37 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-24 15:37 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-24 15:37 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-24 15:37 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-24 15:37 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-24 15:37 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-24 15:37 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-24 15:37 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-24 15:37 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-24 15:37 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-24 15:37 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-24 15:37 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-24 15:37 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-24 15:37 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-24 15:37 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-24 15:37 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-24 15:37 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-24 15:37 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-24 15:37 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-24 15:37 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-24 15:37 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-24 15:37 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-24 15:37 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-24 15:37 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-24 15:37 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-24 15:37 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-24 15:37 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-24 15:37 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-24 15:37 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-24 15:37 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-24 15:37 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-24 15:37 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-24 15:37 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-24 15:37 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-24 15:37 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-24 15:37 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-24 15:37 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-24 15:37 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-24 15:37 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-24 15:37 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-24 15:37 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-24 15:37 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-24 15:37 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-24 15:37 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-24 15:37 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-24 15:37 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-24 15:37 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-24 15:37 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-24 15:37 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-24 15:37 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-24 15:37 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-24 15:37 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-24 15:37 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-24 15:37 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-24 15:37 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-24 15:37 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-24 15:37 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-24 15:37 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-24 15:37 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-24 15:36 - 2015-12-21 20:12 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3Planesoft 3D Screensavers All in One
2015-11-24 15:36 - 2013-04-05 15:16 - 02530328 _____ (3Planesoft) C:\Windows\SysWOW64\Water_Clock_3D_Screensaver.scr
2015-11-24 15:36 - 2013-04-04 17:21 - 02525728 _____ (3Planesoft) C:\Windows\SysWOW64\Vintage_Aircraft_3D_Screensaver.scr
2015-11-24 15:36 - 2013-04-04 17:18 - 02535968 _____ (3Planesoft) C:\Windows\SysWOW64\Winter_Wonderland_3D_Screensaver.scr
2015-11-24 15:36 - 2013-02-06 11:11 - 02519576 _____ (3Planesoft) C:\Windows\SysWOW64\Zodiac_Clock_3D_Screensaver.scr
2015-11-24 15:36 - 2013-02-06 11:09 - 02621984 _____ (3Planesoft) C:\Windows\SysWOW64\White_Christmas_3D_Screensaver.scr
2015-11-24 15:36 - 2013-02-06 11:09 - 02551832 _____ (3Planesoft) C:\Windows\SysWOW64\Wildflowers_3D_Screensaver.scr
2015-11-24 15:36 - 2013-02-06 11:08 - 00981024 _____ (3Planesoft) C:\Windows\SysWOW64\Western_Railway_3D_Screensaver.scr
2015-11-24 15:36 - 2013-02-06 11:07 - 02509328 _____ (3Planesoft) C:\Windows\SysWOW64\Watermill_3D_Screensaver.scr
2015-11-24 15:36 - 2013-02-06 11:06 - 00953896 _____ (3Planesoft) C:\Windows\SysWOW64\Voyage_of_Columbus_3D_Screensaver.scr
2015-11-24 15:36 - 2013-02-06 11:03 - 02678312 _____ (3Planesoft) C:\Windows\SysWOW64\Valentine_Musicbox_3D_Screensaver.scr
2015-11-24 15:36 - 2013-02-06 11:03 - 02653728 _____ (3Planesoft) C:\Windows\SysWOW64\Venice_Carnival_3D_Screensaver.scr
2015-11-24 15:35 - 2013-10-21 19:12 - 02591256 _____ (3Planesoft) C:\Windows\SysWOW64\Starry_Night_3D_Screensaver.scr
2015-11-24 15:35 - 2013-10-21 19:11 - 02828344 _____ (3Planesoft) C:\Windows\SysWOW64\Sky_Citadel_3D_Screensaver.scr
2015-11-24 15:35 - 2013-10-21 17:19 - 02729528 _____ (3Planesoft) C:\Windows\SysWOW64\Tiger_Sharks_3D_Screensaver.scr
2015-11-24 15:35 - 2013-04-02 10:01 - 02540056 _____ (3Planesoft) C:\Windows\SysWOW64\Steam_Clock_3D_Screensaver.scr
2015-11-24 15:35 - 2013-03-01 11:14 - 02532376 _____ (3Planesoft) C:\Windows\SysWOW64\Snow_Village_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 11:02 - 02526736 _____ (3Planesoft) C:\Windows\SysWOW64\Valentine_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 11:01 - 02528800 _____ (3Planesoft) C:\Windows\SysWOW64\Tyrannosaurus_Rex_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 11:01 - 02511384 _____ (3Planesoft) C:\Windows\SysWOW64\Tropical_Fish_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 11:00 - 02635296 _____ (3Planesoft) C:\Windows\SysWOW64\Titanic_Memories_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:59 - 00825368 _____ (3Planesoft) C:\Windows\SysWOW64\The_One_Ring_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:58 - 00981536 _____ (3Planesoft) C:\Windows\SysWOW64\The_Lost_Watch_II_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:57 - 02827296 _____ (3Planesoft) C:\Windows\SysWOW64\The_Lost_Watch_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:57 - 02689568 _____ (3Planesoft) C:\Windows\SysWOW64\Thanksgiving_Day_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:56 - 02653208 _____ (3Planesoft) C:\Windows\SysWOW64\Sunny_Patio_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:56 - 02532376 _____ (3Planesoft) C:\Windows\SysWOW64\Sweethearts_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:55 - 02535448 _____ (3Planesoft) C:\Windows\SysWOW64\Sun_Village_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:54 - 02765336 _____ (3Planesoft) C:\Windows\SysWOW64\Summer_Forest_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:53 - 02660888 _____ (3Planesoft) C:\Windows\SysWOW64\Stonehenge_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:53 - 02527776 _____ (3Planesoft) C:\Windows\SysWOW64\Stock_Car_Racing_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:51 - 02532888 _____ (3Planesoft) C:\Windows\SysWOW64\Springtime_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:51 - 00956960 _____ (3Planesoft) C:\Windows\SysWOW64\Spirit_of_Fire_3D_Screensaver.scr
2015-11-24 15:35 - 2013-02-06 10:49 - 04640288 _____ (3Planesoft) C:\Windows\SysWOW64\Skeleton_Clock_3D_Screensaver.scr
2015-11-24 15:34 - 2013-10-21 19:10 - 02723344 _____ (3Planesoft) C:\Windows\SysWOW64\Sharks_3D_Screensaver.scr
2015-11-24 15:34 - 2013-10-21 19:10 - 02658376 _____ (3Planesoft) C:\Windows\SysWOW64\Sharks_-_Great_White_3D_Screensaver.scr
2015-11-24 15:34 - 2013-10-21 19:09 - 02634272 _____ (3Planesoft) C:\Windows\SysWOW64\Futuristic_City_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:48 - 02541592 _____ (3Planesoft) C:\Windows\SysWOW64\Santa_Claus_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:47 - 02644504 _____ (3Planesoft) C:\Windows\SysWOW64\Sandy_Beach_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:46 - 02638368 _____ (3Planesoft) C:\Windows\SysWOW64\Orbital_Sunset_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:46 - 00946704 _____ (3Planesoft) C:\Windows\SysWOW64\Nautilus_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:45 - 00956944 _____ (3Planesoft) C:\Windows\SysWOW64\Nature_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:44 - 02531880 _____ (3Planesoft) C:\Windows\SysWOW64\Mountain_Waterfall_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:43 - 02535968 _____ (3Planesoft) C:\Windows\SysWOW64\Medieval_Castle_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:43 - 02531872 _____ (3Planesoft) C:\Windows\SysWOW64\Mechanical_Clock_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:42 - 00973856 _____ (3Planesoft) C:\Windows\SysWOW64\Mayan_Waterfall_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:42 - 00972832 _____ (3Planesoft) C:\Windows\SysWOW64\Lighthouse_Point_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:41 - 00817168 _____ (3Planesoft) C:\Windows\SysWOW64\Lantern_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:40 - 02668560 _____ (3Planesoft) C:\Windows\SysWOW64\Lake_Tree_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:40 - 00951824 _____ (3Planesoft) C:\Windows\SysWOW64\Lagoon_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:39 - 02545680 _____ (3Planesoft) C:\Windows\SysWOW64\Koi_Fish_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:39 - 02516496 _____ (3Planesoft) C:\Windows\SysWOW64\Ice_Clock_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:38 - 02534936 _____ (3Planesoft) C:\Windows\SysWOW64\Haunted_House_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:38 - 00942608 _____ (3Planesoft) C:\Windows\SysWOW64\Halloween_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:36 - 02679840 _____ (3Planesoft) C:\Windows\SysWOW64\Great_Pyramids_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:36 - 02534928 _____ (3Planesoft) C:\Windows\SysWOW64\Grassland_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:35 - 02664472 _____ (3Planesoft) C:\Windows\SysWOW64\Grand_Canyon_3D_Screensaver.scr
2015-11-24 15:34 - 2013-02-06 10:34 - 00970256 _____ (3Planesoft) C:\Windows\SysWOW64\Galleon_3D_Screensaver.scr
2015-11-24 15:33 - 2013-04-05 16:46 - 02527256 _____ (3Planesoft) C:\Windows\SysWOW64\Deep_Space_3D_Screensaver.scr
2015-11-24 15:33 - 2013-04-04 17:19 - 02536992 _____ (3Planesoft) C:\Windows\SysWOW64\Caribbean_Islands_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:34 - 02522632 _____ (3Planesoft) C:\Windows\SysWOW64\Fog_Lake_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:33 - 02775576 _____ (3Planesoft) C:\Windows\SysWOW64\Fog_Horses_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:32 - 02519080 _____ (3Planesoft) C:\Windows\SysWOW64\Fireside_Christmas_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:32 - 00991752 _____ (3Planesoft) C:\Windows\SysWOW64\Flag_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:31 - 02671120 _____ (3Planesoft) C:\Windows\SysWOW64\Fireplace_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:31 - 02525216 _____ (3Planesoft) C:\Windows\SysWOW64\Faraway_Planet_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:30 - 00954392 _____ (3Planesoft) C:\Windows\SysWOW64\Fantasy_Moon_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:29 - 02637320 _____ (3Planesoft) C:\Windows\SysWOW64\Earth_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:29 - 00973344 _____ (3Planesoft) C:\Windows\SysWOW64\Dutch_Windmills_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:28 - 02693648 _____ (3Planesoft) C:\Windows\SysWOW64\Dolphins_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:27 - 02559000 _____ (3Planesoft) C:\Windows\SysWOW64\Digital_Clock_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:27 - 00957968 _____ (3Planesoft) C:\Windows\SysWOW64\Discovery_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:25 - 02532368 _____ (3Planesoft) C:\Windows\SysWOW64\Cyberfish_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:25 - 00947736 _____ (3Planesoft) C:\Windows\SysWOW64\Cuckoo_Clock_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:24 - 00980000 _____ (3Planesoft) C:\Windows\SysWOW64\Crystal_Fireplace_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:23 - 02510872 _____ (3Planesoft) C:\Windows\SysWOW64\Coral_Clock_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:23 - 02504216 _____ (3Planesoft) C:\Windows\SysWOW64\Coral_Reef_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:22 - 00953368 _____ (3Planesoft) C:\Windows\SysWOW64\Clock_Tower_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:21 - 02646048 _____ (3Planesoft) C:\Windows\SysWOW64\Christmas_Evening_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:21 - 02526240 _____ (3Planesoft) C:\Windows\SysWOW64\Christmas_Bells_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:20 - 00951312 _____ (3Planesoft) C:\Windows\SysWOW64\Christmas_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:19 - 02610208 _____ (3Planesoft) C:\Windows\SysWOW64\Blooming_Sakura_3D_Screensaver.scr
2015-11-24 15:33 - 2013-02-06 10:18 - 00971304 _____ (3Planesoft) C:\Windows\SysWOW64\Battleship_Missouri_3D_Screensaver.scr
2015-11-24 15:33 - 2009-07-15 18:54 - 01289216 _____ C:\Windows\SysWOW64\Christmas Tree 3D Screensaver.exe
2015-11-24 15:33 - 2003-11-28 15:19 - 00187904 _____ C:\Windows\SysWOW64\Christmas Tree 3D Screensaver.scr
2015-11-24 15:32 - 2013-02-06 10:17 - 02656792 _____ (3Planesoft) C:\Windows\SysWOW64\Autumn_Forest_3D_Screensaver.scr
2015-11-24 15:32 - 2013-02-06 10:17 - 02541600 _____ (3Planesoft) C:\Windows\SysWOW64\Autumn_Wonderland_3D_Screensaver.scr
2015-11-24 15:32 - 2013-02-06 10:16 - 02512928 _____ (3Planesoft) C:\Windows\SysWOW64\Ancient_Castle_3D_Screensaver.scr
2015-11-23 22:28 - 2015-11-23 22:28 - 20647288 _____ (3Planesoft ) C:\Users\Libor\Downloads\fireside(1).exe
2015-11-23 21:58 - 2015-11-23 21:58 - 20647288 _____ (3Planesoft ) C:\Users\Libor\Downloads\fireside.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-23 08:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-23 08:14 - 2015-10-31 14:15 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Skype
2015-12-23 08:14 - 2015-10-31 14:15 - 00000000 ____D C:\ProgramData\Skype
2015-12-23 08:12 - 2015-10-31 20:08 - 00000000 ____D C:\Users\Libor\AppData\Roaming\uTorrent
2015-12-23 08:11 - 2015-10-31 13:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-23 08:11 - 2015-10-31 12:36 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-23 08:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-22 22:52 - 2015-10-31 14:25 - 00000000 ____D C:\Users\Libor\Documents\ManiaPlanet
2015-12-22 22:21 - 2015-10-31 14:24 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-12-22 20:43 - 2015-11-08 19:42 - 00000000 ____D C:\Users\Libor\Documents\Euro Truck Simulator 2
2015-12-22 20:32 - 2009-07-14 05:45 - 00015008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-22 20:32 - 2009-07-14 05:45 - 00015008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-22 20:16 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-12-22 20:15 - 2015-11-02 20:09 - 00000000 ____D C:\Users\Libor\AppData\Roaming\DAEMON Tools Lite
2015-12-22 20:15 - 2015-10-30 23:27 - 00000000 ____D C:\Windows\Panther
2015-12-22 20:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-22 17:11 - 2015-11-11 13:12 - 00000000 ____D C:\Users\Libor\AppData\Roaming\vlc
2015-12-22 16:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-12-22 16:44 - 2009-07-14 03:34 - 74711040 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-12-22 16:44 - 2009-07-14 03:34 - 52953088 _____ C:\Windows\system32\config\components.bak
2015-12-22 16:44 - 2009-07-14 03:34 - 18350080 _____ C:\Windows\system32\config\SYSTEM.bak
2015-12-22 16:44 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-12-22 16:44 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-12-22 16:44 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2015-12-22 08:45 - 2015-10-31 19:57 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Opera Software
2015-12-22 08:45 - 2015-10-31 19:57 - 00000000 ____D C:\Users\Libor\AppData\Local\Opera Software
2015-12-21 22:57 - 2015-10-31 14:05 - 00000000 ____D C:\Users\Libor\Documents\TrackMania
2015-12-21 22:43 - 2015-10-31 21:52 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-21 22:43 - 2015-10-31 21:52 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-21 20:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-12-21 20:21 - 2009-07-14 16:18 - 00668866 _____ C:\Windows\system32\perfh005.dat
2015-12-21 20:21 - 2009-07-14 16:18 - 00141526 _____ C:\Windows\system32\perfc005.dat
2015-12-21 20:21 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-21 20:12 - 2015-10-30 23:37 - 00000000 ____D C:\Users\Libor
2015-12-21 20:11 - 2015-11-12 17:41 - 00000000 ___RD C:\Users\Libor\Desktop\PaintTool SAI English Pack
2015-12-21 20:11 - 2015-11-03 14:29 - 00000000 ____D C:\Users\Libor\Downloads\Big.Game.2014.BDRip.XviD.CZ-TreZzoR
2015-12-21 20:11 - 2015-11-02 20:10 - 00000000 ____D C:\Users\Libor\AppData\Local\Disc_Soft_Ltd
2015-12-21 20:11 - 2015-11-02 15:40 - 00000000 ____D C:\Users\Libor\Downloads\Call.of.Duty.Modern.Warfare.3-RELOADED
2015-12-21 20:11 - 2015-11-02 12:58 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-21 20:11 - 2015-11-02 12:58 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-21 20:11 - 2015-11-01 17:06 - 00000000 ____D C:\Users\Libor\Desktop\IceMoony
2015-12-21 20:11 - 2015-11-01 14:22 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-21 20:11 - 2015-10-31 20:08 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-12-21 20:11 - 2015-10-31 19:57 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Shortcut
2015-12-21 20:11 - 2015-10-31 18:50 - 00000000 ____D C:\Users\Libor\Downloads\ESET Smart Security & NOD32 Antivirus 8.0.319.1 (x86,x64)(CZ)
2015-12-21 20:11 - 2015-10-31 14:25 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-12-21 20:11 - 2015-10-31 13:09 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Thunderbird
2015-12-21 20:11 - 2015-10-31 12:29 - 00000000 ____D C:\Users\Libor\AppData\Local\NVIDIA
2015-12-21 20:11 - 2015-10-31 00:38 - 00000000 ____D C:\Users\Libor\AppData\Local\Microsoft Help
2015-12-21 20:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2015-12-21 20:10 - 2015-11-08 17:45 - 00000000 ____D C:\Users\Libor\Documents\Fax
2015-12-21 20:10 - 2009-07-14 16:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-21 20:07 - 2015-10-31 13:00 - 00000000 ____D C:\Users\Libor\AppData\Roaming\Mozilla
2015-12-21 15:54 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-12-21 15:50 - 2015-10-31 13:00 - 00000000 ____D C:\Users\Libor\AppData\Local\Mozilla
2015-12-20 13:47 - 2015-10-31 14:35 - 00000000 ____D C:\Users\Libor\AppData\Local\ElevatedDiagnostics
2015-12-19 10:00 - 2015-10-31 14:23 - 00109824 ____R C:\Users\Libor\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-18 22:31 - 2009-07-14 05:45 - 00413224 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-18 12:22 - 2015-11-02 20:26 - 00000000 ____D C:\Program Files (x86)\Call of Duty- Modern Warfare 3
2015-12-18 11:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-16 19:33 - 2015-11-08 17:26 - 00000930 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-12-11 21:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 23:01 - 2015-10-31 12:46 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 22:59 - 2015-10-31 15:10 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 13:28 - 2009-07-14 06:08 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-24 15:38 - 2015-10-30 23:37 - 00000000 ____D C:\Users\Libor\AppData\Local\VirtualStore

==================== Files in the root of some directories =======

2015-10-31 12:20 - 2015-10-31 12:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-20 13:39

==================== End of FRST.txt ============================

Prosím o kontrolu- zlobí myš, klávesnice. Vyřešeno

Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Re: Prosím o kontrolu- zlobí myš, klávesnice.

Kdo je online