Prosím o kontrolu logu - seká se PC

fandam007 · Příspěvekod **fandam007** » 09 led 2016 12:05

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Microsoft Windows XP x86
Ran by doma (Limited) on so 09.01.2016 at 12:03:35,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 4

Successfully deleted: C:\Documents and Settings\doma\Data aplikacˇ\iobit\driver booster (Folder)
Successfully deleted: C:\Documents and Settings\doma\Data aplikacˇ\productdata (Folder)
Successfully deleted: C:\WINDOWS\Tasks\SmartDefrag4_Startup.job (Task)
Successfully deleted: C:\Program Files\iobit\driver booster (Folder)

Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_22281D1A7B908EE3D23C7DED55B0D537 (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 09.01.2016 at 12:04:46,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Reklama

fandam007 · Příspěvekod **fandam007** » 09 led 2016 12:23

ComboFix:

ComboFix 16-01-07.01 - Administrator 09.01.2016 12:11:19.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1919.1426 [GMT 1:00]
Spuštěný z: c:\documents and settings\doma\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ActiveArmor Firewall *Disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Plocha\Internet Explorer.lnk
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-09 do 2016-01-09 )))))))))))))))))))))))))))))))
.
.
2016-01-08 23:11 . 2015-11-25 10:43 9014120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CAC485DB-B757-4CA6-9107-DD87D47C7E45}\mpengine.dll
2016-01-08 23:04 . 2016-01-08 23:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ProductData
2016-01-08 23:02 . 2016-01-08 22:47 24064 ----a-w- c:\windows\zoek-delete.exe
2016-01-08 22:47 . 2016-01-08 22:58 -------- d-----w- C:\zoek_backup
2016-01-08 18:51 . 2016-01-08 22:31 30848 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-01-08 18:51 . 2016-01-08 18:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RogueKiller
2016-01-08 18:45 . 2016-01-08 22:14 -------- d-----w- C:\AdwCleaner
2016-01-04 19:14 . 2016-01-04 19:14 -------- d-----w- c:\documents and settings\doma\Data aplikací\uTorrent
2016-01-04 18:34 . 2015-11-25 10:43 9014120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-01-03 15:33 . 2016-01-03 15:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Common Resources
2015-12-26 21:48 . 2015-12-26 21:48 -------- d-----w- c:\documents and settings\doma\Local Settings\Data aplikací\Microsoft Help
2015-12-26 21:45 . 2015-12-26 21:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Microsoft Help
2015-12-26 21:44 . 2015-12-26 21:44 -------- d-----w- c:\program files\Microsoft SDKs
2015-12-25 20:41 . 2015-12-25 20:41 -------- d-----r- c:\documents and settings\doma\Data aplikací\Brother
2015-12-20 20:40 . 2015-12-20 20:40 -------- d-----w- c:\program files\Free Picture Solutions
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-09 11:18 . 2012-10-23 09:03 0 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2015-12-09 03:39 . 2014-06-02 08:24 247976 ------w- c:\windows\system32\MpSigStub.exe
2015-12-02 16:36 . 2015-12-02 16:37 2511704 ----a-w- c:\windows\system32\drivers\RTWlanU_XP.sys
2015-12-02 16:36 . 2015-12-02 16:36 84248 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2015-12-02 16:34 . 2010-03-11 08:16 36864 ----a-w- c:\windows\system32\drivers\AmdK8.sys
2015-12-02 16:32 . 2015-12-02 16:32 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2015-11-29 12:11 . 2014-07-27 16:12 737280 ----a-w- c:\windows\iun6002.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"="c:\program files\IObit\Advanced SystemCare\ASCTray.exe" [2015-11-30 2010912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"csend"="c:\program files\ClientRs\csend.exe" [2016-01-09 163328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ClientRs\\WinVNC.exe"=
"c:\\Program Files\\ClientRs\\ClientRS.exe"=
"%windir%\explorer.exe"= %windir%\explorer.exe
"c:\\Program Files\\LibreOffice 4\\program\\soffice.bin"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\TotalCmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Sony\\Vegas Pro 9.0\\VegSrv90.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer_Service.exe"=
"c:\\Program Files\\Sublime Text 2\\sublime_text.exe"=
"c:\\Program Files\\Java\\jdk1.7.0_79\\bin\\java.exe"=
"c:\\Program Files\\Home Series\\Home Ftp Server\\HomeFtpServer.exe"=
"c:\\Program Files\\Icecast\\bin\\icecast.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre1.8.0_31\\bin\\javaw.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8886:TCP"= 8886:TCP:ClientRS_8886_TCP
"8887:TCP"= 8887:TCP:ClientRS_8887_TCP
"8888:TCP"= 8888:TCP:ClientRS_8888_TCP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"5:TCP"= 5:TCP:Windows Media Format SDK (wmenc.exe)
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2.12.2015 18:12 15808]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2.12.2015 17:32 23840]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 12:55 85344]
R2 AdvancedSystemCareService9;Advanced SystemCare Service 9;c:\program files\IObit\Advanced SystemCare\ASCService.exe [2.12.2015 17:53 827680]
R2 ClientRS;ClientRS;c:\program files\ClientRs\ClientRS.exe [23.10.2012 10:02 904232]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [22.6.2014 11:00 2934048]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\wcmvcam.sys [15.4.2012 22:32 1068216]
S3 cpuz137;cpuz137; [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2.12.2015 17:36 84248]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [22.3.2015 19:10 94336]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys --> c:\windows\system32\DRIVERS\netaapl.sys [?]
S3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files\Overwolf\OverwolfUpdater.exe [15.12.2015 14:44 1008880]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTWlanU_XP.sys [2.12.2015 17:37 2511704]
S3 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [9.7.2015 12:14 327296]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-18 13:59 1000264 ----a-w- c:\program files\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2016-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf7e3575d3eff6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-12 16:47]
.
2016-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d130132af453fa.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-12 16:47]
.
2016-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf7e3576524c98.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-12 16:47]
.
2015-08-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-06-02 23:28]
.
2016-01-08 c:\windows\Tasks\Overwolf Updater Task.job
- c:\program files\Overwolf\OverwolfUpdater.exe [2015-12-15 13:44]
.
2016-01-09 c:\windows\Tasks\SmartDefrag4_Update.job
- c:\program files\IObit\Smart Defrag 4\AutoUpdate.exe [2015-12-02 15:18]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20 192.168.1.1
FF - ProfilePath - c:\documents and settings\doma\Data aplikací\Mozilla\Firefox\Profiles\fza0c43k.default-1446934764359\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-01-09 12:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2340)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\ClientRs\WinVNC.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\windows\system32\wscntfy.exe
c:\program files\ClientRs\WinVNC.exe
c:\program files\IObit\IObit Uninstaller\UninstallMonitor.exe
.
**************************************************************************
.
Celkový čas: 2016-01-09 12:22:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-09 11:22
.
Před spuštěním: 8 135 430 144
Po spuštění: 7 997 812 736
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - D1C0E91A642EE73CB1EAC0251D69E098
413FC2A0C716421B3158746D63736515

Příspěvekod **jerabina** » 09 led 2016 20:31

Odinstaluj vše od IObit

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
c:\program files\ClientRs\csend.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::

Folder::
c:\program files\IObit
c:\program files\Skype\Updater
c:\program files\Google\Update

File::
c:\windows\system32\TempWmicBatchFile.bat
c:\windows\Tasks\AppleSoftwareUpdate.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf7e3575d3eff6.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d130132af453fa.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf7e3576524c98.job
c:\windows\Tasks\Overwolf Updater Task.job
c:\windows\Tasks\SmartDefrag4_Update.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"=-

Driver::
AdvancedSystemCareService9
LiveUpdateSvc
SkypeUpdate

DDS::
uInternet Settings,ProxyOverride = *.local

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť:
Obrázek

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

fandam007 · Příspěvekod **fandam007** » 10 led 2016 10:45

https://www.virustotal.com/cs/file/7786 ... 452419036/

fandam007 · Příspěvekod **fandam007** » 10 led 2016 11:35

ComboFix 16-01-07.01 - doma 10.01.2016 11:23:16.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1919.1417 [GMT 1:00]
Spuštěný z: c:\documents and settings\doma\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\doma\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: ActiveArmor Firewall *Disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
.
FILE ::
"c:\windows\system32\TempWmicBatchFile.bat"
"c:\windows\Tasks\AppleSoftwareUpdate.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf7e3575d3eff6.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1d130132af453fa.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf7e3576524c98.job"
"c:\windows\Tasks\Overwolf Updater Task.job"
"c:\windows\Tasks\SmartDefrag4_Update.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.29.1\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.29.1\GoogleUpdate.exe
c:\program files\Google\Update\1.3.29.1\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.29.1\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.29.1\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.29.1\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.29.1\GoogleUpdateWebPlugin.exe
c:\program files\Google\Update\1.3.29.1\goopdate.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_am.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ar.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_bg.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_bn.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ca.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_cs.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_da.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_de.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_el.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_en.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_es.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_et.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_fa.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_fi.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_fil.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_fr.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_gu.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_hi.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_hr.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_hu.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_id.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_is.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_it.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_iw.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ja.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_kn.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ko.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_lt.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_lv.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ml.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_mr.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ms.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_nl.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_no.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_pl.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ro.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ru.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_sk.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_sl.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_sr.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_sv.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_sw.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ta.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_te.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_th.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_tr.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_uk.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_ur.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_vi.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.29.1\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.29.1\psmachine.dll
c:\program files\Google\Update\1.3.29.1\psmachine_64.dll
c:\program files\Google\Update\1.3.29.1\psuser.dll
c:\program files\Google\Update\1.3.29.1\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.1\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.106\47.0.2526.106_47.0.2526.80_chrome_updater_3stage.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 8\ASCService.exe
c:\program files\IObit\Advanced SystemCare 8\datastate.dll
c:\program files\IObit\Advanced SystemCare 8\HomepageSvc.dll
c:\program files\IObit\Advanced SystemCare 8\rtl120.bpl
c:\program files\IObit\Advanced SystemCare 8\vcl120.bpl
c:\program files\IObit\IObit Malware Fighter\ActionCenter2.log
c:\program files\IObit\IObit Malware Fighter\ctlac.log
c:\program files\IObit\IObit Malware Fighter\Database\bing.xml
c:\program files\IObit\IObit Malware Fighter\Database\google.xml
c:\program files\IObit\IObit Malware Fighter\Database\HomepageBlack.dbd
c:\program files\IObit\IObit Malware Fighter\Database\HomepageIgnore.dbd
c:\program files\IObit\IObit Malware Fighter\Database\HomepageWhite.dbd
c:\program files\IObit\IObit Malware Fighter\Database\yahoo.xml
c:\program files\IObit\IObit Malware Fighter\license.dat
c:\program files\IObit\IObit Malware Fighter\LiveUpdate.log
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2015-12-31-10-25 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2016-01-01-21-13 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2016-01-02-15-55 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2016-01-03-19-46 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2016-01-04-19-17 .txt
c:\program files\IObit\IObit Malware Fighter\Quarantine Zone\info.db
c:\program files\IObit\IObit Malware Fighter\TaskMgrXmas.dll
c:\program files\IObit\IObit Malware Fighter\unInstImfAc.exe
c:\program files\IObit\IObit Malware Fighter\XmasPromote.exe
c:\program files\IObit\IObit Uninstaller\AUpdate.exe
c:\program files\IObit\IObit Uninstaller\BigUpgrade_IUASC.exe
c:\program files\IObit\IObit Uninstaller\datastate.dll
c:\program files\IObit\IObit Uninstaller\help.html
c:\program files\IObit\IObit Uninstaller\Images\batchuninstall.jpg
c:\program files\IObit\IObit Uninstaller\Images\fileshredder.jpg
c:\program files\IObit\IObit Uninstaller\Images\forceduninstall-1.jpg
c:\program files\IObit\IObit Uninstaller\Images\forceduninstall.jpg
c:\program files\IObit\IObit Uninstaller\Images\changeyourview.jpg
c:\program files\IObit\IObit Uninstaller\Images\leftovers.jpg
c:\program files\IObit\IObit Uninstaller\Images\like.jpg
c:\program files\IObit\IObit Uninstaller\Images\mainscreen.jpg
c:\program files\IObit\IObit Uninstaller\Images\moresettings-dropdown.jpg
c:\program files\IObit\IObit Uninstaller\Images\moresettingsicon.jpg
c:\program files\IObit\IObit Uninstaller\Images\moresettingsscreen.jpg
c:\program files\IObit\IObit Uninstaller\Images\powerfulscan-software.jpg
c:\program files\IObit\IObit Uninstaller\Images\powerfulscan-win8apps.jpg
c:\program files\IObit\IObit Uninstaller\Images\powerfuluninstall.jpg
c:\program files\IObit\IObit Uninstaller\Images\powerfuluninstall2.jpg
c:\program files\IObit\IObit Uninstaller\Images\programname.jpg
c:\program files\IObit\IObit Uninstaller\Images\rate.jpg
c:\program files\IObit\IObit Uninstaller\Images\restorebrowserdefaultsettings.jpg
c:\program files\IObit\IObit Uninstaller\Images\restoreicon.jpg
c:\program files\IObit\IObit Uninstaller\Images\searchprogram.jpg
c:\program files\IObit\IObit Uninstaller\Images\settings.jpg
c:\program files\IObit\IObit Uninstaller\Images\shredfilebutton.jpg
c:\program files\IObit\IObit Uninstaller\Images\softwarescreen.jpg
c:\program files\IObit\IObit Uninstaller\Images\systemrestore-1.jpg
c:\program files\IObit\IObit Uninstaller\Images\toolbarsplugins.jpg
c:\program files\IObit\IObit Uninstaller\Images\uninstallsoftware-1.jpg
c:\program files\IObit\IObit Uninstaller\Images\uninstallwin8apps-1.jpg
c:\program files\IObit\IObit Uninstaller\InfoHelp.dll
c:\program files\IObit\IObit Uninstaller\IObitDownloader.exe
c:\program files\IObit\IObit Uninstaller\LatestNews\LatestNews.ini
c:\program files\IObit\IObit Uninstaller\madbasic_.bpl
c:\program files\IObit\IObit Uninstaller\maddisAsm_.bpl
c:\program files\IObit\IObit Uninstaller\madexcept_.bpl
c:\program files\IObit\IObit Uninstaller\rtl120.bpl
c:\program files\IObit\IObit Uninstaller\SendBugReportNew.exe
c:\program files\IObit\IObit Uninstaller\sqlite3.dll
c:\program files\IObit\IObit Uninstaller\SysRest.dll
c:\program files\IObit\IObit Uninstaller\taskmgr.dll
c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
c:\program files\IObit\IObit Uninstaller\UninstallMenuRight32.dll
c:\program files\IObit\IObit Uninstaller\UninstallPromote.exe
c:\program files\IObit\IObit Uninstaller\vcl120.bpl
c:\program files\IObit\IObit Uninstaller\vclx120.bpl
c:\program files\IObit\IObit Uninstaller\webres.dll
c:\program files\IObit\LiveUpdate\Downloader.log
c:\program files\IObit\LiveUpdate\Language\Arabic.lng
c:\program files\IObit\LiveUpdate\Language\Armenian.lng
c:\program files\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files\IObit\LiveUpdate\Language\Croatian.lng
c:\program files\IObit\LiveUpdate\Language\Czech.lng
c:\program files\IObit\LiveUpdate\Language\Danish.lng
c:\program files\IObit\LiveUpdate\Language\Dinka.lng
c:\program files\IObit\LiveUpdate\Language\Dutch.lng
c:\program files\IObit\LiveUpdate\Language\English.lng
c:\program files\IObit\LiveUpdate\Language\Finnish.lng
c:\program files\IObit\LiveUpdate\Language\Flemish.lng
c:\program files\IObit\LiveUpdate\Language\French.lng
c:\program files\IObit\LiveUpdate\Language\Georgian.lng
c:\program files\IObit\LiveUpdate\Language\German.lng
c:\program files\IObit\LiveUpdate\Language\Greek.lng
c:\program files\IObit\LiveUpdate\Language\Hebrew.lng
c:\program files\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files\IObit\LiveUpdate\Language\Indonesia.lng
c:\program files\IObit\LiveUpdate\Language\Italian.lng
c:\program files\IObit\LiveUpdate\Language\Japanese.lng
c:\program files\IObit\LiveUpdate\Language\Korean.lng
c:\program files\IObit\LiveUpdate\Language\Latvian.lng
c:\program files\IObit\LiveUpdate\Language\Malayalam.lng
c:\program files\IObit\LiveUpdate\Language\Mongolian.lng
c:\program files\IObit\LiveUpdate\Language\Norwegian.lng
c:\program files\IObit\LiveUpdate\Language\Polish.lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng
c:\program files\IObit\LiveUpdate\Language\Romanian.lng
c:\program files\IObit\LiveUpdate\Language\Russian.lng
c:\program files\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files\IObit\LiveUpdate\Language\Slovak.lng
c:\program files\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files\IObit\LiveUpdate\Language\Spanish.lng
c:\program files\IObit\LiveUpdate\Language\Swedish.lng
c:\program files\IObit\LiveUpdate\Language\Turkish.lng
c:\program files\IObit\LiveUpdate\Language\Ukrainian.lng
c:\program files\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files\IObit\LiveUpdate\LiveUpdate.exe
c:\program files\IObit\LiveUpdate\LiveUpdate.log
c:\program files\IObit\LiveUpdate\LiveUpdate_1.log
c:\program files\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files\IObit\LiveUpdate\LiveUpdateSrvUpt.log.bak1
c:\program files\IObit\LiveUpdate\ProductStatistics.dll
c:\program files\IObit\LiveUpdate\ProductStatistics.log
c:\program files\IObit\LiveUpdate\ProductUpt.log
c:\program files\IObit\LiveUpdate\system.ini
c:\program files\IObit\LiveUpdate\update\IMF3Free\unInstImfAc.exe.dat
c:\program files\IObit\LiveUpdate\update\IMF3Free\XmasPromote.exe.dat
c:\program files\IObit\LiveUpdate\update\LiveUpdate.exe
c:\program files\IObit\LiveUpdate\update\LiveUpdate.exe.dat
c:\program files\IObit\LiveUpdate\update\LiveUpdate.log
c:\program files\IObit\LiveUpdate\update\Surfing Protection\Database\ASCSpecialUrl.db.dat
c:\program files\IObit\LiveUpdate\update\Surfing Protection\FFPluginCleaner.exe.dat
c:\program files\IObit\LiveUpdate\update\timer.db
c:\program files\IObit\LiveUpdate\update\UninstallerFree\BigUpgrade_IUASC.exe.dat
c:\program files\IObit\LiveUpdate\update\update.spt
c:\program files\IObit\Smart Defrag 3\LatestNews\LatestNews.ini
c:\program files\IObit\Smart Defrag 3\SDFreeBigUpgrade.exe
c:\program files\IObit\Smart Defrag 3\Update\UpdateHistory.ini
c:\program files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCBrowserProtection.safariextz
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome.manifest
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\imagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\languagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\popbox.css
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\protectpage.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\urlbaricon.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\icon.png
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\install.rdf
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\manifest.json
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\background.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\background.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Ex.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\popup.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\popup.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\tips.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\warning.bak
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\warning.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\manifest.json
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\background.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\background.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Ex.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\popup.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\popup.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\SPNativeMessage.exe
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\tips.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\warning.bak
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\warning.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\warning.js
c:\program files\IObit\Surfing Protection\BrowerProtect\BrowserProtect.oex
c:\program files\IObit\Surfing Protection\BrowerProtect\errorpage.html
c:\program files\IObit\Surfing Protection\BrowerProtect\images\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\icon_gray.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_tip_details.gif
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome.manifest
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\imagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\languagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\popbox.css
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\protectpage.js
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\urlbaricon.js
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\icon.png
c:\program files\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\install.rdf
c:\program files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\NPASCSafariPluginProtect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\SPAD_script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\V8_manifest.json
c:\program files\IObit\Surfing Protection\Database\ASCSpecialUrl.db
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0102
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0429
c:\program files\IObit\Surfing Protection\Database\base_upt_add
c:\program files\IObit\Surfing Protection\Database\spupdate.utp
c:\program files\IObit\Surfing Protection\DownErrorConfig.txt
c:\program files\IObit\Surfing Protection\Extensions.plist
c:\program files\IObit\Surfing Protection\FFPluginCleaner.exe
c:\program files\IObit\Surfing Protection\Language\Arabic.lng
c:\program files\IObit\Surfing Protection\Language\Belarusian.lng
c:\program files\IObit\Surfing Protection\Language\Czech.lng
c:\program files\IObit\Surfing Protection\Language\Dutch.lng
c:\program files\IObit\Surfing Protection\Language\English.lng
c:\program files\IObit\Surfing Protection\Language\Finnish.lng
c:\program files\IObit\Surfing Protection\Language\Hungarian.lng
c:\program files\IObit\Surfing Protection\Language\ChineseSimp.lng
c:\program files\IObit\Surfing Protection\Language\ChineseTrad.lng
c:\program files\IObit\Surfing Protection\Language\Japanese.lng
c:\program files\IObit\Surfing Protection\Language\Korean.lng
c:\program files\IObit\Surfing Protection\Language\Polish.lng
c:\program files\IObit\Surfing Protection\Language\Portuguese(PT-BR).lng
c:\program files\IObit\Surfing Protection\Language\Romanian.lng
c:\program files\IObit\Surfing Protection\Language\Russian.lng
c:\program files\IObit\Surfing Protection\Language\Serbian (cyrillic).lng
c:\program files\IObit\Surfing Protection\Language\Serbian (latin).lng
c:\program files\IObit\Surfing Protection\Language\Slovenian.lng
c:\program files\IObit\Surfing Protection\Language\Spanish.lng
c:\program files\IObit\Surfing Protection\Language\Swedish.lng
c:\program files\IObit\Surfing Protection\Language\Turkish.lng
c:\program files\IObit\Surfing Protection\Language\Vietnamese.lng
c:\program files\IObit\Surfing Protection\NativeMsg.json
c:\program files\IObit\Surfing Protection\PluginInstall.exe
c:\program files\IObit\Surfing Protection\SPInit.log
c:\program files\IObit\Surfing Protection\SPUpdate.exe
c:\program files\IObit\Surfing Protection\sqlite3.dll
c:\program files\IObit\Surfing Protection\unins000.dat
c:\program files\IObit\Surfing Protection\unins000.exe
c:\program files\IObit\Surfing Protection\unins000.msg
c:\program files\IObit\Surfing Protection\Update\Update.ini
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_LIVEUPDATESVC
-------\Legacy_SKYPEUPDATE
-------\Service_LiveUpdateSvc
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-10 do 2016-01-10 )))))))))))))))))))))))))))))))
.
.
2016-01-10 09:36 . 2016-01-10 09:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-01-10 09:35 . 2016-01-10 09:35 39168 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{11AB7F9D-5AF8-45BC-8F67-F1695446830E}\MpKslb9fb2f9d.sys
2016-01-09 20:36 . 2016-01-09 20:59 -------- d-----w- c:\documents and settings\doma\Data aplikací\Notepad++
2016-01-09 20:36 . 2016-01-09 20:36 -------- d-----w- c:\program files\Notepad++
2016-01-09 19:39 . 2015-11-25 10:43 9014120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{11AB7F9D-5AF8-45BC-8F67-F1695446830E}\mpengine.dll
2016-01-09 11:25 . 2015-11-25 10:43 9014120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-01-09 11:18 . 2016-01-09 11:19 -------- d-----w- c:\documents and settings\doma\Data aplikací\ProductData
2016-01-08 23:04 . 2016-01-08 23:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ProductData
2016-01-08 23:02 . 2016-01-08 22:47 24064 ----a-w- c:\windows\zoek-delete.exe
2016-01-08 22:47 . 2016-01-08 22:58 -------- d-----w- C:\zoek_backup
2016-01-08 18:51 . 2016-01-08 22:31 30848 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-01-08 18:51 . 2016-01-08 18:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RogueKiller
2016-01-08 18:45 . 2016-01-08 22:14 -------- d-----w- C:\AdwCleaner
2016-01-04 19:14 . 2016-01-04 19:14 -------- d-----w- c:\documents and settings\doma\Data aplikací\uTorrent
2016-01-03 15:33 . 2016-01-03 15:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Common Resources
2015-12-26 21:48 . 2015-12-26 21:48 -------- d-----w- c:\documents and settings\doma\Local Settings\Data aplikací\Microsoft Help
2015-12-26 21:45 . 2015-12-26 21:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Microsoft Help
2015-12-26 21:44 . 2015-12-26 21:44 -------- d-----w- c:\program files\Microsoft SDKs
2015-12-25 20:41 . 2015-12-25 20:41 -------- d-----r- c:\documents and settings\doma\Data aplikací\Brother
2015-12-20 20:40 . 2015-12-20 20:40 -------- d-----w- c:\program files\Free Picture Solutions
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-10 10:31 . 2012-10-23 09:03 0 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2015-12-09 03:39 . 2014-06-02 08:24 247976 ------w- c:\windows\system32\MpSigStub.exe
2015-12-02 16:36 . 2015-12-02 16:37 2511704 ----a-w- c:\windows\system32\drivers\RTWlanU_XP.sys
2015-12-02 16:36 . 2015-12-02 16:36 84248 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2015-12-02 16:34 . 2010-03-11 08:16 36864 ----a-w- c:\windows\system32\drivers\AmdK8.sys
2015-12-02 16:32 . 2015-12-02 16:32 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2015-11-29 12:11 . 2014-07-27 16:12 737280 ----a-w- c:\windows\iun6002.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"csend"="c:\program files\ClientRs\csend.exe" [2016-01-10 163328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ClientRs\\WinVNC.exe"=
"c:\\Program Files\\ClientRs\\ClientRS.exe"=
"%windir%\explorer.exe"= %windir%\explorer.exe
"c:\\Program Files\\LibreOffice 4\\program\\soffice.bin"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\TotalCmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Sony\\Vegas Pro 9.0\\VegSrv90.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer_Service.exe"=
"c:\\Program Files\\Sublime Text 2\\sublime_text.exe"=
"c:\\Program Files\\Java\\jdk1.7.0_79\\bin\\java.exe"=
"c:\\Program Files\\Home Series\\Home Ftp Server\\HomeFtpServer.exe"=
"c:\\Program Files\\Icecast\\bin\\icecast.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre1.8.0_31\\bin\\javaw.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8886:TCP"= 8886:TCP:ClientRS_8886_TCP
"8887:TCP"= 8887:TCP:ClientRS_8887_TCP
"8888:TCP"= 8888:TCP:ClientRS_8888_TCP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"5:TCP"= 5:TCP:Windows Media Format SDK (wmenc.exe)
.
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2.12.2015 17:32 23840]
R1 MpKslb9fb2f9d;MpKslb9fb2f9d;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{11AB7F9D-5AF8-45BC-8F67-F1695446830E}\MpKslb9fb2f9d.sys [10.1.2016 10:35 39168]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 12:55 85344]
R2 ClientRS;ClientRS;c:\program files\ClientRs\ClientRS.exe [23.10.2012 10:02 904232]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\wcmvcam.sys [15.4.2012 22:32 1068216]
S3 cpuz137;cpuz137; [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2.12.2015 17:36 84248]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [22.3.2015 19:10 94336]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys --> c:\windows\system32\DRIVERS\netaapl.sys [?]
S3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files\Overwolf\OverwolfUpdater.exe [15.12.2015 14:44 1008880]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTWlanU_XP.sys [2.12.2015 17:37 2511704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-18 13:59 1000264 ----a-w- c:\program files\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2015-08-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-06-02 23:28]
.
2016-01-09 c:\windows\Tasks\Overwolf Updater Task.job
- c:\program files\Overwolf\OverwolfUpdater.exe [2015-12-15 13:44]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20 192.168.1.1
FF - ProfilePath - c:\documents and settings\doma\Data aplikací\Mozilla\Firefox\Profiles\fza0c43k.default-1446934764359\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-IObit Surfing Protection_is1 - c:\program files\IObit\Surfing Protection\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-01-10 11:31
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1544)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\ClientRs\WinVNC.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\program files\ClientRs\WinVNC.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2016-01-10 11:34:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-10 10:34
ComboFix2.txt 2016-01-09 11:22
.
Před spuštěním: 8 054 517 760
Po spuštění: 8 052 752 384
.
- - End Of File - - A371A1DAFBE2C941B057A9674B53C799
413FC2A0C716421B3158746D63736515

Příspěvekod **Orcus** » 10 led 2016 11:45

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt

Co problémy? + nový log z HJT

fandam007 · Příspěvekod **fandam007** » 10 led 2016 12:20

Program měl při normálním spušění nějakou chybu, ale fungoval při spuštění přes účet administrátora:

# DelFix v1.011 - Logfile created 10/01/2016 at 12:18:24
# Updated 18/08/2015 by Xplode
# Username : Administrator - FANDA
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : \Qoobox
Deleted : \zoek_backup
Deleted : \AdwCleaner
Deleted : \ComboFix.txt
Deleted : \zoek-results.log
Deleted : C:\Documents and Settings\Administrator\Dokumenty\Downloads\HijackThis.exe
Deleted : C:\Documents and Settings\Administrator\Dokumenty\Downloads\hijackthis.log
Deleted : HKCU\console_combofixbackup
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

New restore point created !

########## - EOF - ##########

fandam007 · Příspěvekod **fandam007** » 10 led 2016 12:21

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:20:45, on 10.1.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 42.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ClientRs\ClientRS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\ClientRs\WinVNC.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\ClientRs\WinVNC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ClientRs\csend.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\doma\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [csend] "C:\Program Files\ClientRs\csend.exe" "C:\Program Files\Micos\Scany\Txt" "61"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8295609987
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ClientRS - MiCoS Software s.r.o. - C:\Program Files\ClientRs\ClientRS.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files\Overwolf\OverwolfUpdater.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\ClientRs\WinVNC.exe

--
End of file - 5071 bytes

fandam007 · Příspěvekod **fandam007** » 10 led 2016 12:22

PC se už zdá být plně funkční, ale pokud by šel ještě zrychlit, šel bych do toho.

Příspěvekod **jerabina** » 10 led 2016 13:56

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

fandam007 · Příspěvekod **fandam007** » 10 led 2016 14:11

https://www.virustotal.com/cs/file/bb49 ... 452431253/

fandam007 · Příspěvekod **fandam007** » 10 led 2016 14:22

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-01-2015
Ran by Administrator (administrator) on FANDA (10-01-2016 14:22:56)
Running from C:\Documents and Settings\doma\Plocha
Loaded Profiles: doma & Administrator (Available Profiles: doma & Administrator & Guest)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(MiCoS Software s.r.o.) C:\Program Files\ClientRs\ClientRS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(UltraVNC) C:\Program Files\ClientRs\winvnc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(UltraVNC) C:\Program Files\ClientRs\winvnc.exe
() C:\Program Files\ClientRs\csend.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [csend] => C:\Program Files\ClientRs\csend.exe [163328 2016-01-10] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKU\S-1-5-21-1757981266-2000478354-1417001333-1007\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1757981266-2000478354-1417001333-1007\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20 192.168.1.1
Tcpip\..\Interfaces\{367F6B2D-59B8-4592-933D-F88133F24639}: [DhcpNameServer] 10.255.255.10 10.255.255.20 192.168.1.1
Tcpip\..\Interfaces\{B477DEB5-69A0-49A4-8708-9E6CA510F0E5}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1757981266-2000478354-1417001333-1007\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1757981266-2000478354-1417001333-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1757981266-2000478354-1417001333-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1757981266-2000478354-1417001333-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1757981266-2000478354-1417001333-1007 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1757981266-2000478354-1417001333-500 -> DefaultScope {096A216C-0643-4670-982C-BE2A382FB21A} URL =
SearchScopes: HKU\S-1-5-21-1757981266-2000478354-1417001333-500 -> {096A216C-0643-4670-982C-BE2A382FB21A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1757981266-2000478354-1417001333-1007 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupda ... 8295609987

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\5hil8vkq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-07] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\5hil8vkq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2014-06-02] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-02-14] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-04]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-04]
CHR Extension: (Disk Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-04]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-04]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-04]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-04]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-04]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-04]
CHR HKU\S-1-5-21-1757981266-2000478354-1417001333-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ClientRS; C:\Program Files\ClientRs\ClientRS.exe [904232 2012-01-05] (MiCoS Software s.r.o.)
S3 ForcewareWebInterface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-04-03] (Apache Software Foundation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-07-13] (NVIDIA Corporation) [File not signed]
S3 nSvcLog; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-07-13] (NVIDIA Corporation) [File not signed]
S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1008880 2015-12-15] (Overwolf LTD)
S3 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 winvnc; C:\Program Files\ClientRs\WinVNC.exe [1590216 2009-12-07] (UltraVNC)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AEAudioService; C:\WINDOWS\System32\drivers\AEAudio.sys [127872 2005-03-04] (Andrea Electronics Corporation)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2015-12-02] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-12-02] (REALiX(tm))
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [94336 2015-03-22] (ITE )
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [57856 2006-07-12] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [20480 2006-07-12] (NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\RTWlanU_XP.sys [2511704 2015-12-02] (Realtek Semiconductor Corporation )
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [393088 2005-10-10] (Sensaura)
S2 VirtualCam; C:\WINDOWS\System32\DRIVERS\VirtualCam.sys [192512 2006-12-09] (MorningSound Co., Ltd.) [File not signed]
S2 WCMVCAM; C:\WINDOWS\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
R3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; no ImagePath
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; no ImagePath
R1 MpKslb9fb2f9d; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{11AB7F9D-5AF8-45BC-8F67-F1695446830E}\MpKslb9fb2f9d.sys [X]
S3 Netaapl; system32\DRIVERS\netaapl.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
U3 mbr; \??\C:\DOCUME~1\doma\LOCALS~1\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-10 14:12 - 2016-01-10 14:23 - 00014118 _____ C:\Documents and Settings\doma\Plocha\FRST.txt
2016-01-10 14:12 - 2016-01-10 14:22 - 00000000 ____D C:\FRST
2016-01-10 14:12 - 2016-01-10 14:12 - 01721856 _____ (Farbar) C:\Documents and Settings\doma\Plocha\FRST.exe
2016-01-10 12:17 - 2016-01-10 12:18 - 00000781 _____ C:\DelFix.txt
2016-01-10 12:14 - 2016-01-10 12:15 - 00093614 _____ C:\Documents and Settings\doma\Dokumenty\cc_20160110_121437.reg
2016-01-10 12:09 - 2016-01-10 12:09 - 00000682 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2016-01-10 12:09 - 2016-01-10 12:09 - 00000000 ____D C:\Program Files\CCleaner
2016-01-10 12:09 - 2016-01-10 12:09 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2016-01-10 12:08 - 2016-01-10 12:08 - 06805440 _____ (Piriform Ltd) C:\Documents and Settings\doma\Plocha\ccsetup513.exe
2016-01-10 11:34 - 2016-01-10 14:22 - 00000000 ____D C:\Documents and Settings\doma\Local Settings\temp
2016-01-10 11:34 - 2016-01-10 11:41 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2016-01-10 11:34 - 2016-01-10 11:34 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2016-01-10 11:34 - 2016-01-10 11:34 - 00000000 ____D C:\Documents and Settings\Guest\Local Settings\temp
2016-01-10 11:20 - 2016-01-10 11:20 - 00000000 ___RD C:\Documents and Settings\doma\Nabídka Start\Programy\Nástroje pro správu
2016-01-10 10:36 - 2016-01-10 10:36 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-01-09 22:57 - 2016-01-09 23:08 - 08397641 _____ C:\Documents and Settings\doma\Plocha\orignew.wmv
2016-01-09 22:12 - 2016-01-09 22:13 - 00272120 _____ C:\Documents and Settings\doma\Plocha\Darkest_Child_A.mp3.sfk
2016-01-09 21:36 - 2016-01-09 21:59 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\Notepad++
2016-01-09 21:36 - 2016-01-09 21:36 - 00000000 ____D C:\Program Files\Notepad++
2016-01-09 21:36 - 2016-01-09 21:36 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Notepad++
2016-01-09 21:35 - 2016-01-09 21:35 - 04121418 _____ C:\Documents and Settings\doma\Plocha\npp.6.8.8.Installer.exe
2016-01-09 21:29 - 2016-01-10 12:35 - 00000616 _____ C:\Documents and Settings\doma\Plocha\index.php
2016-01-09 21:29 - 2016-01-09 21:29 - 00000585 ____N C:\Documents and Settings\doma\Nabídka Start\Programy\index.php
2016-01-09 12:18 - 2016-01-09 12:19 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\ProductData
2016-01-09 12:16 - 2016-01-10 14:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2016-01-09 12:09 - 2016-01-09 12:09 - 00000000 _RSHD C:\cmdcons
2016-01-09 12:09 - 2010-03-11 08:54 - 00000211 _____ C:\Boot.bak
2016-01-09 12:09 - 2004-08-03 23:00 - 00261312 __RSH C:\cmldr
2016-01-09 12:07 - 2016-01-10 12:08 - 00000000 ____D C:\WINDOWS\erdnt
2016-01-09 12:07 - 2016-01-09 12:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Nástroje pro správu
2016-01-09 12:07 - 2016-01-09 12:07 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty\Filmy
2016-01-09 12:02 - 2016-01-09 12:02 - 01600184 _____ (Malwarebytes) C:\Documents and Settings\doma\Plocha\JRT.exe
2016-01-09 00:04 - 2016-01-09 00:04 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2016-01-09 00:02 - 2016-01-08 23:47 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-01-08 23:47 - 2016-01-08 23:47 - 01309184 _____ C:\Documents and Settings\doma\Plocha\zoek.exe
2016-01-08 21:20 - 2016-01-08 21:20 - 00000592 _____ C:\Documents and Settings\doma\Plocha\edcastStandalone.lnk
2016-01-08 21:09 - 2016-01-10 14:17 - 00000000 ____D C:\Documents and Settings\doma\Plocha\edcast
2016-01-08 21:08 - 2016-01-08 21:09 - 04528617 _____ C:\Documents and Settings\doma\Dokumenty\edcast.zip
2016-01-08 19:51 - 2016-01-08 23:31 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-01-08 19:51 - 2016-01-08 19:51 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\RogueKiller
2016-01-08 19:51 - 2016-01-08 19:51 - 00000000 ____D C:\Documents and Settings\Administrator\AppData\LocalLow\IObit
2016-01-08 19:33 - 2016-01-08 19:33 - 00009355 _____ C:\Documents and Settings\doma\Dokumenty\fadnamot.Theme
2016-01-08 19:28 - 2016-01-08 19:29 - 20835400 _____ C:\Documents and Settings\doma\Plocha\RogueKiller.exe
2016-01-08 19:28 - 2016-01-08 19:28 - 01749504 _____ C:\Documents and Settings\doma\Plocha\adwcleaner_5.028.exe
2016-01-08 19:25 - 2016-01-08 19:25 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\doma\Plocha\TFC.exe
2016-01-04 22:45 - 2016-01-04 22:45 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\doma\Plocha\HijackThis.exe
2016-01-04 20:14 - 2016-01-04 20:14 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\uTorrent
2016-01-04 20:06 - 2016-01-04 21:19 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-01-04 20:03 - 2016-01-04 20:04 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Sony
2016-01-04 20:03 - 2016-01-04 20:03 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Sony
2016-01-03 16:33 - 2016-01-03 16:33 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Common Resources
2016-01-02 18:05 - 2015-12-29 20:45 - 00034817 _____ C:\Documents and Settings\doma\Plocha\Schinken.odt
2015-12-30 21:11 - 2016-01-03 20:24 - 00000000 ____D C:\Documents and Settings\doma\Plocha\final_countdown
2015-12-26 22:48 - 2015-12-26 22:48 - 00000000 ____D C:\Documents and Settings\doma\Local Settings\Data aplikací\Microsoft Help
2015-12-26 22:45 - 2015-12-26 22:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-12-26 22:44 - 2015-12-26 22:44 - 00000000 ____D C:\Program Files\Microsoft SDKs
2015-12-26 00:42 - 2015-12-26 00:42 - 00018472 _____ C:\Documents and Settings\doma\Local Settings\Data aplikací\recently-used.xbel
2015-12-25 21:41 - 2015-12-25 21:41 - 00000000 ___RD C:\Documents and Settings\doma\Data aplikací\Brother
2015-12-25 21:40 - 2015-12-25 21:40 - 00007405 _____ C:\Documents and Settings\doma\Plocha\Nový objekt - Textový dokument OpenDocument.odt
2015-12-25 21:34 - 2015-12-25 21:34 - 00000416 _____ C:\WINDOWS\BRWMARK.INI
2015-12-25 21:34 - 2015-12-25 21:34 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2015-12-23 21:52 - 2015-12-23 21:56 - 00000000 ____D C:\Documents and Settings\doma\Plocha\jingles
2015-12-20 22:22 - 2015-12-20 22:22 - 00306416 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1757981266-2000478354-1417001333-1007-0.dat
2015-12-20 21:40 - 2015-12-20 21:46 - 00002587 _____ C:\Documents and Settings\doma\Plocha\Free SVG Converter.lnk
2015-12-20 21:40 - 2015-12-20 21:41 - 00002593 _____ C:\Documents and Settings\doma\Nabídka Start\Programy\Free SVG Converter.lnk
2015-12-20 21:40 - 2015-12-20 21:40 - 00000000 ____D C:\Program Files\Free Picture Solutions
2015-12-19 12:12 - 2015-12-19 12:12 - 01545654 _____ C:\Documents and Settings\doma\Plocha\acapela-starwars.mp4
2015-12-19 12:11 - 2015-12-19 12:11 - 00914864 _____ C:\Documents and Settings\doma\Plocha\hello_from_dark_side.mp4
2015-12-19 00:17 - 2015-12-19 00:17 - 00000058 _____ C:\Documents and Settings\doma\Plocha\play.pls
2015-12-18 23:52 - 2015-12-18 23:52 - 00000654 _____ C:\Documents and Settings\All Users\Plocha\Winamp.lnk
2015-12-18 23:52 - 2015-12-18 23:52 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Winamp
2015-12-18 23:51 - 2015-12-19 00:16 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\Winamp
2015-12-18 23:51 - 2011-03-04 20:44 - 02095600 ____N (Sonic Solutions) C:\WINDOWS\system32\pxsfs.dll
2015-12-18 23:51 - 2011-03-04 20:44 - 00698864 ____N (Sonic Solutions) C:\WINDOWS\system32\px.dll
2015-12-18 23:51 - 2011-03-04 20:44 - 00571888 ____N (Sonic Solutions) C:\WINDOWS\system32\pxdrv.dll
2015-12-18 23:51 - 2011-03-04 20:44 - 00440816 ____N (Sonic Solutions) C:\WINDOWS\system32\pxwave.dll
2015-12-18 23:51 - 2011-03-04 20:44 - 00219632 ____N (Sonic Solutions) C:\WINDOWS\system32\pxmas.dll
2015-12-18 23:51 - 2011-03-04 20:44 - 00133616 ____N (Sonic Solutions) C:\WINDOWS\system32\pxafs.dll
2015-12-18 23:51 - 2011-03-04 20:44 - 00126448 ____N (Sonic Solutions) C:\WINDOWS\system32\pxinsi64.exe
2015-12-18 23:51 - 2011-03-04 20:44 - 00123888 ____N (Sonic Solutions) C:\WINDOWS\system32\pxcpyi64.exe
2015-12-18 23:51 - 2011-03-04 20:44 - 00100848 ____N (Sonic Solutions) C:\WINDOWS\system32\vxblock.dll
2015-12-18 23:51 - 2011-03-04 20:44 - 00072176 ____N (Sonic Solutions) C:\WINDOWS\system32\pxhpinst.exe
2015-12-18 23:51 - 2011-03-04 20:44 - 00068592 ____N (Sonic Solutions) C:\WINDOWS\system32\pxinsa64.exe
2015-12-18 23:51 - 2011-03-04 20:44 - 00068080 ____N (Sonic Solutions) C:\WINDOWS\system32\pxcpya64.exe
2015-12-18 23:51 - 2011-03-04 20:44 - 00059888 ____N (Sonic Solutions) C:\WINDOWS\system32\pxwma.dll
2015-12-18 23:51 - 2011-03-04 20:44 - 00045648 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2015-12-18 23:51 - 2011-03-04 20:44 - 00009200 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2015-12-18 23:51 - 2011-03-04 20:44 - 00009072 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2015-12-16 20:05 - 2015-12-16 20:05 - 04289558 _____ C:\Documents and Settings\doma\Plocha\jingles.zip
2015-12-13 19:24 - 2016-01-08 19:28 - 00083456 ___SH C:\Documents and Settings\doma\Plocha\Thumbs.db
2015-12-13 19:24 - 2015-12-13 19:25 - 00022528 ___SH C:\Documents and Settings\doma\Dokumenty\Thumbs.db
2015-12-13 14:22 - 2016-01-10 12:36 - 00000648 _____ C:\Documents and Settings\doma\Plocha\style.css
2015-12-11 15:02 - 2015-12-11 15:21 - 00000000 ____D C:\Documents and Settings\doma\Plocha\Nová složka

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-10 14:22 - 2014-06-02 09:06 - 00000000 ____D C:\Documents and Settings\doma\Plocha
2016-01-10 14:22 - 2010-03-11 11:25 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-01-10 14:20 - 2010-03-11 09:39 - 00000000 ____D C:\WINDOWS
2016-01-10 14:11 - 2012-10-23 10:15 - 00000000 ____D C:\Documents and Settings\LocalService\Data aplikací\Temp
2016-01-10 14:11 - 2012-10-23 10:02 - 00000000 ____D C:\Program Files\ClientRs
2016-01-10 12:36 - 2015-10-11 13:27 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\Sublime Text 3
2016-01-10 12:33 - 2014-06-02 09:06 - 00000000 ___RD C:\Documents and Settings\doma\Nabídka Start\Programy
2016-01-10 12:24 - 2015-11-14 18:24 - 00000384 _____ C:\WINDOWS\Tasks\Overwolf Updater Task.job
2016-01-10 12:14 - 2014-06-02 09:06 - 00000000 ___RD C:\Documents and Settings\doma\Dokumenty
2016-01-10 12:11 - 2015-12-09 14:01 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-10 12:11 - 2015-11-14 18:21 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\TS3Client
2016-01-10 12:11 - 2015-08-10 13:39 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\TeamViewer
2016-01-10 12:11 - 2014-06-02 09:06 - 00000000 ____D C:\Documents and Settings\doma
2016-01-10 12:09 - 2010-03-11 09:47 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-01-10 12:09 - 2010-03-11 09:47 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-01-10 11:31 - 2012-10-23 10:03 - 00000000 _____ C:\WINDOWS\system32\TempWmicBatchFile.bat
2016-01-10 11:31 - 2010-03-11 09:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-10 11:31 - 2008-04-14 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2016-01-10 11:31 - 2008-04-14 13:00 - 00000287 _____ C:\WINDOWS\system.ini
2016-01-10 11:30 - 2014-06-02 09:06 - 00000178 ___SH C:\Documents and Settings\doma\ntuser.ini
2016-01-10 11:30 - 2010-03-11 09:46 - 00073728 _____ C:\WINDOWS\system32\config\SECURITY.bak
2016-01-10 11:30 - 2010-03-11 09:46 - 00028672 _____ C:\WINDOWS\system32\config\SAM.bak
2016-01-10 11:30 - 2010-03-11 09:45 - 36163584 _____ C:\WINDOWS\system32\config\software.bak
2016-01-10 11:30 - 2010-03-11 09:45 - 07864320 _____ C:\WINDOWS\system32\config\system.bak
2016-01-10 11:30 - 2010-03-11 09:45 - 04345856 _____ C:\WINDOWS\system32\config\default.bak
2016-01-10 11:29 - 2015-11-14 17:50 - 00000000 ___RD C:\Program Files\Skype
2016-01-10 11:23 - 2014-06-02 09:06 - 00000000 __RHD C:\Documents and Settings\doma\Data aplikací
2016-01-10 11:20 - 2015-12-06 11:45 - 00032584 ____N C:\WINDOWS\SchedLgU.Txt
2016-01-10 10:36 - 2010-03-11 09:47 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-01-09 22:30 - 2014-06-11 15:34 - 00158208 _____ C:\Documents and Settings\doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-09 20:28 - 2014-06-02 09:06 - 00000000 ___HD C:\Documents and Settings\doma\Local Settings\Data aplikací
2016-01-09 12:11 - 2010-03-11 11:25 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2016-01-09 12:09 - 2010-03-11 09:46 - 00000327 __RSH C:\boot.ini
2016-01-09 12:07 - 2010-03-11 11:25 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2016-01-09 12:07 - 2010-03-11 11:25 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty
2016-01-09 12:03 - 2014-06-22 10:55 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\IObit
2016-01-09 00:38 - 2014-06-02 10:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-09 00:27 - 2010-03-11 09:37 - 137798368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-09 00:00 - 2012-10-23 10:16 - 00000000 ____C C:\WINDOWS\system32\LogStop
2016-01-08 23:58 - 2014-06-26 16:38 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-01-08 19:51 - 2010-03-11 11:25 - 00000000 ____D C:\Documents and Settings\Administrator
2016-01-08 19:20 - 2015-09-12 18:15 - 00000000 ____D C:\Documents and Settings\doma\Dokumenty\Stažené soubory
2016-01-08 19:15 - 2015-08-03 16:41 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\vlc
2016-01-04 21:20 - 2014-06-24 20:23 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\.minecraft
2016-01-04 20:03 - 2010-03-11 11:25 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2016-01-04 19:59 - 2014-06-02 08:32 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google
2016-01-04 19:59 - 2014-06-02 08:26 - 00001813 _____ C:\Documents and Settings\Administrator\Plocha\Google Chrome.lnk
2016-01-02 00:28 - 2010-03-11 09:03 - 00000178 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2016-01-01 22:14 - 2014-06-26 16:35 - 36163584 _____ C:\WINDOWS\system32\config\software.iobit
2016-01-01 22:14 - 2014-06-26 16:35 - 04341760 _____ C:\WINDOWS\system32\config\default.iobit
2016-01-01 22:14 - 2014-06-26 16:35 - 00073728 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2016-01-01 22:14 - 2014-06-26 16:35 - 00028672 _____ C:\WINDOWS\system32\config\SAM.iobit
2016-01-01 22:14 - 2010-03-11 09:03 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-01-01 22:14 - 2010-03-11 09:03 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-12-30 23:20 - 2014-10-25 18:18 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\Skype
2015-12-30 23:13 - 2015-11-14 17:50 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-12-30 21:48 - 2014-06-23 19:43 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\Audacity
2015-12-26 22:48 - 2010-03-11 09:48 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-26 21:30 - 2014-06-02 09:06 - 00000000 ___HD C:\Documents and Settings\doma\Okolní síť
2015-12-26 00:42 - 2014-06-24 15:50 - 00000000 ____D C:\Documents and Settings\doma\Local Settings\Data aplikací\gtk-2.0
2015-12-26 00:42 - 2014-06-24 15:48 - 00000000 ____D C:\Documents and Settings\doma\.gimp-2.8
2015-12-25 21:33 - 2010-03-11 09:48 - 01216690 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-25 21:33 - 2008-04-14 13:00 - 00500876 _____ C:\WINDOWS\system32\perfh005.dat
2015-12-25 21:33 - 2008-04-14 13:00 - 00104092 _____ C:\WINDOWS\system32\perfc005.dat
2015-12-25 20:25 - 2015-01-16 23:26 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\ZLIBXTuLnuq
2015-12-25 20:23 - 2015-01-16 23:30 - 00000000 ____D C:\Documents and Settings\doma\Data aplikací\gkG1yrD9a
2015-12-25 00:24 - 2015-11-14 18:23 - 00000000 ____D C:\Program Files\Overwolf
2015-12-24 00:25 - 2015-11-14 18:23 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2015-12-20 22:22 - 2015-07-19 16:12 - 00256194 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2015-12-18 23:52 - 2015-11-13 13:58 - 00000000 ____D C:\Program Files\Winamp
2015-12-13 19:24 - 2015-09-13 12:23 - 00000000 ____D C:\Documents and Settings\doma\Dokumenty\Nová složka (2)
2015-12-11 13:31 - 2014-06-22 10:56 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\IObit

==================== Files in the root of some directories =======

2015-03-22 19:13 - 2015-06-03 13:38 - 0002325 _____ () C:\Documents and Settings\All Users\Data aplikací\LmeUSB.log
2015-03-22 19:13 - 2015-06-03 13:38 - 0002280 _____ () C:\Documents and Settings\All Users\Data aplikací\LmeZJSW.log
2015-03-22 19:13 - 2015-06-03 13:38 - 0002326 _____ () C:\Documents and Settings\All Users\Data aplikací\LSDmbTH.log

Some files in TEMP:
====================
C:\Documents and Settings\doma\Local Settings\temp\ERUNT.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Prosím o kontrolu logu - seká se PC Vyřešeno

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Re: Prosím o kontrolu logu - seká se PC

Kdo je online