Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zavšivené PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Zavšivené PC

#1 Příspěvek od ed »

Dobré odpoledne,

prosím o kontrolu logu z jednoho zavšiveného PC..byl tam mj. cryptolocker,ten je "snad" pryč. Vzhledem k chováni počítače předpokládám, že tam ještě něco bude..Comp je pomalý, v prohlžeči podivné domovské stránky a tak :-)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrator at 2017-01-15 16:44:46
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 86 GB (34%) free of 250 GB
Total RAM: 4094 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:06, on 15.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Games\World_of_Warplanes\WargamingGameUpdater.exe
C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Administrator\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=27368
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Administrator\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [World of Warplanes] "C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [tmpF779] wscript.exe //B "C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Gameroom.lnk = C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
O4 - Startup: GamersFirst LIVE!.lnk = C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: tmpF779.tmp.vbs
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro.Alert service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: rtop - Unknown owner - C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8665 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskhost.exe USER
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /tray
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe" -start
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 1c38a3be-e5e3-41b9-ab77-cc81fe487ef4
\??\C:\Windows\system32\conhost.exe "1918740291059067428-1814072075-1020071937-180951601158187489-855182527-1709804131
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
C:\Windows\system32\SearchIndexer.exe /Embedding
\??\C:\Windows\system32\conhost.exe "689010680-310659879-1805941657488639368-12127997382043760695-1347410704-1223003464
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\wscript.exe" //B "C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
"C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe" fbgames://windows_startup/
"C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe" /silent
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"
CefSharp.BrowserSubprocess.exe --type=gpu-process --channel="5020.0.402126915\366616100" --no-sandbox --lang=en-US --log-file="C:\Users\Administrator\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.1.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.1.0.0]" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,25,54,64 --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x0161 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.908 --lang=en-US --log-file="C:\Users\Administrator\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.1.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.1.0.0]" /prefetch:2
"C:\Program Files\ByteFence\ByteFence.exe" /restart /minimized
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" -nk -tt_on
"taskhost.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://pcrisk.enigma.revenuewire.net/sp ... a8&lang=CS"

C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Administrator\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Norton Security Scan for Administrator.job - C:\PROGRA~2\NORTON~2\Engine\430~1.44\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\5imjelbo.default

prefs.js - "browser.startup.homepage" - "http://www.teoma.com/?tpid=ATU3-TMG&o=A ... 1-06&pt=tb"

"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0]
"Description"=Unity Player 4.6.6f2
"Path"=C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll


C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\5imjelbo.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-01-15 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-15 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-15 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-15 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-14 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-14 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-14 363544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-12 2655520]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-10-12 1710752]
"tmpF779"=wscript.exe //B C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"cz.seznam.software.szndesktop"=C:\Users\Administrator\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-10-13 2860832]
"World of Warplanes"=C:\Games\World_of_Warplanes\WargamingGameUpdater.exe [2016-12-01 3135752]
"tmpF779"=wscript.exe //B C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-12-20 27250144]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NWEReboot"= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-15 9080768]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]

C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Gameroom.lnk - C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
GamersFirst LIVE!.lnk - C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
tmpF779.tmp.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-06 260608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-15 16:36:42 ----D---- C:\rsit
2017-01-15 16:36:42 ----D---- C:\Program Files\trend micro
2017-01-15 16:07:44 ----A---- C:\autoexec.bat
2017-01-15 16:06:38 ----D---- C:\Users\Administrator\AppData\Roaming\Enigma Software Group
2017-01-15 16:06:07 ----D---- C:\sh4ldr
2017-01-15 16:04:18 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2017-01-15 16:03:59 ----D---- C:\Program Files\Enigma Software Group
2017-01-15 15:16:23 ----D---- C:\winproductkey
2017-01-15 15:10:24 ----D---- C:\Windows\CryptoGuard
2017-01-15 15:10:24 ----D---- C:\ProgramData\HitmanPro
2017-01-15 15:10:19 ----RD---- C:\Program Files (x86)\Skype
2017-01-15 15:10:02 ----D---- C:\ProgramData\HitmanPro.Alert
2017-01-15 15:10:02 ----D---- C:\Program Files (x86)\HitmanPro.Alert
2017-01-15 15:10:02 ----A---- C:\Windows\SYSWOW64\hmpalert.dll
2017-01-15 15:10:02 ----A---- C:\Windows\system32\hmpalert.dll
2017-01-15 15:10:02 ----A---- C:\Windows\system32\drivers\hmpnet.sys
2017-01-15 15:10:02 ----A---- C:\Windows\system32\drivers\hmpalert.sys
2017-01-15 14:48:22 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2017-01-15 14:43:39 ----D---- C:\Users\Administrator\AppData\Roaming\AVAST Software
2017-01-15 14:42:15 ----D---- C:\Program Files\Common Files\AV
2017-01-15 14:41:44 ----A---- C:\Windows\system32\drivers\aswStm.sys
2017-01-15 14:41:43 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2017-01-15 14:41:42 ----A---- C:\Windows\system32\drivers\aswsp.sys
2017-01-15 14:41:42 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2017-01-15 14:41:41 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2017-01-15 14:41:41 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2017-01-15 14:41:40 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2017-01-15 14:41:37 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2017-01-15 14:40:29 ----A---- C:\Windows\system32\aswBoot.exe
2017-01-15 14:39:58 ----A---- C:\Windows\avastSS.scr
2017-01-15 14:38:12 ----D---- C:\Program Files\AVAST Software
2017-01-14 20:47:45 ----HD---- C:\ProgramData\Common Files
2017-01-14 20:47:45 ----D---- C:\ProgramData\Avg
2017-01-14 20:02:41 ----D---- C:\ProgramData\AVAST Software

======List of files/folders modified in the last 1 month======

2017-01-15 16:41:53 ----D---- C:\Windows\Temp
2017-01-15 16:36:42 ----RD---- C:\Program Files
2017-01-15 16:30:38 ----D---- C:\Windows\system32\config
2017-01-15 16:30:21 ----SHD---- C:\Windows\Installer
2017-01-15 16:30:20 ----SHD---- C:\Config.Msi
2017-01-15 16:30:07 ----D---- C:\Windows\Microsoft.NET
2017-01-15 16:28:10 ----D---- C:\Windows\SysWOW64
2017-01-15 16:27:52 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-15 16:27:01 ----D---- C:\Windows\system32\Macromed
2017-01-15 16:26:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-15 16:25:11 ----RSD---- C:\Windows\assembly
2017-01-15 16:22:17 ----HD---- C:\ProgramData
2017-01-15 16:15:28 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-01-15 16:15:08 ----D---- C:\Windows\inf
2017-01-15 16:14:55 ----D---- C:\Windows\System32
2017-01-15 16:14:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-15 16:10:31 ----D---- C:\Users\Administrator\AppData\Roaming\Skype
2017-01-15 16:06:32 ----D---- C:\Windows\system32\drivers
2017-01-15 16:06:26 ----D---- C:\Windows\system32\Tasks
2017-01-15 16:01:32 ----D---- C:\Windows\winsxs
2017-01-15 16:00:51 ----D---- C:\Windows\system32\MRT
2017-01-15 15:53:42 ----D---- C:\Program Files (x86)\Steam
2017-01-15 15:53:30 ----D---- C:\Program Files (x86)\Common Files
2017-01-15 15:53:03 ----D---- C:\Windows\debug
2017-01-15 15:52:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2017-01-15 15:51:13 ----D---- C:\Program Files (x86)\Java
2017-01-15 15:51:00 ----AC---- C:\Windows\system32\MRT.exe
2017-01-15 15:50:25 ----D---- C:\Windows\system32\catroot2
2017-01-15 15:50:03 ----SHD---- C:\System Volume Information
2017-01-15 15:49:32 ----D---- C:\Program Files\Mozilla Firefox
2017-01-15 15:49:13 ----D---- C:\Program Files (x86)\Opera
2017-01-15 15:40:56 ----D---- C:\Program Files\ByteFence
2017-01-15 15:31:10 ----RD---- C:\Program Files (x86)
2017-01-15 15:31:10 ----D---- C:\Windows
2017-01-15 15:10:35 ----D---- C:\ProgramData\Skype
2017-01-15 14:48:54 ----D---- C:\Windows\Tasks
2017-01-15 14:42:15 ----D---- C:\Program Files\Common Files
2017-01-15 14:33:39 ----D---- C:\Windows\SoftwareDistribution
2017-01-15 14:32:41 ----D---- C:\Windows\Logs
2017-01-15 14:15:04 ----D---- C:\Windows\system32\wfp
2017-01-15 14:14:58 ----D---- C:\Windows\system32\wbem
2017-01-15 14:14:06 ----D---- C:\Windows\system32\DriverStore
2017-01-15 14:14:06 ----D---- C:\Windows\system32\drivers\etc
2017-01-15 14:14:05 ----SD---- C:\Windows\system32\GWX
2017-01-15 14:14:05 ----D---- C:\Windows\system32\NDF
2017-01-15 14:14:05 ----D---- C:\Windows\system32\drivers\UMDF
2017-01-15 14:14:05 ----D---- C:\WarThunder
2017-01-15 14:13:54 ----D---- C:\Program Files (x86)\Agricultural Simulator 2013 - Demo
2017-01-15 14:13:33 ----D---- C:\Windows\registration
2017-01-15 14:12:50 ----HDC---- C:\ProgramData\{3A83B8C4-5F70-453E-A723-B5672F107885}
2017-01-14 20:33:49 ----D---- C:\Windows\Prefetch
2016-12-30 18:26:11 ----D---- C:\ProgramData\WarThunder
2016-12-30 18:25:58 ----D---- C:\ProgramData\NVIDIA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2017-01-15 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2017-01-15 293352]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-01-15 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-01-15 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-01-15 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-01-15 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2009-01-19 334344]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-01-15 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-01-15 163416]
R3 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2017-01-15 267088]
R3 hmpnet;HitmanPro.Alert Network Driver; \??\C:\Windows\system32\drivers\hmpnet.sys [2017-01-15 92200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-12 20768]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2017-01-15 37656]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2017-01-15 22704]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-06 6150304]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-15 197128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-01 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-01 124088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-12 1156384]
R2 hmpalertsvc;HitmanPro.Alert service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2017-01-15 4862608]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-12 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-12 5568288]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-31 878400]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-08-28 76888]
R2 rtop;rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [2016-08-22 254280]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2017-01-15 859816]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-15 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-01 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-29 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-05-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 197576]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavšivené PC

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Re: Zavšivené PC

#3 Příspěvek od ed »

tak tady to je :-)

# AdwCleaner v6.042 - Log vytvořen 15/01/2017 v 17:29:23
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-15.1 [Místní]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Administrator - NEMO-PC
# Spuštěno z : C:\Users\Administrator\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: rtop


***** [ Složky ] *****

[-] Složka smazána: C:\Users\Administrator\AppData\Local\FreeRadioCastTooltab
[-] Složka smazána: C:\Users\Administrator\AppData\Local\MyImageConverterTooltab
[-] Složka smazána: C:\Users\Administrator\AppData\Local\Internet Speed TrackerTooltab
[#] Složka smazána po restartu: C:\Users\Administrator\AppData\Local\MyImageConverterTooltab
[-] Složka smazána: C:\Program Files\ByteFence
[-] Složka smazána: C:\ProgramData\ByteFence
[-] Složka smazána: C:\ProgramData\Trymedia
[#] Složka smazána po restartu: C:\ProgramData\Application Data\ByteFence
[#] Složka smazána po restartu: C:\ProgramData\Application Data\Trymedia
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\5imjelbo.default\extensions\toolbar_TeoMediaTB@apn.ask.com.xpi
[-] Soubor smazán: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.izito.com_0.localstorage
[-] Soubor smazán: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.izito.com_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****

[-] Zástupce vyléčen: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk


***** [ Naplánované úlohy ] *****

[-] Úloha smazána: tmpF779.tmp
[-] Úloha smazána: LaunchPreSignup
[-] Úloha smazána: WarThunder sun
[-] Úloha smazána: WarThunder sat
[-] Úloha smazána: WarThunder24
[-] Úloha smazána: AION 1D
[-] Úloha smazána: ByteFence
[-] Úloha smazána: ByteFence Scan


***** [ Registry ] *****

[-] Klíč smazán: HKU\.DEFAULT\Software\ByteFence
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\ByteFence
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\PRODUCTSETUP
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\csastats
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\MyImageConverter
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\Internet Speed Tracker
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\FreeRadioCast
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyImageConverterTooltab Uninstall Internet Explorer
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed TrackerTooltab Uninstall Internet Explorer
[-] Klíč smazán: HKU\S-1-5-21-116394225-114809004-1778740173-500\Software\Microsoft\Windows\CurrentVersion\Uninstall\FreeRadioCastTooltab Uninstall Internet Explorer
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\ByteFence
[#] Klíč smazán po restartu: HKCU\Software\ByteFence
[#] Klíč smazán po restartu: HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: HKCU\Software\csastats
[#] Klíč smazán po restartu: HKCU\Software\MyImageConverter
[#] Klíč smazán po restartu: HKCU\Software\Internet Speed Tracker
[#] Klíč smazán po restartu: HKCU\Software\FreeRadioCast
[-] Klíč smazán: HKLM\SOFTWARE\ByteFence
[-] Klíč smazán: HKLM\SOFTWARE\Trymedia Systems
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyImageConverterTooltab Uninstall Internet Explorer
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed TrackerTooltab Uninstall Internet Explorer
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FreeRadioCastTooltab Uninstall Internet Explorer
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
[#] Klíč smazán po restartu: [x64] HKCU\Software\ByteFence
[#] Klíč smazán po restartu: [x64] HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: [x64] HKCU\Software\csastats
[#] Klíč smazán po restartu: [x64] HKCU\Software\MyImageConverter
[#] Klíč smazán po restartu: [x64] HKCU\Software\Internet Speed Tracker
[#] Klíč smazán po restartu: [x64] HKCU\Software\FreeRadioCast
[-] Klíč smazán: [x64] HKLM\SOFTWARE\ByteFence
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyImageConverterTooltab Uninstall Internet Explorer
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed TrackerTooltab Uninstall Internet Explorer
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FreeRadioCastTooltab Uninstall Internet Explorer
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan
[-] Klíč smazán: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan


***** [ Prohlížeče ] *****

[-] Firefox předvolby vyčištěny: "extensions.enabledAddons" - "%7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:3.0.14,toolbar_TeoMediaTB%40apn.ask.com:136.4,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0"
[-] Firefox předvolby vyčištěny:


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6197 Bajty] - [15/01/2017 17:29:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [6365 Bajty] - [15/01/2017 17:21:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [6440 Bajty] - [15/01/2017 17:27:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6416 Bajty] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavšivené PC

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Re: Zavšivené PC

#5 Příspěvek od ed »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrator at 2017-01-15 19:14:57
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 92 GB (37%) free of 250 GB
Total RAM: 4094 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:15:14, on 15.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Games\World_of_Warplanes\WargamingGameUpdater.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\runonce.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Program Files\trend micro\Administrator.exe
C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=27368
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Administrator\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [World of Warplanes] "C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [tmpF779] wscript.exe //B "C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Gameroom.lnk = C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
O4 - Startup: GamersFirst LIVE!.lnk = C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: tmpF779.tmp.vbs
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro.Alert service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8577 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {3CB8B370-8B77-4F93-89FB-639AAB2FDA93}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 1c38a3be-e5e3-41b9-ab77-cc81fe487ef4
\??\C:\Windows\system32\conhost.exe "1701666084-81138366617335732213705804871496040052971790397787346620-2132029863
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /tray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "13112942963799603768571149815661937461396985196-9411111181991354091-445443277
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\wscript.exe" //B "C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Administrator\Downloads\RSITx64.exe"
C:\Windows\SysWOW64\runonce.exe /Run6432
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" "-cachedir=C:\Users\Administrator\AppData\Local\Steam\htmlcache" "-steampid=2028" "-buildid=1476379980" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe" fbgames://windows_startup/
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe" /silent
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\cef\cef.winxp\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-gpu-compositing --channel="3784.0.1266082791\1715500059" --font-cache-shared-handle=1256 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\cef\cef.winxp\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-gpu-compositing --channel="3784.1.1965707571\1042458199" --font-cache-shared-handle=1328 /prefetch:1

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Norton Security Scan for Administrator.job - C:\PROGRA~2\NORTON~2\Engine\430~1.44\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\5imjelbo.default

prefs.js - "browser.startup.homepage" - "about:home"

"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0]
"Description"=Unity Player 4.6.6f2
"Path"=C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll


C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\5imjelbo.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-01-15 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-15 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-15 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-15 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-14 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-14 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-14 363544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-12 2655520]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-10-12 1710752]
"tmpF779"=wscript.exe //B C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"cz.seznam.software.szndesktop"=C:\Users\Administrator\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-10-13 2860832]
"World of Warplanes"=C:\Games\World_of_Warplanes\WargamingGameUpdater.exe [2016-12-01 3135752]
"tmpF779"=wscript.exe //B C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-12-20 27250144]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NWEReboot"= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-15 9080768]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]

C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Gameroom.lnk - C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
GamersFirst LIVE!.lnk - C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
tmpF779.tmp.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-06 260608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-15 17:13:47 ----D---- C:\AdwCleaner
2017-01-15 16:36:42 ----D---- C:\rsit
2017-01-15 16:36:42 ----D---- C:\Program Files\trend micro
2017-01-15 16:07:44 ----A---- C:\autoexec.bat
2017-01-15 15:24:20 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-01-15 15:24:20 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-01-15 15:24:20 ----A---- C:\Windows\system32\drivers\srv.sys
2017-01-15 15:24:18 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-01-15 15:24:18 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-01-15 15:24:18 ----A---- C:\Windows\system32\wpnpinst.exe
2017-01-15 15:24:18 ----A---- C:\Windows\system32\ntprint.exe
2017-01-15 15:24:18 ----A---- C:\Windows\system32\ntprint.dll
2017-01-15 15:24:18 ----A---- C:\Windows\system32\localspl.dll
2017-01-15 15:24:18 ----A---- C:\Windows\system32\inetppui.dll
2017-01-15 15:24:18 ----A---- C:\Windows\system32\inetpp.dll
2017-01-15 15:22:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-01-15 15:22:00 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-01-15 15:22:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-01-15 15:22:00 ----A---- C:\Windows\system32\iertutil.dll
2017-01-15 15:22:00 ----A---- C:\Windows\system32\iernonce.dll
2017-01-15 15:22:00 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-01-15 15:22:00 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-01-15 15:21:59 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-01-15 15:21:59 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-01-15 15:21:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-01-15 15:21:59 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-01-15 15:21:59 ----A---- C:\Windows\system32\ie4uinit.exe
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-01-15 15:21:58 ----A---- C:\Windows\system32\UtcResources.dll
2017-01-15 15:21:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-15 15:21:58 ----A---- C:\Windows\system32\inseng.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\urlmon.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\occache.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\iedkcs32.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\diagtrack.dll
2017-01-15 15:21:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-01-15 15:21:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-15 15:21:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-01-15 15:21:55 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-15 15:21:55 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-15 15:21:55 ----A---- C:\Windows\system32\dxtrans.dll
2017-01-15 15:21:54 ----A---- C:\Windows\system32\iesetup.dll
2017-01-15 15:21:54 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-15 15:21:53 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-01-15 15:21:53 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-01-15 15:21:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-15 15:21:53 ----A---- C:\Windows\system32\vbscript.dll
2017-01-15 15:21:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-15 15:21:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-01-15 15:21:52 ----A---- C:\Windows\system32\jsproxy.dll
2017-01-15 15:21:52 ----A---- C:\Windows\system32\ieUnatt.exe
2017-01-15 15:21:51 ----A---- C:\Windows\system32\dxtmsft.dll
2017-01-15 15:21:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-01-15 15:21:50 ----A---- C:\Windows\system32\mshtmled.dll
2017-01-15 15:21:50 ----A---- C:\Windows\system32\ieui.dll
2017-01-15 15:21:50 ----A---- C:\Windows\system32\ieframe.dll
2017-01-15 15:21:49 ----A---- C:\Windows\system32\webcheck.dll
2017-01-15 15:21:49 ----A---- C:\Windows\system32\jscript9diag.dll
2017-01-15 15:21:49 ----A---- C:\Windows\system32\jscript9.dll
2017-01-15 15:21:49 ----A---- C:\Windows\system32\jscript.dll
2017-01-15 15:21:48 ----A---- C:\Windows\system32\wininet.dll
2017-01-15 15:21:47 ----A---- C:\Windows\system32\msrating.dll
2017-01-15 15:21:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-01-15 15:21:46 ----A---- C:\Windows\system32\mshtml.dll
2017-01-15 15:21:44 ----A---- C:\Windows\system32\wmp.dll
2017-01-15 15:21:42 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-01-15 15:21:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-01-15 15:21:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-01-15 15:21:40 ----A---- C:\Windows\system32\FntCache.dll
2017-01-15 15:21:40 ----A---- C:\Windows\system32\DWrite.dll
2017-01-15 15:21:39 ----A---- C:\Windows\system32\win32k.sys
2017-01-15 15:21:39 ----A---- C:\Windows\system32\mf.dll
2017-01-15 15:21:38 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-01-15 15:21:38 ----A---- C:\Windows\system32\blackbox.dll
2017-01-15 15:21:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-01-15 15:21:37 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-01-15 15:21:37 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-01-15 15:21:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-01-15 15:21:36 ----A---- C:\Windows\system32\drmv2clt.dll
2017-01-15 15:21:35 ----A---- C:\Windows\system32\WsmSvc.dll
2017-01-15 15:21:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-15 15:21:34 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-01-15 15:21:34 ----A---- C:\Windows\system32\ntdll.dll
2017-01-15 15:21:34 ----A---- C:\Windows\system32\msi.dll
2017-01-15 15:21:33 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-01-15 15:21:32 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-01-15 15:21:32 ----A---- C:\Windows\system32\quartz.dll
2017-01-15 15:21:32 ----A---- C:\Windows\system32\crypt32.dll
2017-01-15 15:21:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-01-15 15:21:31 ----A---- C:\Windows\system32\scavengeui.dll
2017-01-15 15:21:31 ----A---- C:\Windows\system32\lsasrv.dll
2017-01-15 15:21:30 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-01-15 15:21:30 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-01-15 15:21:30 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-01-15 15:21:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-01-15 15:21:29 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-15 15:21:29 ----A---- C:\Windows\system32\oleaut32.dll
2017-01-15 15:21:29 ----A---- C:\Windows\system32\advapi32.dll
2017-01-15 15:21:28 ----A---- C:\Windows\system32\winload.exe
2017-01-15 15:21:28 ----A---- C:\Windows\system32\msctf.dll
2017-01-15 15:21:28 ----A---- C:\Windows\system32\kernel32.dll
2017-01-15 15:21:28 ----A---- C:\Windows\system32\audiosrv.dll
2017-01-15 15:21:27 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-01-15 15:21:27 ----A---- C:\Windows\system32\win32spl.dll
2017-01-15 15:21:27 ----A---- C:\Windows\system32\UIAnimation.dll
2017-01-15 15:21:27 ----A---- C:\Windows\system32\kerberos.dll
2017-01-15 15:21:27 ----A---- C:\Windows\system32\authui.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-15 15:21:26 ----A---- C:\Windows\system32\schannel.dll
2017-01-15 15:21:26 ----A---- C:\Windows\system32\KernelBase.dll
2017-01-15 15:21:26 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-15 15:21:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-01-15 15:21:25 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-01-15 15:21:25 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-01-15 15:21:25 ----A---- C:\Windows\system32\evr.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-01-15 15:21:24 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-01-15 15:21:24 ----A---- C:\Windows\system32\WebClnt.dll
2017-01-15 15:21:24 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-01-15 15:21:24 ----A---- C:\Windows\system32\atmfd.dll
2017-01-15 15:21:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-01-15 15:21:23 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\wintrust.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\user32.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\msv1_0.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\gdi32.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-01-15 15:21:23 ----A---- C:\Windows\system32\cryptsvc.dll
2017-01-15 15:21:22 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-01-15 15:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-01-15 15:21:22 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-01-15 15:21:22 ----A---- C:\Windows\system32\wow64win.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\usp10.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\srcore.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\qdvd.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\cryptui.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\clfs.sys
2017-01-15 15:21:22 ----A---- C:\Windows\system32\AudioEng.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-01-15 15:21:21 ----A---- C:\Windows\system32\mfplat.dll
2017-01-15 15:21:21 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-15 15:21:21 ----A---- C:\Windows\system32\conhost.exe
2017-01-15 15:21:20 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-01-15 15:21:20 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-01-15 15:21:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-01-15 15:21:20 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\WsmAuto.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\rpchttp.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\pcasvc.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-01-15 15:21:20 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-01-15 15:21:20 ----A---- C:\Windows\system32\davclnt.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\cryptnet.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\AudioSes.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-01-15 15:21:19 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-01-15 15:21:19 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-01-15 15:21:19 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-01-15 15:21:19 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-01-15 15:21:18 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-01-15 15:21:18 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-01-15 15:21:18 ----A---- C:\Windows\system32\winsrv.dll
2017-01-15 15:21:18 ----A---- C:\Windows\system32\ncrypt.dll
2017-01-15 15:21:18 ----A---- C:\Windows\system32\msiexec.exe
2017-01-15 15:21:18 ----A---- C:\Windows\system32\EncDump.dll
2017-01-15 15:21:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-01-15 15:21:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-01-15 15:21:18 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-01-15 15:21:17 ----A---- C:\Windows\system32\wow64.dll
2017-01-15 15:21:17 ----A---- C:\Windows\system32\mfps.dll
2017-01-15 15:21:17 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-15 15:21:17 ----A---- C:\Windows\system32\consent.exe
2017-01-15 15:21:17 ----A---- C:\Windows\system32\certcli.dll
2017-01-15 15:21:17 ----A---- C:\Windows\system32\bcdedit.exe
2017-01-15 15:21:16 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-01-15 15:21:16 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-01-15 15:21:16 ----A---- C:\Windows\system32\wmploc.DLL
2017-01-15 15:21:16 ----A---- C:\Windows\system32\adtschema.dll
2017-01-15 15:21:14 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-01-15 15:21:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-01-15 15:21:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-01-15 15:21:14 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-01-15 15:21:14 ----A---- C:\Windows\system32\audiodg.exe
2017-01-15 15:21:13 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-01-15 15:21:13 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\wdigest.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\TSpkg.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\rstrui.exe
2017-01-15 15:21:13 ----A---- C:\Windows\system32\drivers\appid.sys
2017-01-15 15:21:13 ----A---- C:\Windows\system32\cryptsp.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\appinfo.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\appidsvc.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\appidapi.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\adsmsext.dll
2017-01-15 15:21:12 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-01-15 15:21:12 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-15 15:21:12 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-01-15 15:21:12 ----A---- C:\Windows\system32\smss.exe
2017-01-15 15:21:12 ----A---- C:\Windows\system32\input.dll
2017-01-15 15:21:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-01-15 15:21:12 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\input.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\msscp.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\hlink.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\csrsrv.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\cryptbase.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\asycfilt.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-01-15 15:21:10 ----A---- C:\Windows\system32\sspicli.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\srclient.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\secur32.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\pcadm.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\ntvdm64.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\nlsbres.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\msnetobj.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\msihnd.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\msaudite.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\mfpmp.exe
2017-01-15 15:21:10 ----A---- C:\Windows\system32\lsass.exe
2017-01-15 15:21:10 ----A---- C:\Windows\system32\credssp.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\auditpol.exe
2017-01-15 15:21:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-15 15:21:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-01-15 15:21:09 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\sspisrv.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\rrinstaller.exe
2017-01-15 15:21:09 ----A---- C:\Windows\system32\pcawrk.exe
2017-01-15 15:21:09 ----A---- C:\Windows\system32\pcalua.exe
2017-01-15 15:21:09 ----A---- C:\Windows\system32\msmmsp.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\lpk.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\dciman32.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\atmlib.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\user.exe
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\wow64cpu.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\spwmp.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\pcaevts.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\INETRES.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\fontsub.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\dxmasf.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\WsmRes.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\tzres.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\msobjs.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\msimsg.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\mferror.dll
2017-01-15 15:16:23 ----D---- C:\winproductkey
2017-01-15 15:10:24 ----D---- C:\Windows\CryptoGuard
2017-01-15 15:10:24 ----D---- C:\ProgramData\HitmanPro
2017-01-15 15:10:19 ----RD---- C:\Program Files (x86)\Skype
2017-01-15 15:10:02 ----D---- C:\ProgramData\HitmanPro.Alert
2017-01-15 15:10:02 ----D---- C:\Program Files (x86)\HitmanPro.Alert
2017-01-15 15:10:02 ----A---- C:\Windows\SYSWOW64\hmpalert.dll
2017-01-15 15:10:02 ----A---- C:\Windows\system32\hmpalert.dll
2017-01-15 15:10:02 ----A---- C:\Windows\system32\drivers\hmpnet.sys
2017-01-15 15:10:02 ----A---- C:\Windows\system32\drivers\hmpalert.sys
2017-01-15 14:48:22 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2017-01-15 14:43:39 ----D---- C:\Users\Administrator\AppData\Roaming\AVAST Software
2017-01-15 14:42:15 ----D---- C:\Program Files\Common Files\AV
2017-01-15 14:41:44 ----A---- C:\Windows\system32\drivers\aswStm.sys
2017-01-15 14:41:43 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2017-01-15 14:41:42 ----A---- C:\Windows\system32\drivers\aswsp.sys
2017-01-15 14:41:42 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2017-01-15 14:41:41 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2017-01-15 14:41:41 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2017-01-15 14:41:40 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2017-01-15 14:41:37 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2017-01-15 14:40:29 ----A---- C:\Windows\system32\aswBoot.exe
2017-01-15 14:39:58 ----A---- C:\Windows\avastSS.scr
2017-01-15 14:38:12 ----D---- C:\Program Files\AVAST Software
2017-01-14 20:47:45 ----HD---- C:\ProgramData\Common Files
2017-01-14 20:47:45 ----D---- C:\ProgramData\Avg
2017-01-14 20:02:41 ----D---- C:\ProgramData\AVAST Software

======List of files/folders modified in the last 1 month======

2017-01-15 19:14:26 ----D---- C:\Program Files (x86)\Steam
2017-01-15 19:13:36 ----D---- C:\Windows\Temp
2017-01-15 19:13:28 ----D---- C:\Windows\winsxs
2017-01-15 19:12:37 ----D---- C:\Windows\system32\config
2017-01-15 19:10:21 ----D---- C:\Windows\SysWOW64
2017-01-15 19:10:21 ----D---- C:\Windows\system32\drivers
2017-01-15 19:10:21 ----D---- C:\Windows\System32
2017-01-15 19:10:18 ----D---- C:\Program Files\Internet Explorer
2017-01-15 19:10:17 ----D---- C:\Program Files\Windows Media Player
2017-01-15 19:10:16 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-15 19:10:14 ----D---- C:\Windows\SYSWOW64\migration
2017-01-15 19:10:14 ----D---- C:\Program Files (x86)\Windows Media Player
2017-01-15 19:10:13 ----D---- C:\Windows\SYSWOW64\Dism
2017-01-15 19:10:13 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-15 19:10:12 ----D---- C:\Windows\SYSWOW64\en-US
2017-01-15 19:10:04 ----D---- C:\Windows\system32\migration
2017-01-15 19:10:04 ----D---- C:\Windows\system32\Dism
2017-01-15 19:10:04 ----D---- C:\Windows\system32\cs-CZ
2017-01-15 19:10:02 ----D---- C:\Windows\system32\en-US
2017-01-15 19:09:52 ----D---- C:\Windows\AppPatch
2017-01-15 19:09:50 ----D---- C:\Windows\system32\Boot
2017-01-15 19:05:41 ----SHD---- C:\System Volume Information
2017-01-15 19:04:14 ----D---- C:\Windows\Prefetch
2017-01-15 18:55:13 ----D---- C:\Windows\Microsoft.NET
2017-01-15 18:54:50 ----RSD---- C:\Windows\assembly
2017-01-15 17:52:30 ----D---- C:\Users\Administrator\AppData\Roaming\Skype
2017-01-15 17:28:59 ----D---- C:\Windows\system32\Tasks
2017-01-15 17:28:54 ----HD---- C:\ProgramData
2017-01-15 17:28:53 ----RD---- C:\Program Files
2017-01-15 16:49:12 ----SHD---- C:\Config.Msi
2017-01-15 16:30:21 ----SHD---- C:\Windows\Installer
2017-01-15 16:27:52 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-15 16:27:01 ----D---- C:\Windows\system32\Macromed
2017-01-15 16:26:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-15 16:15:28 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-01-15 16:15:08 ----D---- C:\Windows\inf
2017-01-15 16:14:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-15 16:00:51 ----D---- C:\Windows\system32\MRT
2017-01-15 15:53:30 ----D---- C:\Program Files (x86)\Common Files
2017-01-15 15:53:03 ----D---- C:\Windows\debug
2017-01-15 15:52:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2017-01-15 15:51:13 ----D---- C:\Program Files (x86)\Java
2017-01-15 15:51:00 ----AC---- C:\Windows\system32\MRT.exe
2017-01-15 15:50:25 ----D---- C:\Windows\system32\catroot2
2017-01-15 15:49:32 ----D---- C:\Program Files\Mozilla Firefox
2017-01-15 15:49:13 ----D---- C:\Program Files (x86)\Opera
2017-01-15 15:31:10 ----RD---- C:\Program Files (x86)
2017-01-15 15:31:10 ----D---- C:\Windows
2017-01-15 15:10:35 ----D---- C:\ProgramData\Skype
2017-01-15 14:48:54 ----D---- C:\Windows\Tasks
2017-01-15 14:42:15 ----D---- C:\Program Files\Common Files
2017-01-15 14:33:39 ----D---- C:\Windows\SoftwareDistribution
2017-01-15 14:32:41 ----D---- C:\Windows\Logs
2017-01-15 14:15:04 ----D---- C:\Windows\system32\wfp
2017-01-15 14:14:58 ----D---- C:\Windows\system32\wbem
2017-01-15 14:14:06 ----D---- C:\Windows\system32\DriverStore
2017-01-15 14:14:06 ----D---- C:\Windows\system32\drivers\etc
2017-01-15 14:14:05 ----SD---- C:\Windows\system32\GWX
2017-01-15 14:14:05 ----D---- C:\Windows\system32\NDF
2017-01-15 14:14:05 ----D---- C:\Windows\system32\drivers\UMDF
2017-01-15 14:14:05 ----D---- C:\WarThunder
2017-01-15 14:13:54 ----D---- C:\Program Files (x86)\Agricultural Simulator 2013 - Demo
2017-01-15 14:13:33 ----D---- C:\Windows\registration
2017-01-15 14:12:50 ----HDC---- C:\ProgramData\{3A83B8C4-5F70-453E-A723-B5672F107885}
2016-12-30 18:26:11 ----D---- C:\ProgramData\WarThunder
2016-12-30 18:25:58 ----D---- C:\ProgramData\NVIDIA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2017-01-15 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2017-01-15 293352]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-01-15 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-01-15 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-01-15 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-01-15 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2009-01-19 334344]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-01-15 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-01-15 163416]
R3 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2017-01-15 267088]
R3 hmpnet;HitmanPro.Alert Network Driver; \??\C:\Windows\system32\drivers\hmpnet.sys [2017-01-15 92200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-12 20768]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2017-01-15 37656]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-06 6150304]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-15 197128]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-01 124088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-12 1156384]
R2 hmpalertsvc;HitmanPro.Alert service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2017-01-15 4862608]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-12 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-12 5568288]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-31 878400]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-08-28 76888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-01 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-15 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-01 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-29 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 197576]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavšivené PC

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpF779.tmp.vbs

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"tmpF779"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"tmpF779"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Re: Zavšivené PC

#7 Příspěvek od ed »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrator at 2017-01-15 19:44:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 95 GB (38%) free of 250 GB
Total RAM: 4094 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:16, on 15.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Games\World_of_Warplanes\WargamingGameUpdater.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
C:\Users\Administrator\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=27368
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Administrator\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [World of Warplanes] "C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [tmpF779] wscript.exe //B "C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Gameroom.lnk = C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
O4 - Startup: GamersFirst LIVE!.lnk = C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: tmpF779.tmp.vbs
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro.Alert service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8572 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {5E70A2B3-8098-432C-B5A5-00DA020F0028}
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /tray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 1c38a3be-e5e3-41b9-ab77-cc81fe487ef4
\??\C:\Windows\system32\conhost.exe "-199626591-56331877216162501151663401619-393853238-286567465-9377049822012096151
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1596697062328878984-22572884242408922914424580212092588847-1670787704276452456
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\01152017_193456.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe" fbgames://windows_startup/
"C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe" /silent
"C:\Windows\System32\wscript.exe" //B "C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs"
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" "-cachedir=C:\Users\Administrator\AppData\Local\Steam\htmlcache" "-steampid=3020" "-buildid=1476379980" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\cef\cef.winxp\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-gpu-compositing --channel="1788.0.3630857\221853886" --font-cache-shared-handle=1280 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\cef\cef.winxp\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-gpu-compositing --channel="1788.1.1572597969\1681581363" --font-cache-shared-handle=1336 /prefetch:1
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
CefSharp.BrowserSubprocess.exe --type=gpu-process --channel="2360.0.605709900\1807709602" --no-sandbox --lang=en-US --log-file="C:\Users\Administrator\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.1.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.1.0.0]" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,25,54,64 --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x0161 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.908 --lang=en-US --log-file="C:\Users\Administrator\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 CanvasFrame/1.1.0.0 Safari/537.36 FacebookCanvasDesktop [FBAN/GamesWindowsDesktopApp; FBAV/1.1.0.0]" /prefetch:2
"C:\Users\Administrator\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Norton Security Scan for Administrator.job - C:\PROGRA~2\NORTON~2\Engine\430~1.44\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\5imjelbo.default

prefs.js - "browser.startup.homepage" - "about:home"

"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0]
"Description"=Unity Player 4.6.6f2
"Path"=C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll


C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\5imjelbo.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-01-15 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-15 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-15 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-15 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-14 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-14 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-14 363544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-12 2655520]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-10-12 1710752]
"tmpF779"=wscript.exe //B C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"cz.seznam.software.szndesktop"=C:\Users\Administrator\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-10-13 2860832]
"World of Warplanes"=C:\Games\World_of_Warplanes\WargamingGameUpdater.exe [2016-12-01 3135752]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-12-20 27250144]
"tmpF779"=wscript.exe //B C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NWEReboot"= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-15 9080768]

C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Gameroom.lnk - C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
GamersFirst LIVE!.lnk - C:\Users\Administrator\AppData\Local\GamersFirst\LIVE!\Live.exe
tmpF779.tmp.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-06 260608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-15 19:42:46 ----A---- C:\Users\Administrator\AppData\Roaming\tmpF779.tmp.vbs
2017-01-15 19:34:56 ----D---- C:\_OTM
2017-01-15 17:13:47 ----D---- C:\AdwCleaner
2017-01-15 16:36:42 ----D---- C:\rsit
2017-01-15 16:36:42 ----D---- C:\Program Files\trend micro
2017-01-15 16:07:44 ----A---- C:\autoexec.bat
2017-01-15 15:24:20 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-01-15 15:24:20 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-01-15 15:24:20 ----A---- C:\Windows\system32\drivers\srv.sys
2017-01-15 15:24:18 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-01-15 15:24:18 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-01-15 15:24:18 ----A---- C:\Windows\system32\wpnpinst.exe
2017-01-15 15:24:18 ----A---- C:\Windows\system32\ntprint.exe
2017-01-15 15:24:18 ----A---- C:\Windows\system32\ntprint.dll
2017-01-15 15:24:18 ----A---- C:\Windows\system32\localspl.dll
2017-01-15 15:24:18 ----A---- C:\Windows\system32\inetppui.dll
2017-01-15 15:24:18 ----A---- C:\Windows\system32\inetpp.dll
2017-01-15 15:22:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-01-15 15:22:00 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-01-15 15:22:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-01-15 15:22:00 ----A---- C:\Windows\system32\iertutil.dll
2017-01-15 15:22:00 ----A---- C:\Windows\system32\iernonce.dll
2017-01-15 15:22:00 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-01-15 15:22:00 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-01-15 15:21:59 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-01-15 15:21:59 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-01-15 15:21:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-01-15 15:21:59 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-01-15 15:21:59 ----A---- C:\Windows\system32\ie4uinit.exe
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-01-15 15:21:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-01-15 15:21:58 ----A---- C:\Windows\system32\UtcResources.dll
2017-01-15 15:21:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-15 15:21:58 ----A---- C:\Windows\system32\inseng.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-01-15 15:21:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\urlmon.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\occache.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\iedkcs32.dll
2017-01-15 15:21:56 ----A---- C:\Windows\system32\diagtrack.dll
2017-01-15 15:21:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-01-15 15:21:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-15 15:21:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-01-15 15:21:55 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-15 15:21:55 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-15 15:21:55 ----A---- C:\Windows\system32\dxtrans.dll
2017-01-15 15:21:54 ----A---- C:\Windows\system32\iesetup.dll
2017-01-15 15:21:54 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-15 15:21:53 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-01-15 15:21:53 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-01-15 15:21:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-15 15:21:53 ----A---- C:\Windows\system32\vbscript.dll
2017-01-15 15:21:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-15 15:21:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-01-15 15:21:52 ----A---- C:\Windows\system32\jsproxy.dll
2017-01-15 15:21:52 ----A---- C:\Windows\system32\ieUnatt.exe
2017-01-15 15:21:51 ----A---- C:\Windows\system32\dxtmsft.dll
2017-01-15 15:21:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-01-15 15:21:50 ----A---- C:\Windows\system32\mshtmled.dll
2017-01-15 15:21:50 ----A---- C:\Windows\system32\ieui.dll
2017-01-15 15:21:50 ----A---- C:\Windows\system32\ieframe.dll
2017-01-15 15:21:49 ----A---- C:\Windows\system32\webcheck.dll
2017-01-15 15:21:49 ----A---- C:\Windows\system32\jscript9diag.dll
2017-01-15 15:21:49 ----A---- C:\Windows\system32\jscript9.dll
2017-01-15 15:21:49 ----A---- C:\Windows\system32\jscript.dll
2017-01-15 15:21:48 ----A---- C:\Windows\system32\wininet.dll
2017-01-15 15:21:47 ----A---- C:\Windows\system32\msrating.dll
2017-01-15 15:21:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-01-15 15:21:46 ----A---- C:\Windows\system32\mshtml.dll
2017-01-15 15:21:44 ----A---- C:\Windows\system32\wmp.dll
2017-01-15 15:21:42 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-01-15 15:21:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-01-15 15:21:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-01-15 15:21:40 ----A---- C:\Windows\system32\FntCache.dll
2017-01-15 15:21:40 ----A---- C:\Windows\system32\DWrite.dll
2017-01-15 15:21:39 ----A---- C:\Windows\system32\win32k.sys
2017-01-15 15:21:39 ----A---- C:\Windows\system32\mf.dll
2017-01-15 15:21:38 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-01-15 15:21:38 ----A---- C:\Windows\system32\blackbox.dll
2017-01-15 15:21:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-01-15 15:21:37 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-01-15 15:21:37 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-01-15 15:21:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-01-15 15:21:36 ----A---- C:\Windows\system32\drmv2clt.dll
2017-01-15 15:21:35 ----A---- C:\Windows\system32\WsmSvc.dll
2017-01-15 15:21:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-15 15:21:34 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-01-15 15:21:34 ----A---- C:\Windows\system32\ntdll.dll
2017-01-15 15:21:34 ----A---- C:\Windows\system32\msi.dll
2017-01-15 15:21:33 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-01-15 15:21:32 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-01-15 15:21:32 ----A---- C:\Windows\system32\quartz.dll
2017-01-15 15:21:32 ----A---- C:\Windows\system32\crypt32.dll
2017-01-15 15:21:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-01-15 15:21:31 ----A---- C:\Windows\system32\scavengeui.dll
2017-01-15 15:21:31 ----A---- C:\Windows\system32\lsasrv.dll
2017-01-15 15:21:30 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-01-15 15:21:30 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-01-15 15:21:30 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-01-15 15:21:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-01-15 15:21:29 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-15 15:21:29 ----A---- C:\Windows\system32\oleaut32.dll
2017-01-15 15:21:29 ----A---- C:\Windows\system32\advapi32.dll
2017-01-15 15:21:28 ----A---- C:\Windows\system32\winload.exe
2017-01-15 15:21:28 ----A---- C:\Windows\system32\msctf.dll
2017-01-15 15:21:28 ----A---- C:\Windows\system32\kernel32.dll
2017-01-15 15:21:28 ----A---- C:\Windows\system32\audiosrv.dll
2017-01-15 15:21:27 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-01-15 15:21:27 ----A---- C:\Windows\system32\win32spl.dll
2017-01-15 15:21:27 ----A---- C:\Windows\system32\UIAnimation.dll
2017-01-15 15:21:27 ----A---- C:\Windows\system32\kerberos.dll
2017-01-15 15:21:27 ----A---- C:\Windows\system32\authui.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-01-15 15:21:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-15 15:21:26 ----A---- C:\Windows\system32\schannel.dll
2017-01-15 15:21:26 ----A---- C:\Windows\system32\KernelBase.dll
2017-01-15 15:21:26 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-15 15:21:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-01-15 15:21:25 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-01-15 15:21:25 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-01-15 15:21:25 ----A---- C:\Windows\system32\evr.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-01-15 15:21:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-01-15 15:21:24 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-01-15 15:21:24 ----A---- C:\Windows\system32\WebClnt.dll
2017-01-15 15:21:24 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-01-15 15:21:24 ----A---- C:\Windows\system32\atmfd.dll
2017-01-15 15:21:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-01-15 15:21:23 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\wintrust.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\user32.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\msv1_0.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\gdi32.dll
2017-01-15 15:21:23 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-01-15 15:21:23 ----A---- C:\Windows\system32\cryptsvc.dll
2017-01-15 15:21:22 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-01-15 15:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-01-15 15:21:22 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-01-15 15:21:22 ----A---- C:\Windows\system32\wow64win.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\usp10.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\srcore.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\qdvd.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\cryptui.dll
2017-01-15 15:21:22 ----A---- C:\Windows\system32\clfs.sys
2017-01-15 15:21:22 ----A---- C:\Windows\system32\AudioEng.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-01-15 15:21:21 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-01-15 15:21:21 ----A---- C:\Windows\system32\mfplat.dll
2017-01-15 15:21:21 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-15 15:21:21 ----A---- C:\Windows\system32\conhost.exe
2017-01-15 15:21:20 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-01-15 15:21:20 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-01-15 15:21:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-01-15 15:21:20 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\WsmAuto.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\rpchttp.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\pcasvc.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-01-15 15:21:20 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-01-15 15:21:20 ----A---- C:\Windows\system32\davclnt.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\cryptnet.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\AudioSes.dll
2017-01-15 15:21:20 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-01-15 15:21:19 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-01-15 15:21:19 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-01-15 15:21:19 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-01-15 15:21:19 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-01-15 15:21:18 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-01-15 15:21:18 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-01-15 15:21:18 ----A---- C:\Windows\system32\winsrv.dll
2017-01-15 15:21:18 ----A---- C:\Windows\system32\ncrypt.dll
2017-01-15 15:21:18 ----A---- C:\Windows\system32\msiexec.exe
2017-01-15 15:21:18 ----A---- C:\Windows\system32\EncDump.dll
2017-01-15 15:21:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-01-15 15:21:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-01-15 15:21:18 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-01-15 15:21:17 ----A---- C:\Windows\system32\wow64.dll
2017-01-15 15:21:17 ----A---- C:\Windows\system32\mfps.dll
2017-01-15 15:21:17 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-15 15:21:17 ----A---- C:\Windows\system32\consent.exe
2017-01-15 15:21:17 ----A---- C:\Windows\system32\certcli.dll
2017-01-15 15:21:17 ----A---- C:\Windows\system32\bcdedit.exe
2017-01-15 15:21:16 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-01-15 15:21:16 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-01-15 15:21:16 ----A---- C:\Windows\system32\wmploc.DLL
2017-01-15 15:21:16 ----A---- C:\Windows\system32\adtschema.dll
2017-01-15 15:21:14 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-01-15 15:21:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-01-15 15:21:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-01-15 15:21:14 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-01-15 15:21:14 ----A---- C:\Windows\system32\audiodg.exe
2017-01-15 15:21:13 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-01-15 15:21:13 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\wdigest.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\TSpkg.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\rstrui.exe
2017-01-15 15:21:13 ----A---- C:\Windows\system32\drivers\appid.sys
2017-01-15 15:21:13 ----A---- C:\Windows\system32\cryptsp.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\appinfo.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\appidsvc.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\appidapi.dll
2017-01-15 15:21:13 ----A---- C:\Windows\system32\adsmsext.dll
2017-01-15 15:21:12 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-01-15 15:21:12 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-15 15:21:12 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-01-15 15:21:12 ----A---- C:\Windows\system32\smss.exe
2017-01-15 15:21:12 ----A---- C:\Windows\system32\input.dll
2017-01-15 15:21:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-01-15 15:21:12 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\input.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-15 15:21:11 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\msscp.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\hlink.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\csrsrv.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\cryptbase.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\asycfilt.dll
2017-01-15 15:21:11 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-01-15 15:21:10 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-01-15 15:21:10 ----A---- C:\Windows\system32\sspicli.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\srclient.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\secur32.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\pcadm.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\ntvdm64.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\nlsbres.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\msnetobj.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\msihnd.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\msaudite.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\mfpmp.exe
2017-01-15 15:21:10 ----A---- C:\Windows\system32\lsass.exe
2017-01-15 15:21:10 ----A---- C:\Windows\system32\credssp.dll
2017-01-15 15:21:10 ----A---- C:\Windows\system32\auditpol.exe
2017-01-15 15:21:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-15 15:21:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-01-15 15:21:09 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-01-15 15:21:09 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\sspisrv.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\rrinstaller.exe
2017-01-15 15:21:09 ----A---- C:\Windows\system32\pcawrk.exe
2017-01-15 15:21:09 ----A---- C:\Windows\system32\pcalua.exe
2017-01-15 15:21:09 ----A---- C:\Windows\system32\msmmsp.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\lpk.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\dciman32.dll
2017-01-15 15:21:09 ----A---- C:\Windows\system32\atmlib.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-15 15:21:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\user.exe
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-01-15 15:21:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\wow64cpu.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\spwmp.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\pcaevts.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\INETRES.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\fontsub.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\dxmasf.dll
2017-01-15 15:21:08 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-01-15 15:21:07 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\WsmRes.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\tzres.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\msobjs.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\msimsg.dll
2017-01-15 15:21:07 ----A---- C:\Windows\system32\mferror.dll
2017-01-15 15:16:23 ----D---- C:\winproductkey
2017-01-15 15:10:24 ----D---- C:\Windows\CryptoGuard
2017-01-15 15:10:24 ----D---- C:\ProgramData\HitmanPro
2017-01-15 15:10:19 ----RD---- C:\Program Files (x86)\Skype
2017-01-15 15:10:02 ----D---- C:\ProgramData\HitmanPro.Alert
2017-01-15 15:10:02 ----D---- C:\Program Files (x86)\HitmanPro.Alert
2017-01-15 15:10:02 ----A---- C:\Windows\SYSWOW64\hmpalert.dll
2017-01-15 15:10:02 ----A---- C:\Windows\system32\hmpalert.dll
2017-01-15 15:10:02 ----A---- C:\Windows\system32\drivers\hmpnet.sys
2017-01-15 15:10:02 ----A---- C:\Windows\system32\drivers\hmpalert.sys
2017-01-15 14:48:22 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2017-01-15 14:43:39 ----D---- C:\Users\Administrator\AppData\Roaming\AVAST Software
2017-01-15 14:42:15 ----D---- C:\Program Files\Common Files\AV
2017-01-15 14:41:44 ----A---- C:\Windows\system32\drivers\aswStm.sys
2017-01-15 14:41:43 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2017-01-15 14:41:42 ----A---- C:\Windows\system32\drivers\aswsp.sys
2017-01-15 14:41:42 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2017-01-15 14:41:41 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2017-01-15 14:41:41 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2017-01-15 14:41:40 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2017-01-15 14:41:37 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2017-01-15 14:40:29 ----A---- C:\Windows\system32\aswBoot.exe
2017-01-15 14:39:58 ----A---- C:\Windows\avastSS.scr
2017-01-15 14:38:12 ----D---- C:\Program Files\AVAST Software
2017-01-14 20:47:45 ----HD---- C:\ProgramData\Common Files
2017-01-14 20:47:45 ----D---- C:\ProgramData\Avg
2017-01-14 20:02:41 ----D---- C:\ProgramData\AVAST Software

======List of files/folders modified in the last 1 month======

2017-01-15 19:44:14 ----D---- C:\Windows\Temp
2017-01-15 19:43:24 ----D---- C:\Users\Administrator\AppData\Roaming\Skype
2017-01-15 19:41:59 ----D---- C:\Program Files (x86)\Steam
2017-01-15 19:40:41 ----D---- C:\Windows\system32\config
2017-01-15 19:39:01 ----D---- C:\Windows
2017-01-15 19:19:29 ----D---- C:\Windows\System32
2017-01-15 19:19:29 ----D---- C:\Windows\inf
2017-01-15 19:19:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-15 19:13:28 ----D---- C:\Windows\winsxs
2017-01-15 19:10:21 ----D---- C:\Windows\SysWOW64
2017-01-15 19:10:21 ----D---- C:\Windows\system32\drivers
2017-01-15 19:10:18 ----D---- C:\Program Files\Internet Explorer
2017-01-15 19:10:17 ----D---- C:\Program Files\Windows Media Player
2017-01-15 19:10:16 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-15 19:10:14 ----D---- C:\Windows\SYSWOW64\migration
2017-01-15 19:10:14 ----D---- C:\Program Files (x86)\Windows Media Player
2017-01-15 19:10:13 ----D---- C:\Windows\SYSWOW64\Dism
2017-01-15 19:10:13 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-15 19:10:12 ----D---- C:\Windows\SYSWOW64\en-US
2017-01-15 19:10:04 ----D---- C:\Windows\system32\migration
2017-01-15 19:10:04 ----D---- C:\Windows\system32\Dism
2017-01-15 19:10:04 ----D---- C:\Windows\system32\cs-CZ
2017-01-15 19:10:02 ----D---- C:\Windows\system32\en-US
2017-01-15 19:09:52 ----D---- C:\Windows\AppPatch
2017-01-15 19:09:50 ----D---- C:\Windows\system32\Boot
2017-01-15 19:05:41 ----SHD---- C:\System Volume Information
2017-01-15 19:04:14 ----D---- C:\Windows\Prefetch
2017-01-15 18:55:13 ----D---- C:\Windows\Microsoft.NET
2017-01-15 18:54:50 ----RSD---- C:\Windows\assembly
2017-01-15 17:28:59 ----D---- C:\Windows\system32\Tasks
2017-01-15 17:28:54 ----HD---- C:\ProgramData
2017-01-15 17:28:53 ----RD---- C:\Program Files
2017-01-15 16:49:12 ----SHD---- C:\Config.Msi
2017-01-15 16:30:21 ----SHD---- C:\Windows\Installer
2017-01-15 16:27:52 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-15 16:27:01 ----D---- C:\Windows\system32\Macromed
2017-01-15 16:26:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-15 16:15:28 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-01-15 16:00:51 ----D---- C:\Windows\system32\MRT
2017-01-15 15:53:30 ----D---- C:\Program Files (x86)\Common Files
2017-01-15 15:53:03 ----D---- C:\Windows\debug
2017-01-15 15:52:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2017-01-15 15:51:13 ----D---- C:\Program Files (x86)\Java
2017-01-15 15:51:00 ----AC---- C:\Windows\system32\MRT.exe
2017-01-15 15:50:25 ----D---- C:\Windows\system32\catroot2
2017-01-15 15:49:32 ----D---- C:\Program Files\Mozilla Firefox
2017-01-15 15:49:13 ----D---- C:\Program Files (x86)\Opera
2017-01-15 15:31:10 ----RD---- C:\Program Files (x86)
2017-01-15 15:10:35 ----D---- C:\ProgramData\Skype
2017-01-15 14:48:54 ----D---- C:\Windows\Tasks
2017-01-15 14:42:15 ----D---- C:\Program Files\Common Files
2017-01-15 14:33:39 ----D---- C:\Windows\SoftwareDistribution
2017-01-15 14:32:41 ----D---- C:\Windows\Logs
2017-01-15 14:15:04 ----D---- C:\Windows\system32\wfp
2017-01-15 14:14:58 ----D---- C:\Windows\system32\wbem
2017-01-15 14:14:06 ----D---- C:\Windows\system32\DriverStore
2017-01-15 14:14:06 ----D---- C:\Windows\system32\drivers\etc
2017-01-15 14:14:05 ----SD---- C:\Windows\system32\GWX
2017-01-15 14:14:05 ----D---- C:\Windows\system32\NDF
2017-01-15 14:14:05 ----D---- C:\Windows\system32\drivers\UMDF
2017-01-15 14:14:05 ----D---- C:\WarThunder
2017-01-15 14:13:54 ----D---- C:\Program Files (x86)\Agricultural Simulator 2013 - Demo
2017-01-15 14:13:33 ----D---- C:\Windows\registration
2017-01-15 14:12:50 ----HDC---- C:\ProgramData\{3A83B8C4-5F70-453E-A723-B5672F107885}
2016-12-30 18:26:11 ----D---- C:\ProgramData\WarThunder
2016-12-30 18:25:58 ----D---- C:\ProgramData\NVIDIA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2017-01-15 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2017-01-15 293352]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-01-15 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-01-15 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-01-15 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-01-15 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2009-01-19 334344]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-01-15 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-01-15 163416]
R3 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2017-01-15 267088]
R3 hmpnet;HitmanPro.Alert Network Driver; \??\C:\Windows\system32\drivers\hmpnet.sys [2017-01-15 92200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-12 20768]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2017-01-15 37656]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-06 6150304]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-15 197128]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-01 124088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-12 1156384]
R2 hmpalertsvc;HitmanPro.Alert service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2017-01-15 4862608]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-12 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-12 5568288]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-31 878400]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-08-28 76888]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-01 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-29 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-15 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-01 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-29 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 197576]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-01 139944]

-----------------EOF-----------------
Nahoru
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Re: Zavšivené PC

#8 Příspěvek od ed »

Po restartu stale vyskakuje tohle chybove hlaseni.
Přílohy
chybova_hlaska.JPG
chybova_hlaska.JPG (68.28 KiB) Zobrazeno 3466 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavšivené PC

#9 Příspěvek od Rudy »

Toto je seznam desktop. Zkuste ho přeinstalovat. Šmějd tam ale stále je. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Re: Zavšivené PC

#10 Příspěvek od ed »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 15.01.17
Čas skenování: 20:52
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.0.5.1299
Verze komponentů: 1.0.43
Aktualizovat verzi balíku komponent: 1.0.1020
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: nemo-PC\Administrator

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 423828
Uplynulý čas: 14 min, 17 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 10
PUP.Optional.AION, HKU\S-1-5-21-116394225-114809004-1778740173-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AION, Žádná uživatelská akce, [1608], [334332],1.0.1020
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AION 5M, Žádná uživatelská akce, [78], [186077],1.0.1020
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AION NF Saturday, Žádná uživatelská akce, [78], [186077],1.0.1020
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AION NF Sunday, Žádná uživatelská akce, [78], [186077],1.0.1020
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AION NS Saturday, Žádná uživatelská akce, [78], [186077],1.0.1020
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AION NS Sunday, Žádná uživatelská akce, [78], [186077],1.0.1020
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder05, Žádná uživatelská akce, [78], [186209],1.0.1020
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-116394225-114809004-1778740173-1001\SOFTWARE\AskPartnerNetwork, Žádná uživatelská akce, [10939], [186876],1.0.1020
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-116394225-114809004-1778740173-501\SOFTWARE\AskPartnerNetwork, Žádná uživatelská akce, [10939], [186876],1.0.1020
PUP.Optional.Teoma, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{41545533-2D54-4D47-00A7-A758B70C2D00}, Žádná uživatelská akce, [2410], [344543],1.0.1020

Hodnota v registru: 5
Trojan.Agent, HKU\S-1-5-21-116394225-114809004-1778740173-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|710B7EFAD0775EBAE125A39B1ABCFC39, Žádná uživatelská akce, [22], [190819],1.0.1020
Trojan.Agent, HKU\S-1-5-21-116394225-114809004-1778740173-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|32D89C6D91FB6FC67D4995932F3911DF, Žádná uživatelská akce, [22], [190819],1.0.1020
Trojan.Agent, HKU\S-1-5-21-116394225-114809004-1778740173-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|770A72BFED2F27C24EA442DAF77B24D6, Žádná uživatelská akce, [22], [190819],1.0.1020
Trojan.Agent, HKU\S-1-5-21-116394225-114809004-1778740173-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|0F018CD4DE80F310189AC6108F48F9D6, Žádná uživatelská akce, [22], [190819],1.0.1020
PUP.Optional.Teoma, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{41545533-2D54-4D47-00A7-A758B70C2D00}|DISPLAYNAME, Žádná uživatelská akce, [2410], [344543],1.0.1020

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 87
PUP.Optional.AION, C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\AION, Žádná uživatelská akce, [1608], [334332],1.0.1020
PUP.Optional.AION, C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\AION, Žádná uživatelská akce, [1608], [334529],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\abstractbutton\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedscript\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\thirdparty\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\uninstall\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedhtml\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\weather\css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\topapps\css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\weather\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\weather\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\topapps\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\generic\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio\css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedscript\html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\alert\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\flare\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\topapps, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\link\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\weather, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\abstractbutton, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedhtml\html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedscript\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\common, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\rss\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\rss\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedhtml\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedscript, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\flare\icons, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\images, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\rss, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\radioWrapper, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\search\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\thirdparty, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews\html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedhtml, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\foreground, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\uninstall, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews\css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\generic, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\weather, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\background, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\alert, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\flare, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\search\html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\link, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\rss, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\window, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\search, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\adapter, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native\libs, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\_metadata, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\icons, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JIBLFDGFGCNPIGDKDINCMFAMOKNECAGC, Žádná uživatelská akce, [342], [301931],1.0.1020

Soubor: 258
Trojan.StolenData, C:\PROGRAMDATA\SVCHOST.EXE.TMP, Žádná uživatelská akce, [1350], [250126],1.0.1020
PUP.Optional.AION, C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\AION\TD.ICO, Žádná uživatelská akce, [1608], [334332],1.0.1020
PUP.Optional.AION, C:\Users\Administrator\AppData\Roaming\AION\Uninstaller.exe, Žádná uživatelská akce, [1608], [334332],1.0.1020
Trojan.StolenData, C:\USERS\GUEST\APPDATA\ROAMING\SVCHOST.EXE.TMP, Žádná uživatelská akce, [1350], [250126],1.0.1020
Trojan.Agent.Trace, C:\USERS\JOHN DEERE\APPDATA\ROAMING\MICROSOFT\WINDOWS\--((MUTEX))--.DAT, Žádná uživatelská akce, [3091], [247504],1.0.1020
Trojan.Agent.Trace, C:\USERS\JOHN DEERE\APPDATA\ROAMING\MICROSOFT\WINDOWS\--((MUTEX))--.XTR, Žádná uživatelská akce, [3091], [247504],1.0.1020
PUP.Optional.Bundler, C:\USERS\ADMINISTRATOR\DOWNLOADS\MINECRAFT-SEZNAM-LISTICKA.EXE, Žádná uživatelská akce, [222], [88479],1.0.1020
PUP.Optional.InstallCore, C:\USERS\ADMINISTRATOR\DOWNLOADS\SUPERMAN_MOD_FOR_GTA_IV.EXE, Žádná uživatelská akce, [8], [78708],1.0.1020
PUP.Optional.Bundler, C:\USERS\ADMINISTRATOR\DOWNLOADS\WINRAR-SEZNAM-LISTICKA.EXE, Žádná uživatelská akce, [222], [88479],1.0.1020
PUP.Optional.InstallCore, C:\USERS\ADMINISTRATOR\DOWNLOADS\GRAND_THEFT_AUTO_V.EXE, Žádná uživatelská akce, [8], [78708],1.0.1020
PUP.Optional.InstallCore, C:\USERS\ADMINISTRATOR\DOWNLOADS\OPTIFINE_FOR_MINECRAFT.EXE, Žádná uživatelská akce, [8], [78708],1.0.1020
PUP.Optional.Reimage, C:\USERS\ADMINISTRATOR\DOWNLOADS\REIMAGEREPAIR.EXE, Žádná uživatelská akce, [1317], [331559],1.0.1020
PUP.Optional.SpyHunter, C:\USERS\ADMINISTRATOR\DOWNLOADS\SH-REMOVER.EXE, Žádná uživatelská akce, [1670], [331753],1.0.1020
PUP.Optional.SpyHunter, C:\USERS\ADMINISTRATOR\DOWNLOADS\SPYHUNTER-INSTALLER.EXE.PART, Žádná uživatelská akce, [1670], [331753],1.0.1020
Trojan.Agent.PGen, C:\USERS\GUEST\DOWNLOADS\GRAND-THEFT-AUTO-SAN-ANDREAS---RUSSIA-FOREVER.RAR, Žádná uživatelská akce, [4065], [10577],1.0.1020
PUP.Optional.AION, C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\AION\AION.LNK, Žádná uživatelská akce, [1608], [334529],1.0.1020
PUP.Optional.MindSpark, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\chrome-extension_jiblfdgfgcnpigdkdincmfamoknecagc_0.localstorage, Žádná uživatelská akce, [342], [240369],1.0.1020
PUP.Optional.MindSpark, C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JIBLFDGFGCNPIGDKDINCMFAMOKNECAGC\12.41.9.63565_0\MANIFEST.JSON, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\adapter\adapterUtil.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\adapter\widget-adapter.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\abstractbutton\background\abstractButton.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\alert\background\alertButton.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedhtml\background\embedHtmlWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedhtml\html\embedHtmlTemplate.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedhtml\js\embedHtmlUI.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedscript\background\embedScriptWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedscript\html\embedScriptTemplate.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\embedscript\js\embedScriptUI.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\flare\background\FlareWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\flare\icons\Icon_Flare_blue.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\flare\icons\Icon_Flare_pink.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\flare\icons\Thumbs.db, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\generic\background\GenericWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\link\background\linkButton.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\background\menuButton.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\css\menuframe.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\html\menuframe.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\images\right_arrow.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\images\right_arrow_white.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\js\jquery-1.7.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\js\menuframe.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\js\query-string.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\js\underscore-1.3.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\menu\README.txt, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\rss\background\RssWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\thirdparty\background\thirdPartyWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\uninstall\background\uninstallButton.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\components\weather\background\weatherButton.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\bs.30.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\common.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\dynamic.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\enableDetect.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\eventListening.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\global.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\jquery-1.7.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\list-interaction.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\messageEventListener.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\navRedirector.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\paramReplacer.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\PartnerId.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\set.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\underscore-1.3.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\underscore-1.5.2.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\js\unifiedLogging.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\common\common.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\common\eventListening.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\common\list-interaction.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\common\set.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio\css\radio-widget.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio\js\radio-custom.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio\js\radio-parser.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio\js\radio-widget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\radio\radio-widget.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\rss\js\rss-widget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\rss\rssWidget.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test\invalid.json, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test\jquery.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test\qunit.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test\qunit.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test\resource.json, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test\resource.xml, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test\testWidget.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\test\testWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\topapps\css\widget.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\topapps\js\topapps-config.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\topapps\js\widget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\topapps\widget.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\weather\css\weatherButton.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\weather\js\weather.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widgets\weather\weatherButton.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\common\widget-api\widget-context-1.0.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\background\ApiBasedWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\background\widget-api-impl.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\window\hiddenWidgetWindow.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\window\hiddenWidgetWindow.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\window\hiddenWidgetWindowInit.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\window\widgetWindow.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\api\window\widgetWindow.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\background\updateSearch.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\background\updateSearchPromptBg.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\07_buttons2.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\08_buttons2.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\defaultSearchModal.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\tvf_btn_ok.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\tvf_restart_icon.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews\background\MovieReviewsWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews\css\movieReviews.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews\html\movieReviews.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\moviereviews\js\movieReviews.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\background\RadioWidget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\css\toolbar-item.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\foreground\button.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\radioWrapper\radioWrapper.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\radio\radioWrapper\radioWrapper.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\search\background\searchBox.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\search\html\searchSuggestions.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\search\html\searchSuggestions.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\search\html\searchSuggestions.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\search\html\searchSuggestionsInit.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\css\supertab.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\html\supertab.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\js\newtabfork.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\js\reporting.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\js\srchsugg.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\js\supertab.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\js\unifiedLogging.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\components\supertab\js\__utm.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\icons\arrowSprite.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\icons\icon128.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\icons\icon16.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\icons\icon19disabled.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\icons\icon19on.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\icons\icon48.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\icons\tb_icon_search_disappearing_ask.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\230603640.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\230603676.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\230603680.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\230603686.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\230603710.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\230603715.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\230603751.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\230603768.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\down_arrow.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\IDR_PRODUCT_LOGO_16.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\IDR_WEBSTORE_ICON.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\magnifying_glass.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\RadioPlayerSprite.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\search_button.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\tvf_icon_guide.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\tvf_logo.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\images\wrench.png, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\chromeUtils.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\companionSWUtils.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\exeManager.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\exeManagerNMD.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\exePackageManager.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\focusManager.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\globalBlacklistManager.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\messaging.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\mutation_summary-min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\mutation_summary.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\nativeMessagingDispatcher.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\newTabInfo.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\newTabInitialize.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\options.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\readLocalStorage.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\reservespacefortoolbar.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\reservespaceifenabled.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\scriptInjector.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\searchContext.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\settingsOverrides.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\toolbarCookieParser.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\toolbarPreinit.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\underscore-1.3.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\URILoaderContentScript.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\webTooltabAPI.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\Widget.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\widgetContentScriptInjectee.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\widgetFactory.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\js\widgetWindowManager.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native\libs\jquery-1.7.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native\libs\jquery-1.9.1.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native\libs\underscore-1.5.2.min.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native\cache.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native\ce.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native\debug.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\native\ss.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\activePing.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\buttonLogger.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\competitorDnsList.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\console.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\FFPreferencesPersister.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\httpTransport.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\HttpURL.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\internationalSearch.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\LocalStoragePersister.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\MindsparkGlobal.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\MindsparkGlobal.unitTest.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\MindsparkGlobalNotes.txt, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\rsvp-latest.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\searchSuggestLocale.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\testHttpTransport.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\unifiedLogger.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\unifiedLogging.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\universalConsole.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\shared\utils.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\_metadata\verified_contents.json, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\spent.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\bg.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\buildVars, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\buildVars.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\companionSW.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\config.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\contentScript.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\contentScript.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\debug.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\debug.jade, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\extension_toolbar_api.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\initWidgetWindow.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\newTabContentScript.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\options.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\spent.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\spent.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\spent2.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\spent2.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\spentJ.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\spentK.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\spentK.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\startup.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\stub.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\stubby.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\superFrame.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\toolbar.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\toolbar.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\toolbarUI.css, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\toolbarUI.html, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\toolbarUI.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\url.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.MindSpark, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiblfdgfgcnpigdkdincmfamoknecagc\12.41.9.63565_0\webtooltab.cs.js, Žádná uživatelská akce, [342], [301931],1.0.1020
PUP.Optional.InstallCore, C:\USERS\ADMINISTRATOR\DOWNLOADS\MINECRAFT (1).EXE, Žádná uživatelská akce, [8], [78708],1.0.1020
PUP.Optional.InstallCore, C:\USERS\ADMINISTRATOR\DOWNLOADS\PRIMOPDF.EXE, Žádná uživatelská akce, [8], [78708],1.0.1020
PUP.Optional.InstallCore, C:\USERS\ADMINISTRATOR\DOWNLOADS\MICROSOFT_WORD (1).EXE, Žádná uživatelská akce, [8], [78708],1.0.1020
PUP.Optional.Bundler, C:\USERS\ADMINISTRATOR\DOWNLOADS\MINECRAFT.EXE, Žádná uživatelská akce, [222], [88479],1.0.1020
PUP.Optional.InstallCore, C:\USERS\ADMINISTRATOR\DOWNLOADS\OPTIFINE_FOR_MINECRAFT (1).EXE, Žádná uživatelská akce, [8], [78708],1.0.1020
PUP.Optional.Bundler, C:\USERS\ADMINISTRATOR\DOWNLOADS\WRAR540CZ.EXE, Žádná uživatelská akce, [222], [88479],1.0.1020

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavšivené PC

#11 Příspěvek od Rudy »

Nalezené položky smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Re: Zavšivené PC

#12 Příspěvek od ed »

ok,tak hotovo..vse v karantene..mam to jeste z karanteny trvale smazat z PC ? :-)
Nahoru
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Re: Zavšivené PC

#13 Příspěvek od ed »

Kdyz se prihlasim jako Guest, vybehne toto:
Přílohy
Výstřižek_2.jpg
Výstřižek_2.jpg (50.96 KiB) Zobrazeno 3458 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavšivené PC

#14 Příspěvek od Rudy »

Z karantény to smažte. Podle všeho jste na účtu Quest chytil Cryptolocker. Asi máte některé dokumenty zašifrovány. K dešifrování je potřeby přímý přístup do PC, což nemáme právně ošetřeno. Pokud potřebujete, obraťte se na naše kolegy zde: https://neslape.cz/?utm_campaign=neslap ... ium=banner . Upozorňuje, že těchto virů je řada variant a k ne každé máme dešifrovací klíč. SeznamDesktop přeinstalujte
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ed
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 14 led 2005 18:27

Re: Zavšivené PC

#15 Příspěvek od ed »

Dobry vecer,

karantena Malwarebytes vycistena.

ad cryptolocker..nezasahl dulezite soubory,takze v tomto okamziku neni potreba desifrovat.. rad bych ale, aby ten previt byl z PC pryc :-) Vidite ho nekde v nekterem z logu po Vami doporucenych zakrocich?

Diky za info :-)
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“