Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Po spuštění Firefoxu Avast hlásí blokování stránek

Návody, recenze, diskuze, řešení problémů

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
gruza.pavel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 bře 2008 13:46
Bydliště: Břeclav
Kontaktovat uživatele:

Po spuštění Firefoxu Avast hlásí blokování stránek

#1 Příspěvek od gruza.pavel »

Dobrý den,
může mi někdo poradit. Včera se mi do počítače dostal nějký sráč. Když spustím Mozilla Firefox na úvodní stránku což mám Seznam, tak okamžitě začne vyskakovat okno od antiviru Avast, že Avast zablokoval nebezpečnou stránku. Pak skáčou další a další okna že zablokoval další stránky. Projel jsem PC kde čím a stále se toho nemůžu zbavit. Zkusil jsem i jiný antivirový program a stále nic. Nepomohlo odinstalování Firefoxu, vyčištění registrů. Dělá to stále, ale jen na Firefoxu, u Internet Exploreru to nedělá. Přikládám log a děkuji předem za pomoc. Pavel

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:39:07, on 14.5.2015
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\l\Desktop\vytvoření Logu z HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service;gadgetDataDir=C:\ProgramData\BlueStacks\UserData\Gadget" (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8413 bytes

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#2 Příspěvek od Márty84 »

Zdravim :)

Samotny log z HJT je uz nekolik let k nicemu, zvlast uz 64bit systemu.

Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe , navod zde http://forum.viry.cz/viewtopic.php?f=30&t=130787
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#3 Příspěvek od Márty84 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by l at 2015-05-14 11:32:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 87 GB (18%) free of 483 GB
Total RAM: 7990 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:12, on 14.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
C:\Program Files\trend micro\l.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service;gadgetDataDir=C:\ProgramData\BlueStacks\UserData\Gadget" (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9000 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
\??\C:\Windows\system32\conhost.exe "-604726308-1941297943185959259773085349317410823421759990349688754711-1018765771
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
C:\Windows\system32\valWBFPolicyService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
taskeng.exe {C36E0D3C-484F-4FBA-BB59-84E1CD7DEDF8}
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task
taskeng.exe {75A648AC-8120-41FA-B65D-825B30327F97}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui

C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe" /RunCurUs
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\l\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job - C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job - C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job - C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job - C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "keyword.url" - "https://www.google.com/search/?trackid=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.80.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\extensions\
iobitascsurfingprotection@iobit.com
lx@U.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-23 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-28 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-13 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-28 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-13 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2015-04-01 672032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8]
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2015-04-08 2429728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-27 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-22 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2010-07-28 386584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2010-07-28 161304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-03-06 5768992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NETGEARGenie]
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [2012-03-12 1091872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-07-28 415256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtsCM]
C:\Windows\RTSCM64.EXE [2015-05-02 168152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung Link]
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2014-12-16 607584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-09 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 335232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^l^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Root_with_Restore_by_Bin4ry_v36.zip.lnk]
C:\PROGRA~3\{F3A05~1\ROOT_W~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^l^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-11 5515496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-27 271360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-14 11:32:04 ----D---- C:\Program Files\trend micro
2015-05-14 11:32:03 ----D---- C:\rsit
2015-05-14 09:37:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-14 09:09:36 ----SHD---- C:\Config.Msi
2015-05-14 08:53:25 ----A---- C:\Windows\system32\services.exe
2015-05-14 08:52:41 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:52:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:50:25 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-14 08:50:25 ----A---- C:\Windows\system32\schannel.dll
2015-05-14 08:50:25 ----A---- C:\Windows\system32\certcli.dll
2015-05-14 08:50:24 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-05-14 08:48:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-05-14 08:48:48 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-05-14 08:48:48 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-05-14 08:48:48 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-14 08:48:48 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-14 08:48:47 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-05-14 08:48:47 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-14 08:48:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-05-14 08:48:46 ----A---- C:\Windows\system32\ieui.dll
2015-05-14 08:48:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-05-14 08:48:45 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-14 08:48:45 ----A---- C:\Windows\system32\ieframe.dll
2015-05-14 08:48:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-05-14 08:48:39 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-05-14 08:48:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-05-14 08:48:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-05-14 08:48:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-05-14 08:48:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-05-14 08:48:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\mshtml.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\jscript.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-14 08:48:39 ----A---- C:\Windows\system32\iesetup.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\iernonce.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-14 08:48:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-14 08:48:39 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-14 08:48:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-05-14 08:48:38 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-05-14 08:48:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-05-14 08:48:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-05-14 08:48:38 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-05-14 08:48:38 ----A---- C:\Windows\system32\vbscript.dll
2015-05-14 08:48:38 ----A---- C:\Windows\system32\jscript9.dll
2015-05-14 08:48:38 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-14 08:48:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-05-14 08:48:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-05-14 08:48:37 ----A---- C:\Windows\system32\wininet.dll
2015-05-14 08:48:37 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-14 08:48:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-14 08:48:36 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-05-14 08:48:36 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-05-14 08:48:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-14 08:48:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-14 08:48:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-05-14 08:48:35 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-05-14 08:48:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-05-14 08:48:35 ----A---- C:\Windows\system32\urlmon.dll
2015-05-14 08:48:35 ----A---- C:\Windows\system32\msrating.dll
2015-05-14 08:48:35 ----A---- C:\Windows\system32\iertutil.dll
2015-05-14 08:48:34 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-14 08:43:01 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-14 08:43:01 ----A---- C:\Windows\system32\FntCache.dll
2015-05-14 08:43:01 ----A---- C:\Windows\system32\DWrite.dll
2015-05-14 08:43:00 ----A---- C:\Windows\system32\win32k.sys
2015-05-14 08:41:33 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-14 08:41:32 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-14 08:41:31 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 11:49:25 ----D---- C:\ProgramData\3898176398267469034
2015-05-13 11:49:25 ----D---- C:\Program Files (x86)\PriCeMinus
2015-05-13 11:48:20 ----D---- C:\ProgramData\{f3a0567d-15fe-1fe8-f3a0-0567d15f59f4}
2015-05-13 11:08:25 ----D---- C:\Program Files (x86)\Kingo ROOT
2015-05-09 10:52:03 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-09 10:52:03 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-09 10:52:02 ----A---- C:\Windows\system32\msobjs.dll
2015-05-09 10:52:02 ----A---- C:\Windows\system32\msaudite.dll
2015-05-09 10:52:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-09 10:52:02 ----A---- C:\Windows\system32\auditpol.exe
2015-05-09 10:52:02 ----A---- C:\Windows\system32\adtschema.dll
2015-05-09 10:52:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-05-09 10:52:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-05-09 10:52:01 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-09 10:52:01 ----A---- C:\Windows\system32\sspicli.dll
2015-05-09 10:52:01 ----A---- C:\Windows\system32\secur32.dll
2015-05-09 10:52:01 ----A---- C:\Windows\system32\lsass.exe
2015-05-09 10:52:01 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-09 10:52:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-09 10:52:00 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-05-09 10:52:00 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-05-09 10:52:00 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-05-09 10:52:00 ----A---- C:\Windows\system32\srclient.dll
2015-05-09 10:51:59 ----A---- C:\Windows\system32\srcore.dll
2015-05-09 10:51:59 ----A---- C:\Windows\system32\rstrui.exe
2015-05-09 10:51:51 ----A---- C:\Windows\system32\typeperf.exe
2015-05-09 10:51:51 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-09 10:51:51 ----A---- C:\Windows\system32\logman.exe
2015-05-09 10:51:51 ----A---- C:\Windows\system32\diskperf.exe
2015-05-09 10:51:50 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-05-09 10:51:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-05-09 10:51:50 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-05-09 10:51:50 ----A---- C:\Windows\system32\wow64win.dll
2015-05-09 10:51:50 ----A---- C:\Windows\system32\wow64cpu.dll
2015-05-09 10:51:50 ----A---- C:\Windows\system32\wow64.dll
2015-05-09 10:51:50 ----A---- C:\Windows\system32\tdh.dll
2015-05-09 10:51:50 ----A---- C:\Windows\system32\sechost.dll
2015-05-09 10:51:50 ----A---- C:\Windows\system32\relog.exe
2015-05-09 10:51:50 ----A---- C:\Windows\system32\ntvdm64.dll
2015-05-09 10:51:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-09 10:51:50 ----A---- C:\Windows\system32\KernelBase.dll
2015-05-09 10:51:50 ----A---- C:\Windows\system32\kerberos.dll
2015-05-09 10:51:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-05-09 10:51:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-05-09 10:51:49 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\winsrv.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\wdigest.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\smss.exe
2015-05-09 10:51:49 ----A---- C:\Windows\system32\ntdll.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\kernel32.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\credssp.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\conhost.exe
2015-05-09 10:51:49 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-09 10:51:49 ----A---- C:\Windows\system32\advapi32.dll
2015-05-09 10:51:47 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-05-09 10:51:47 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-05-09 10:51:46 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-05-09 10:51:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 10:51:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 10:51:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 10:51:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 10:51:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 10:51:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-09 10:51:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 10:51:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-05-09 10:51:45 ----A---- C:\Windows\SYSWOW64\user.exe
2015-05-09 10:51:45 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-05-09 10:51:45 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-05-09 10:51:45 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 10:51:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 10:51:43 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-07 17:18:38 ----A---- C:\Windows\system32\aswBoot.exe
2015-05-07 17:18:30 ----A---- C:\Windows\avastSS.scr
2015-05-03 16:12:35 ----D---- C:\Users\l\AppData\Roaming\Solvusoft
2015-05-03 16:12:34 ----A---- C:\Windows\system32\roboot64.exe
2015-05-03 15:57:50 ----D---- C:\ProgramData\TweakBit
2015-05-03 15:54:19 ----D---- C:\Program Files\Hewlett-Packard
2015-05-03 15:09:05 ----A---- C:\Windows\system32\wbf_vfs301.dll
2015-05-02 21:58:23 ----A---- C:\Windows\system32\drivers\Impcd.sys
2015-05-02 21:56:16 ----A---- C:\Windows\system32\WinUSBCoInstaller2.dll
2015-05-02 21:54:44 ----A---- C:\Windows\system32\hpservice.exe
2015-05-02 21:54:44 ----A---- C:\Windows\system32\HPMDPCoInst12.dll
2015-05-02 21:54:44 ----A---- C:\Windows\system32\drivers\Accelerometer.sys
2015-05-02 21:54:44 ----A---- C:\Windows\system32\accelerometerdll.DLL
2015-05-02 21:41:35 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-02 21:41:32 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2015-05-02 21:38:31 ----A---- C:\Windows\system32\RaCoInstx.dll
2015-05-02 21:38:31 ----A---- C:\Windows\system32\RaCoInst.dat
2015-05-02 21:38:31 ----A---- C:\Windows\system32\drivers\netr28x.sys
2015-05-02 21:37:31 ----A---- C:\Windows\SYSWOW64\RtCamX.dll
2015-05-02 21:37:31 ----A---- C:\Windows\SYSWOW64\RsDecode.dll
2015-05-02 21:37:31 ----A---- C:\Windows\system32\RtCamX64.dll
2015-05-02 21:37:31 ----A---- C:\Windows\system32\drivers\rtsuvc.sys
2015-05-02 21:37:31 ----A---- C:\Windows\RtsCM64.exe
2015-05-02 21:37:31 ----A---- C:\Windows\RtCamU64.exe
2015-05-02 21:35:33 ----A---- C:\Windows\system32\RtNicProp64.dll
2015-05-02 21:35:33 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2015-05-02 20:01:00 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2015-05-02 19:59:32 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2015-05-02 19:59:29 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2015-05-02 19:58:50 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2015-05-02 15:18:48 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-02 15:18:48 ----A---- C:\Windows\system32\poqexec.exe
2015-05-02 15:18:24 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-02 15:18:24 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-02 15:18:24 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-02 15:18:24 ----A---- C:\Windows\system32\shimeng.dll
2015-05-02 15:18:24 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-02 15:18:24 ----A---- C:\Windows\system32\apphelp.dll
2015-05-02 15:18:24 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-02 15:18:04 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-05-02 15:18:04 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-05-02 15:18:04 ----A---- C:\Windows\system32\dwmcore.dll
2015-05-02 15:18:04 ----A---- C:\Windows\system32\dwmapi.dll
2015-05-02 15:17:28 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-02 15:17:28 ----A---- C:\Windows\system32\wpdshext.dll
2015-04-28 18:13:40 ----A---- C:\Windows\system32\javaws.exe
2015-04-28 18:13:27 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-28 18:13:27 ----A---- C:\Windows\system32\javaw.exe
2015-04-28 18:13:27 ----A---- C:\Windows\system32\java.exe
2015-04-28 18:13:20 ----D---- C:\Program Files\Java
2015-04-16 06:20:38 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 06:20:38 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 06:20:38 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 06:20:38 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 06:20:38 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 06:20:38 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 06:20:38 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 06:20:38 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 06:20:38 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 06:20:38 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 06:20:37 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 06:20:37 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 06:20:37 ----A---- C:\Windows\system32\wups.dll
2015-04-16 06:20:37 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 06:20:37 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 06:20:37 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 06:20:33 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 06:20:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 06:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 06:20:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 06:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 06:20:30 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 06:19:48 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 06:19:10 ----A---- C:\Windows\system32\clfs.sys
2015-04-16 06:19:09 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 06:19:09 ----A---- C:\Windows\system32\clfsw32.dll

======List of files/folders modified in the last 1 month======

2015-05-14 11:32:06 ----D---- C:\Windows\Temp
2015-05-14 11:32:04 ----D---- C:\Program Files
2015-05-14 11:19:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-14 11:12:05 ----D---- C:\Windows\system32\NDF
2015-05-14 11:11:06 ----D---- C:\Windows\System32
2015-05-14 11:11:06 ----D---- C:\Windows\inf
2015-05-14 11:11:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-14 09:39:20 ----D---- C:\Windows\system32\config
2015-05-14 09:39:09 ----D---- C:\Windows\Microsoft.NET
2015-05-14 09:39:06 ----RSD---- C:\Windows\assembly
2015-05-14 09:37:04 ----RD---- C:\Program Files (x86)
2015-05-14 09:28:59 ----D---- C:\Windows\winsxs
2015-05-14 09:25:58 ----AD---- C:\Windows
2015-05-14 09:22:36 ----D---- C:\Windows\SysWOW64
2015-05-14 09:22:35 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-14 09:22:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-05-14 09:22:35 ----D---- C:\Windows\system32\cs-CZ
2015-05-14 09:22:35 ----D---- C:\Program Files\Internet Explorer
2015-05-14 09:22:33 ----D---- C:\Windows\system32\en-US
2015-05-14 09:22:32 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-14 09:22:19 ----SHD---- C:\Windows\Installer
2015-05-14 09:13:01 ----HD---- C:\ProgramData
2015-05-14 09:10:17 ----D---- C:\Windows\system32\DriverStore
2015-05-14 09:10:16 ----D---- C:\Windows\system32\drivers
2015-05-14 09:07:48 ----SHD---- C:\System Volume Information
2015-05-14 08:48:30 ----D---- C:\Windows\system32\catroot2
2015-05-14 08:41:44 ----D---- C:\Program Files\Windows Journal
2015-05-13 17:57:38 ----SD---- C:\Users\l\AppData\Roaming\Microsoft
2015-05-13 17:13:37 ----D---- C:\Windows\SoftwareDistribution
2015-05-13 16:10:07 ----D---- C:\Windows\debug
2015-05-13 16:09:43 ----D---- C:\Windows\Help
2015-05-13 13:04:46 ----D---- C:\Windows\Tasks
2015-05-13 13:04:46 ----D---- C:\Windows\system32\Tasks
2015-05-13 13:03:41 ----D---- C:\Program Files (x86)\Java
2015-05-13 12:59:17 ----D---- C:\Windows\pss
2015-05-13 12:57:16 ----D---- C:\ProgramData\BlueStacksSetup
2015-05-12 12:50:38 ----D---- C:\Users\l\AppData\Roaming\Skype
2015-05-12 12:19:54 ----D---- C:\ProgramData\ProductData
2015-05-09 19:56:55 ----D---- C:\Windows\AppPatch
2015-05-09 11:18:36 ----AD---- C:\ProgramData\TEMP
2015-05-09 10:47:24 ----D---- C:\Windows\Logs
2015-05-03 16:36:20 ----D---- C:\Program Files (x86)\HP
2015-05-03 16:19:48 ----RSD---- C:\Windows\Fonts
2015-05-03 15:54:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-05-03 15:54:26 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-03 15:53:03 ----D---- C:\swsetup
2015-05-03 15:15:19 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-05-03 14:16:48 ----D---- C:\Windows\system32\catroot
2015-05-02 21:37:40 ----D---- C:\Windows\twain_32
2015-05-02 21:35:33 ----A---- C:\Windows\system32\RTNUninst64.dll
2015-05-02 21:27:25 ----D---- C:\ProgramData\IObit
2015-05-02 20:01:08 ----D---- C:\Users\l\AppData\Roaming\IObit
2015-05-02 20:01:00 ----D---- C:\Windows\SYSWOW64\drivers
2015-05-02 19:57:45 ----D---- C:\Program Files (x86)\IObit
2015-05-02 19:31:29 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-02 19:31:28 ----D---- C:\Windows\system32\drivers\UMDF
2015-04-28 18:17:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-28 18:11:56 ----D---- C:\Program Files (x86)\Common Files
2015-04-28 18:10:55 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-04-28 06:06:33 ----D---- C:\Windows\AppCompat
2015-04-25 07:48:13 ----D---- C:\Program Files\CCleaner
2015-04-16 18:04:29 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 18:03:55 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 17:57:49 ----D---- C:\Windows\system32\MRT
2015-04-16 17:50:10 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-07 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-07 272248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2015-05-02 31040]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R0 timounter;Seagate DiscWizard Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-04-21 711712]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-07 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-07 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-05-07 442264]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-05-02 26528]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2008-10-01 26624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-07 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-07 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-07 137288]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-03-10 145624]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-04-13 42696]
R2 NPF;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys [2012-05-07 35344]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-21 146432]
R2 tifsfilter;Seagate DiscWizard FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2012-04-21 81952]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2015-05-02 43840]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-09 7767552]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-08 279040]
R3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2015-05-02 158976]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-07-28 10610400]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2015-05-02 2472136]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-02 977624]
R3 rtsuvc;Realtek USB2.0 PC Camera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2015-05-02 2599128]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-05-02 34544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-04-13 310728]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz134;cpuz134; \??\C:\Users\l\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 cpuz137;cpuz137; \??\C:\Users\l\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
S3 Mrvleap;MARVELL EAP Driver; C:\Windows\system32\DRIVERS\mrv64drv.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50a64.sys [2006-11-28 43328]
S3 PCASp50a64;PCASp50a64 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50a64.sys [2006-11-28 41280]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2014-11-10 34848]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2014-11-10 23016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-11-10 23048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-09 203264]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-07 343336]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-03-10 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service;gadgetDataDir=C:\ProgramData\BlueStacks\UserData\Gadget"; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-03-10 794328]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2015-05-02 31040]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-01-27 344864]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2014-12-16 616288]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-12 35328]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-03-10 429784]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-27 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-03-26 2585376]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-28 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-27 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-14 114688]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [2008-02-29 942080]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-08 148080]
S3 NETGEARGenieDaemon;NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2012-03-07 1370400]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-20 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#4 Příspěvek od Márty84 »

:arrow: Logy davejte primo tady, lip se s tim pak pracuje.


:arrow: Odinstalujte vse od IObit. Dela to vic skody nez uzitku :boxed:


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

gruza.pavel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 bře 2008 13:46
Bydliště: Břeclav
Kontaktovat uživatele:

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#5 Příspěvek od gruza.pavel »

# AdwCleaner v4.204 - Log vytvořen 14/05/2015 v 16:22:32
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : l - PCGRUZA
# Spuštěno z : C:\Users\l\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\Trymedia
Složka Smazáno : C:\ProgramData\3898176398267469034
Složka Smazáno : C:\ProgramData\{f3a0567d-15fe-1fe8-f3a0-0567d15f59f4}
Složka Smazáno : C:\Program Files (x86)\PriceMinus
Složka Smazáno : C:\Users\l\AppData\Roaming\Solvusoft
Složka Smazáno : C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\Extensions\lx@U.com
Soubor Smazáno : C:\Windows\Reimage.ini
Soubor Smazáno : C:\Windows\System32\roboot64.exe

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{F64440E9-A226-4F9A-84D5-06F12A9E9DB1}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\Reimage
Klíč Smazáno : HKLM\SOFTWARE\Trymedia Systems
Klíč Smazáno : HKLM\SOFTWARE\dll-files.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Reimage

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0 (x86 cs)


*************************

AdwCleaner[R0].txt - [2749 bytů] - [14/05/2015 16:20:34]
AdwCleaner[S0].txt - [2381 bytů] - [14/05/2015 16:22:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2439 bytů] ##########

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#6 Příspěvek od Márty84 »

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize
  • Kód: Vybrat vše

    autoclean;
    autoclean;
    resethosts;
    emptyclsid;
    IEdefaults;
    FFdefaults;
    CHRdefaults;
    emptyIEcache;
    emptyFFcache;
    emptyCHRcache;
    emptyalltemp;
    emptyflash;
    emptyjava;
    emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

gruza.pavel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 bře 2008 13:46
Bydliště: Břeclav
Kontaktovat uživatele:

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#7 Příspěvek od gruza.pavel »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.1 (05.14.2015:1)
OS: Windows 7 Home Premium x64
Ran by l on p  15.05.2015 at 12:03:44,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster SkipUAC (l)



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\l\AppData\Roaming\mozilla\firefox\profiles\aycdxzpa.default-1429203371522\minidumps [2 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  15.05.2015 at 12:10:30,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by l on p  15.05.2015 at 12:12:13,96.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\l\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15.5.2015 12:16:23 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\NewFolder Software deleted successfully
C:\PROGRA~3\Nokia deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Users\l\AppData\Roaming\.minecraft deleted successfully
C:\Users\l\AppData\Roaming\HpUpdate deleted successfully
C:\Users\l\AppData\Roaming\Nokia Suite deleted successfully
C:\Users\l\AppData\Roaming\WinRAR deleted successfully
C:\Users\DDULKA~1\AppData\Roaming\WinRAR deleted successfully
C:\Users\Katka\AppData\Local\NokiaAccount deleted successfully
C:\Users\l\AppData\Local\CrashDumps deleted successfully
C:\Users\l\AppData\Local\Unity deleted successfully
C:\Users\DDULKA~1\AppData\Local\NokiaAccount deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\DDULKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\bz60woo7.default\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");

Added to C:\Users\DDULKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\bz60woo7.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\o6kse1h0.default\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");

Added to C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\o6kse1h0.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("keyword.url", "https://www.google.com/search/?trackid=sp-006");

Added to C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\DDULKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\bz60woo7.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_15.05.2015_1343_.backup

ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\o6kse1h0.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_15.05.2015_1343_.backup

ProfilePath: C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522

user.js not found
---- Lines extensions.P1Iicih0uZZcpKgA removed from prefs.js ----
user_pref("extensions.P1Iicih0uZZcpKgA.epoch", "1");
user_pref("extensions.P1Iicih0uZZcpKgA.scode", "void(0);");
user_pref("extensions.P1Iicih0uZZcpKgA.url", "http://allstarcoupon.info/sync/?q=C6qUo ... pdUMCMlNhd
---- FireFox user.js and prefs.js backups ----

prefs_15.05.2015_1343_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\NewFolder Software not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\Users\l\.android deleted
C:\Users\DDULKA~1\.android deleted
C:\PROGRA~2\Empire Interactive deleted
C:\Users\Katka\AppData\Roaming\ProductData deleted
C:\Users\l\AppData\Roaming\MumboJumbo.ini deleted
C:\Users\l\AppData\Roaming\ud_soundmanager.ini deleted
C:\Users\l\AppData\Roaming\ProductData deleted
C:\Users\DDULKA~1\AppData\Roaming\ProductData deleted
C:\PROGRA~3\ProductData deleted
C:\Users\l\Downloads\ReimageRepair.exe deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\o6kse1h0.default\extensions\staged deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\DDULKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\bz60woo7.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\o6kse1h0.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07.05.2015 17:18]

==== Firefox Extensions ======================

ProfilePath: C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522
C8B4AB4EC6BC1AD7B68E7EB832927927 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer
2E661988463BCFA1B95D4DAAB9B0B6FA - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll - Shockwave Flash
4A270804DC8AB72DCB4F694D050A3517 - C:\Users\l\AppData\Roaming\IDM\bin\npWidevineMediaOptimizer.dll - Widevine Media Optimizer
725C6AB29E52A2724042D43BFB42D638 - C:\Users\l\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
98137411B9C632095F919E2CE70B288A - C:\Users\l\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update
3CD19649B2C3023D65E67C056457A2BC - C:\Users\l\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19.03.2015 17:34]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Katka\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\l\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\l\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\DDULKA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DDULKA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\DDULKA~1\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Katka\AppData\Local\Mozilla\Firefox\Profiles\o6kse1h0.default\cache2 emptied successfully
C:\Users\l\AppData\Local\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\cache2 emptied successfully
C:\Users\DDULKA~1\AppData\Local\Mozilla\Firefox\Profiles\bz60woo7.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2175 folders=217 450046465 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Katka\AppData\Local\Temp will be emptied at reboot
C:\Users\l\AppData\Local\Temp will be emptied at reboot
C:\Users\DDULKA~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\l\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\1.im.cz" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\fbstatic-a.akamaihd.net" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\go.eu.bbelements.com" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\hlascs.nova.cz" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\img.csfd.cz" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\img.playa-games.com" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\img5.uloz.to" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\krasna.nova.cz" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\novaplus.nova.cz" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\skype.com" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\www.spoluzaci.cz" not found
"C:\Users\Katka\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WMEUYJKP\www.super.cz" not found
"C:\Users\l\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZZA7RPWG\chaturbate.com" not found
"C:\Users\l\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZZA7RPWG\www.performax.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\bbcdn-bbnaut.ibillboard.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\cache.lego.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\cdn.box10.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\cdn.livestream.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\cdn.zopim.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\cdnbakmi.kaltura.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\core.saymedia.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\e1.cdnl3.neulion.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\files.adform.net" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\flash.stream.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\gamedata3.netincome.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\helena.nova.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\hlascs.nova.cz" deleted
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\img.csfd.cz" deleted
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\img.playa-games.com" deleted
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\img5.uloz.to" deleted
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\player.vid4u.org" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\prask.nova.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\raketka.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\tv.nova.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\www.angrybirdsriogame.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\www.giga-hry.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\www.herna.biz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\www.performax.cz" deleted
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\www.plazmaburst2.com" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\www.rychlehry.cz" not found
"C:\Users\DDULKA~1\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PL9HCKXM\www8.agame.com" not found
"C:\Users\Katka\AppData\Local\Temp\avastBCLTMP" deleted

==== EOF on p  15.05.2015 at 14:12:18,52 ======================

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#8 Příspěvek od Márty84 »

:arrow: Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

gruza.pavel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 bře 2008 13:46
Bydliště: Břeclav
Kontaktovat uživatele:

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#9 Příspěvek od gruza.pavel »

Tak MBAM nic nenašel. Provdl jsem test a nic tam nebylo.

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#10 Příspěvek od Márty84 »

:???: Porad Avast neco hlasi?


:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

gruza.pavel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 bře 2008 13:46
Bydliště: Břeclav
Kontaktovat uživatele:

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#11 Příspěvek od gruza.pavel »

Avast nic už nehlásí. Zdá se že pomohl ten adwcleaner.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by l (administrator) on PCGRUZA on 17-05-2015 10:57:38
Running from C:\Users\l\Desktop
Loaded Profiles: l (Available profiles: l & Dádulka & Katka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(forum.viry.cz) C:\Users\l\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1380381005-601281448-3109810809-1000\...\MountPoints2: G - G:\unlock.exe autoplay=true
HKU\S-1-5-21-1380381005-601281448-3109810809-1000\...\MountPoints2: {bada3847-8b74-11e1-a6a8-e02a82797dbd} - H:\unlock.exe autoplay=true
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-07] (Avast Software s.r.o.)
GroupPolicyUsers\S-1-5-21-1380381005-601281448-3109810809-1001\User: Group Policy Restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKU\S-1-5-21-1380381005-601281448-3109810809-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1380381005-601281448-3109810809-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-13] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-13] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522
FF DefaultSearchEngine: Google (avast)
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-14] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-06] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\l\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: @tools.google.com/Google Update;version=3 -> C:\Users\l\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: @tools.google.com/Google Update;version=9 -> C:\Users\l\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\l\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: google.com/WidevineMediaOptimizer -> C:\Users\l\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google-avast.xml [2015-01-25]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-13]
FF Extension: Adblock Plus - C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-03]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-07] (Avast Software s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-05-09] (Microsoft Corporation)
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [1370400 2012-03-07] (NETGEAR)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-12-16] (Copyright 2013 SAMSUNG)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-12] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-07] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-07] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2013-04-13] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145624 2015-03-10] (BlueStack Systems)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-02] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-04-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 Mrvleap; C:\Windows\SysWOW64\DRIVERS\mrv64drv.sys [18944 2007-09-11] (Windows (R) Codename Longhorn DDK provider)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2012-05-07] (CACE Technologies, Inc.)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2599128 2015-05-02] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-05-02] (Synaptics Incorporated)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
S3 cpuz134; \??\C:\Users\l\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz137; \??\C:\Users\l\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 10:57 - 2015-05-17 10:58 - 00013724 _____ () C:\Users\l\Desktop\FRST.txt
2015-05-17 10:57 - 2015-05-17 10:57 - 00000000 ____D () C:\FRST
2015-05-17 10:54 - 2015-05-17 10:54 - 00003305 _____ () C:\Users\l\Desktop\Nový textový dokument.txt
2015-05-17 10:52 - 2015-05-17 10:52 - 00112640 _____ (forum.viry.cz) C:\Users\l\Desktop\FRSTLauncher.exe
2015-05-17 10:50 - 2015-05-17 10:50 - 02107392 _____ (Farbar) C:\Users\l\Downloads\FRST64.exe
2015-05-17 10:47 - 2015-05-17 10:48 - 02107392 _____ (Farbar) C:\Users\l\Desktop\FRST64.exe
2015-05-15 14:18 - 2015-05-15 14:18 - 00017682 _____ () C:\Users\l\Desktop\zoek-results.txt
2015-05-15 14:06 - 2015-05-15 12:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-15 12:15 - 2015-05-15 14:12 - 00017682 _____ () C:\zoek-results.log
2015-05-15 12:12 - 2015-05-15 13:45 - 00000000 ____D () C:\zoek_backup
2015-05-15 12:10 - 2015-05-15 12:10 - 00000828 _____ () C:\Users\l\Desktop\JRT.txt
2015-05-15 12:03 - 2015-05-15 12:03 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PCGRUZA-Windows-7-Home-Premium-(64-bit).dat
2015-05-15 12:03 - 2015-05-15 12:03 - 00000000 ____D () C:\RegBackup
2015-05-15 12:01 - 2015-05-15 12:03 - 01308672 _____ () C:\Users\l\Desktop\zoek.exe
2015-05-15 12:01 - 2015-05-15 12:01 - 02721175 _____ (Thisisu) C:\Users\l\Desktop\JRT.exe
2015-05-14 20:16 - 2015-05-14 20:16 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-14 20:16 - 2015-05-14 20:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-14 20:13 - 2015-05-14 20:13 - 13095136 _____ (Microsoft Corporation) C:\Users\l\Downloads\Silverlight_x64.exe
2015-05-14 16:20 - 2015-05-14 16:22 - 00000000 ____D () C:\AdwCleaner
2015-05-14 16:07 - 2015-05-14 16:07 - 02209792 _____ () C:\Users\l\Desktop\adwcleaner_4.204.exe
2015-05-14 11:32 - 2015-05-14 11:32 - 00000000 ____D () C:\rsit
2015-05-14 11:32 - 2015-05-14 11:32 - 00000000 ____D () C:\Program Files\trend micro
2015-05-14 09:37 - 2015-05-14 09:37 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-14 09:37 - 2015-05-14 09:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-14 08:53 - 2015-05-14 08:53 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 08:52 - 2015-05-14 08:52 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:52 - 2015-05-14 08:52 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:50 - 2015-05-14 08:50 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 08:50 - 2015-05-14 08:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 08:50 - 2015-05-14 08:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 08:50 - 2015-05-14 08:50 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-14 08:48 - 2015-05-14 08:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 08:48 - 2015-05-14 08:48 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 08:48 - 2015-05-14 08:48 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 08:48 - 2015-05-14 08:48 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 08:48 - 2015-05-14 08:48 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 08:48 - 2015-05-14 08:48 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-14 08:43 - 2015-05-14 08:43 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 08:43 - 2015-05-14 08:43 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 08:43 - 2015-05-14 08:43 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 08:43 - 2015-05-14 08:43 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 08:41 - 2015-05-14 08:41 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 08:41 - 2015-05-14 08:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-14 08:41 - 2015-05-14 08:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 17:46 - 2015-05-13 17:46 - 00106496 _____ () C:\Users\l\Desktop\bookmarks.html
2015-05-13 11:08 - 2015-05-13 11:47 - 00000000 ____D () C:\Program Files (x86)\Kingo ROOT
2015-05-13 11:08 - 2015-05-13 11:08 - 00000000 ____D () C:\Users\l\AppData\Local\Kingosoft
2015-05-09 14:06 - 2015-05-09 14:06 - 00000000 ____D () C:\Users\l\Desktop\The Backewards
2015-05-09 10:52 - 2015-05-09 10:52 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-09 10:52 - 2015-05-09 10:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-09 10:52 - 2015-05-09 10:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-09 10:52 - 2015-05-09 10:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-09 10:52 - 2015-05-09 10:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-09 10:52 - 2015-05-09 10:52 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-07 17:18 - 2015-05-07 17:18 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-07 17:18 - 2015-05-07 17:18 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-03 15:57 - 2015-05-03 16:22 - 00000000 ____D () C:\Windows\System32\Tasks\TweakBit
2015-05-03 15:57 - 2015-05-03 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2015-05-03 15:57 - 2015-05-03 16:20 - 00000000 ____D () C:\ProgramData\TweakBit
2015-05-03 15:54 - 2015-05-03 15:54 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-05-03 15:09 - 2012-03-04 08:26 - 01664080 _____ (Validity Sensors, Inc.) C:\Windows\system32\wbf_vfs301.dll
2015-05-03 09:24 - 2015-05-03 09:26 - 00000000 ____D () C:\Users\l\Desktop\Návody obsluhy
2015-05-03 09:20 - 2015-05-03 09:20 - 00000000 ____D () C:\Users\l\Desktop\Koření
2015-05-02 21:58 - 2015-05-02 21:58 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2015-05-02 21:57 - 2015-05-02 21:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2015-05-02 21:56 - 2015-05-02 21:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-05-02 21:54 - 2015-05-02 21:54 - 00043840 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\Accelerometer.sys
2015-05-02 21:54 - 2015-05-02 21:54 - 00031040 _____ (Hewlett-Packard Company) C:\Windows\system32\hpservice.exe
2015-05-02 21:54 - 2015-05-02 21:54 - 00021312 _____ (Hewlett-Packard Company) C:\Windows\system32\accelerometerdll.DLL
2015-05-02 21:54 - 2015-05-02 21:54 - 00018240 _____ (Hewlett-Packard Company) C:\Windows\system32\HPMDPCoInst12.dll
2015-05-02 21:41 - 2015-05-02 21:41 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-02 21:41 - 2015-05-02 21:41 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-02 21:41 - 2015-05-02 21:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-05-02 21:38 - 2015-05-02 21:38 - 02472136 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2015-05-02 21:38 - 2015-05-02 21:38 - 00332080 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2015-05-02 21:38 - 2015-05-02 21:38 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2015-05-02 21:37 - 2015-05-02 21:37 - 02628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2015-05-02 21:37 - 2015-05-02 21:37 - 02599128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2015-05-02 21:37 - 2015-05-02 21:37 - 01971928 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsDecode.dll
2015-05-02 21:37 - 2015-05-02 21:37 - 00507096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
2015-05-02 21:37 - 2015-05-02 21:37 - 00448728 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
2015-05-02 21:37 - 2015-05-02 21:37 - 00168152 _____ (Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
2015-05-02 21:35 - 2015-05-02 21:35 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-05-02 21:35 - 2015-05-02 21:35 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-05-02 20:01 - 2015-05-02 20:01 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-05-02 19:59 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-05-02 19:59 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-02 15:17 - 2015-05-02 15:17 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-02 15:17 - 2015-05-02 15:17 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-02 15:00 - 2015-05-02 15:00 - 48041760 _____ (IObit) C:\Users\l\Downloads\advanced-systemcare-setup.exe
2015-04-30 17:44 - 2015-04-30 17:44 - 00000000 ____D () C:\Users\l\Desktop\Nano
2015-04-28 18:13 - 2015-04-28 18:13 - 00320424 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-04-28 18:13 - 2015-04-28 18:13 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-04-28 18:13 - 2015-04-28 18:13 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-04-28 18:13 - 2015-04-28 18:13 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-28 18:13 - 2015-04-28 18:13 - 00000000 ____D () C:\Program Files\Java
2015-04-24 17:41 - 2015-04-24 17:41 - 07012392 _____ () C:\Users\l\Downloads\WP_20150327_091430Z(1).mp4
2015-04-17 17:10 - 2015-04-17 17:10 - 00000000 ____H () C:\Users\l\Documents\Default.rdp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 10:40 - 2009-07-14 06:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-17 10:40 - 2009-07-14 06:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-17 10:32 - 2013-12-03 19:49 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-17 10:31 - 2012-10-27 14:09 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-17 10:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-16 19:29 - 2011-04-12 10:34 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2015-05-16 19:29 - 2011-04-12 10:34 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2015-05-16 19:29 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-16 19:28 - 2012-10-27 14:09 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 19:24 - 2014-09-08 21:59 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job
2015-05-16 19:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-16 18:37 - 2015-01-23 22:24 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-16 18:37 - 2013-08-27 18:10 - 00000912 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job
2015-05-16 18:37 - 2013-08-27 18:10 - 00000890 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job
2015-05-16 15:51 - 2012-04-22 15:17 - 00000008 __RSH () C:\Users\Katka\ntuser.pol
2015-05-16 15:51 - 2012-04-22 11:30 - 00000000 ____D () C:\Users\Katka
2015-05-16 12:10 - 2014-09-08 21:59 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job
2015-05-16 09:16 - 2015-01-23 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-16 09:16 - 2015-01-23 22:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-15 14:10 - 2012-04-22 15:17 - 00000008 __RSH () C:\Users\l\ntuser.pol
2015-05-15 14:10 - 2012-02-29 15:54 - 00000000 ____D () C:\Users\l
2015-05-15 13:45 - 2012-04-22 11:16 - 00000000 ____D () C:\Users\Dádulka
2015-05-15 13:45 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-15 12:23 - 2012-10-27 14:09 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 12:23 - 2012-10-27 14:09 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 11:59 - 2012-04-21 13:14 - 00000000 ____D () C:\Users\l\AppData\Local\Adobe
2015-05-15 00:20 - 2014-05-27 05:59 - 00000000 ____D () C:\Users\l\Desktop\X
2015-05-14 23:17 - 2013-03-25 20:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 23:17 - 2013-03-25 20:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 20:18 - 2012-04-22 11:38 - 00000000 ___RD () C:\Users\l\Desktop\Programy
2015-05-14 20:18 - 2012-04-20 17:44 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-14 20:18 - 2012-04-20 17:44 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-14 20:17 - 2014-12-24 08:39 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-14 20:16 - 2012-04-21 13:14 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-14 20:14 - 2013-03-25 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 16:01 - 2015-03-23 07:06 - 00002894 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_l
2015-05-14 15:55 - 2015-03-23 07:05 - 00000000 ____D () C:\ProgramData\IObit
2015-05-14 11:36 - 2012-12-29 12:24 - 00000000 ____D () C:\Users\l\Desktop\vytvoření Logu z HJT
2015-05-14 11:19 - 2012-05-10 06:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-14 09:25 - 2009-07-14 06:45 - 00347304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 08:41 - 2011-04-12 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 08:38 - 2014-10-12 13:36 - 00000000 ___RD () C:\Users\Public\Veřejné programy
2015-05-13 16:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2015-05-13 13:04 - 2014-12-25 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-05-13 13:03 - 2014-08-20 06:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-13 12:59 - 2014-10-28 20:24 - 00000000 ____D () C:\Windows\pss
2015-05-13 12:57 - 2015-03-25 19:02 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-13 12:17 - 2014-06-22 21:38 - 00000000 ____D () C:\Users\l\Desktop\Moorhuhn 2
2015-05-12 16:25 - 2012-04-28 14:14 - 00000000 ____D () C:\Users\l\Documents\Microsoft Office
2015-05-12 12:50 - 2012-04-21 16:23 - 00000000 ____D () C:\Users\l\AppData\Roaming\Skype
2015-05-11 14:19 - 2015-02-19 17:22 - 00009379 _____ () C:\Users\l\Desktop\Spotřeba voda Grůza.xlsx
2015-05-09 21:46 - 2009-07-14 07:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-09 11:18 - 2012-04-28 16:56 - 00000000 ____D () C:\ProgramData\TEMP
2015-05-07 17:18 - 2014-04-21 18:20 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-07 17:18 - 2013-12-25 17:54 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-07 17:18 - 2013-12-03 19:49 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-07 17:18 - 2013-12-03 19:49 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-07 17:18 - 2013-12-03 19:48 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-07 17:18 - 2013-12-03 19:48 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-07 17:18 - 2013-12-03 19:48 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-07 17:18 - 2013-12-03 19:48 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-05 12:17 - 2013-12-24 12:45 - 00000574 _____ () C:\Users\Dádulka\Desktop\Typy filmi.txt
2015-05-03 16:36 - 2014-12-25 13:46 - 00000000 ____D () C:\Program Files (x86)\HP
2015-05-03 16:27 - 2012-02-29 16:11 - 00086016 _____ () C:\Users\l\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-03 15:54 - 2013-03-10 11:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-03 15:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-03 15:53 - 2012-02-29 15:59 - 00000000 ____D () C:\swsetup
2015-05-03 15:15 - 2014-01-15 21:07 - 01560276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-02 21:54 - 2011-05-13 18:58 - 00031040 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\hpdskflt.sys
2015-05-02 21:41 - 2013-03-21 19:15 - 00005372 _____ () C:\Windows\system32\RaCoInst.log
2015-05-02 21:35 - 2011-06-10 06:34 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-05-02 20:01 - 2015-03-23 07:05 - 00000000 ____D () C:\Users\l\AppData\Roaming\IObit
2015-05-02 19:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-29 20:06 - 2012-04-22 11:47 - 00000000 ____D () C:\Users\Dádulka\AppData\Roaming\Skype
2015-04-28 18:10 - 2014-08-20 06:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-28 06:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-25 07:48 - 2012-04-21 16:37 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-19 08:10 - 2014-07-10 18:56 - 00000000 ____D () C:\Users\l\Desktop\Lodžie
2015-04-17 15:42 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2012-05-07 21:41 - 2015-01-28 13:46 - 0015872 _____ () C:\Users\l\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-16 17:52 - 2014-09-16 17:52 - 0004096 ____H () C:\Users\l\AppData\Local\keyfile3.drm
2013-02-18 18:09 - 2013-04-20 14:06 - 0007598 _____ () C:\Users\l\AppData\Local\Resmon.ResmonCfg
2012-06-20 18:13 - 2013-01-14 19:28 - 0006059 _____ () C:\Users\l\AppData\Local\SRDownloader.err
2012-06-10 08:59 - 2013-03-05 20:00 - 0001368 _____ () C:\Users\l\AppData\Local\SRDownloader.nast
2012-12-18 18:18 - 2012-12-18 18:33 - 0000043 ___SH () C:\ProgramData\.zreglib
2014-12-25 13:45 - 2014-12-25 13:45 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:26B03563B86C66B1
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\l\Desktop" je 14066 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NETGEARGenie
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtsCM
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung Link
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^l^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Root_with_Restore_by_Bin4ry_v36.zip.lnk
C:\PROGRA~3\{F3A05~1\ROOT_W~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^l^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat v�strahy inkoustu - HP Deskjet 1510 series.lnk
C:\Windows\system32\RunDll32.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by l (administrator) on PCGRUZA on 17-05-2015 11:05:17
Running from C:\Users\l\Desktop
Loaded Profiles: l (Available profiles: l & Dádulka & Katka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(forum.viry.cz) C:\Users\l\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1380381005-601281448-3109810809-1000\...\MountPoints2: G - G:\unlock.exe autoplay=true
HKU\S-1-5-21-1380381005-601281448-3109810809-1000\...\MountPoints2: {bada3847-8b74-11e1-a6a8-e02a82797dbd} - H:\unlock.exe autoplay=true
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-07] (Avast Software s.r.o.)
GroupPolicyUsers\S-1-5-21-1380381005-601281448-3109810809-1001\User: Group Policy Restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKU\S-1-5-21-1380381005-601281448-3109810809-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1380381005-601281448-3109810809-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-13] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-13] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522
FF DefaultSearchEngine: Google (avast)
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-14] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-06] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\l\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: @tools.google.com/Google Update;version=3 -> C:\Users\l\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: @tools.google.com/Google Update;version=9 -> C:\Users\l\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\l\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1380381005-601281448-3109810809-1000: google.com/WidevineMediaOptimizer -> C:\Users\l\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google-avast.xml [2015-01-25]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-13]
FF Extension: Adblock Plus - C:\Users\l\AppData\Roaming\Mozilla\Firefox\Profiles\aycdxzpa.default-1429203371522\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-03]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-07] (Avast Software s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-05-09] (Microsoft Corporation)
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [1370400 2012-03-07] (NETGEAR)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-12-16] (Copyright 2013 SAMSUNG)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-12] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

gruza.pavel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 bře 2008 13:46
Bydliště: Břeclav
Kontaktovat uživatele:

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#12 Příspěvek od gruza.pavel »

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-07] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-07] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2013-04-13] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145624 2015-03-10] (BlueStack Systems)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-02] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-04-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 Mrvleap; C:\Windows\SysWOW64\DRIVERS\mrv64drv.sys [18944 2007-09-11] (Windows (R) Codename Longhorn DDK provider)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2012-05-07] (CACE Technologies, Inc.)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2599128 2015-05-02] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-05-02] (Synaptics Incorporated)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
S3 cpuz134; \??\C:\Users\l\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz137; \??\C:\Users\l\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 11:05 - 2015-05-17 11:05 - 00013778 _____ () C:\Users\l\Desktop\FRST.txt
2015-05-17 10:59 - 2015-05-17 10:59 - 00062546 _____ () C:\Users\l\Desktop\FRST3.txt
2015-05-17 10:57 - 2015-05-17 11:05 - 00000000 ____D () C:\FRST
2015-05-17 10:54 - 2015-05-17 10:54 - 00003305 _____ () C:\Users\l\Desktop\Nový textový dokument.txt
2015-05-17 10:52 - 2015-05-17 10:52 - 00112640 _____ (forum.viry.cz) C:\Users\l\Desktop\FRSTLauncher.exe
2015-05-17 10:50 - 2015-05-17 10:50 - 02107392 _____ (Farbar) C:\Users\l\Downloads\FRST64.exe
2015-05-17 10:47 - 2015-05-17 10:48 - 02107392 _____ (Farbar) C:\Users\l\Desktop\FRST64.exe
2015-05-15 14:18 - 2015-05-15 14:18 - 00017682 _____ () C:\Users\l\Desktop\zoek-results.txt
2015-05-15 14:06 - 2015-05-15 12:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-15 12:15 - 2015-05-15 14:12 - 00017682 _____ () C:\zoek-results.log
2015-05-15 12:12 - 2015-05-15 13:45 - 00000000 ____D () C:\zoek_backup
2015-05-15 12:10 - 2015-05-15 12:10 - 00000828 _____ () C:\Users\l\Desktop\JRT.txt
2015-05-15 12:03 - 2015-05-15 12:03 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PCGRUZA-Windows-7-Home-Premium-(64-bit).dat
2015-05-15 12:03 - 2015-05-15 12:03 - 00000000 ____D () C:\RegBackup
2015-05-15 12:01 - 2015-05-15 12:03 - 01308672 _____ () C:\Users\l\Desktop\zoek.exe
2015-05-15 12:01 - 2015-05-15 12:01 - 02721175 _____ (Thisisu) C:\Users\l\Desktop\JRT.exe
2015-05-14 20:16 - 2015-05-14 20:16 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-14 20:16 - 2015-05-14 20:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-14 20:13 - 2015-05-14 20:13 - 13095136 _____ (Microsoft Corporation) C:\Users\l\Downloads\Silverlight_x64.exe
2015-05-14 16:20 - 2015-05-14 16:22 - 00000000 ____D () C:\AdwCleaner
2015-05-14 16:07 - 2015-05-14 16:07 - 02209792 _____ () C:\Users\l\Desktop\adwcleaner_4.204.exe
2015-05-14 11:32 - 2015-05-14 11:32 - 00000000 ____D () C:\rsit
2015-05-14 11:32 - 2015-05-14 11:32 - 00000000 ____D () C:\Program Files\trend micro
2015-05-14 09:37 - 2015-05-14 09:37 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-14 09:37 - 2015-05-14 09:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-14 08:53 - 2015-05-14 08:53 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 08:52 - 2015-05-14 08:52 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:52 - 2015-05-14 08:52 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:50 - 2015-05-14 08:50 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 08:50 - 2015-05-14 08:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 08:50 - 2015-05-14 08:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 08:50 - 2015-05-14 08:50 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-14 08:48 - 2015-05-14 08:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 08:48 - 2015-05-14 08:48 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 08:48 - 2015-05-14 08:48 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 08:48 - 2015-05-14 08:48 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 08:48 - 2015-05-14 08:48 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 08:48 - 2015-05-14 08:48 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-14 08:48 - 2015-05-14 08:48 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-14 08:48 - 2015-05-14 08:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-14 08:43 - 2015-05-14 08:43 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 08:43 - 2015-05-14 08:43 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 08:43 - 2015-05-14 08:43 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 08:43 - 2015-05-14 08:43 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 08:41 - 2015-05-14 08:41 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 08:41 - 2015-05-14 08:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-14 08:41 - 2015-05-14 08:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 17:46 - 2015-05-13 17:46 - 00106496 _____ () C:\Users\l\Desktop\bookmarks.html
2015-05-13 11:08 - 2015-05-13 11:47 - 00000000 ____D () C:\Program Files (x86)\Kingo ROOT
2015-05-13 11:08 - 2015-05-13 11:08 - 00000000 ____D () C:\Users\l\AppData\Local\Kingosoft
2015-05-09 14:06 - 2015-05-09 14:06 - 00000000 ____D () C:\Users\l\Desktop\The Backewards
2015-05-09 10:52 - 2015-05-09 10:52 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-09 10:52 - 2015-05-09 10:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-09 10:52 - 2015-05-09 10:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-09 10:52 - 2015-05-09 10:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-09 10:52 - 2015-05-09 10:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-09 10:52 - 2015-05-09 10:52 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-09 10:52 - 2015-05-09 10:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-09 10:51 - 2015-05-09 10:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 10:51 - 2015-05-09 10:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-07 17:18 - 2015-05-07 17:18 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-07 17:18 - 2015-05-07 17:18 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-03 15:57 - 2015-05-03 16:22 - 00000000 ____D () C:\Windows\System32\Tasks\TweakBit
2015-05-03 15:57 - 2015-05-03 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2015-05-03 15:57 - 2015-05-03 16:20 - 00000000 ____D () C:\ProgramData\TweakBit
2015-05-03 15:54 - 2015-05-03 15:54 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-05-03 15:09 - 2012-03-04 08:26 - 01664080 _____ (Validity Sensors, Inc.) C:\Windows\system32\wbf_vfs301.dll
2015-05-03 09:24 - 2015-05-03 09:26 - 00000000 ____D () C:\Users\l\Desktop\Návody obsluhy
2015-05-03 09:20 - 2015-05-03 09:20 - 00000000 ____D () C:\Users\l\Desktop\Koření
2015-05-02 21:58 - 2015-05-02 21:58 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2015-05-02 21:57 - 2015-05-02 21:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2015-05-02 21:56 - 2015-05-02 21:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-05-02 21:54 - 2015-05-02 21:54 - 00043840 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\Accelerometer.sys
2015-05-02 21:54 - 2015-05-02 21:54 - 00031040 _____ (Hewlett-Packard Company) C:\Windows\system32\hpservice.exe
2015-05-02 21:54 - 2015-05-02 21:54 - 00021312 _____ (Hewlett-Packard Company) C:\Windows\system32\accelerometerdll.DLL
2015-05-02 21:54 - 2015-05-02 21:54 - 00018240 _____ (Hewlett-Packard Company) C:\Windows\system32\HPMDPCoInst12.dll
2015-05-02 21:41 - 2015-05-02 21:41 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-02 21:41 - 2015-05-02 21:41 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-02 21:41 - 2015-05-02 21:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-05-02 21:38 - 2015-05-02 21:38 - 02472136 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2015-05-02 21:38 - 2015-05-02 21:38 - 00332080 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2015-05-02 21:38 - 2015-05-02 21:38 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2015-05-02 21:37 - 2015-05-02 21:37 - 02628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2015-05-02 21:37 - 2015-05-02 21:37 - 02599128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2015-05-02 21:37 - 2015-05-02 21:37 - 01971928 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsDecode.dll
2015-05-02 21:37 - 2015-05-02 21:37 - 00507096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
2015-05-02 21:37 - 2015-05-02 21:37 - 00448728 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
2015-05-02 21:37 - 2015-05-02 21:37 - 00168152 _____ (Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
2015-05-02 21:35 - 2015-05-02 21:35 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-05-02 21:35 - 2015-05-02 21:35 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-05-02 20:01 - 2015-05-02 20:01 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-05-02 19:59 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-05-02 19:59 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-02 15:18 - 2015-05-02 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-02 15:18 - 2015-05-02 15:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-02 15:17 - 2015-05-02 15:17 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-02 15:17 - 2015-05-02 15:17 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-02 15:00 - 2015-05-02 15:00 - 48041760 _____ (IObit) C:\Users\l\Downloads\advanced-systemcare-setup.exe
2015-04-30 17:44 - 2015-04-30 17:44 - 00000000 ____D () C:\Users\l\Desktop\Nano
2015-04-28 18:13 - 2015-04-28 18:13 - 00320424 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-04-28 18:13 - 2015-04-28 18:13 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-04-28 18:13 - 2015-04-28 18:13 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-04-28 18:13 - 2015-04-28 18:13 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-28 18:13 - 2015-04-28 18:13 - 00000000 ____D () C:\Program Files\Java
2015-04-24 17:41 - 2015-04-24 17:41 - 07012392 _____ () C:\Users\l\Downloads\WP_20150327_091430Z(1).mp4
2015-04-17 17:10 - 2015-04-17 17:10 - 00000000 ____H () C:\Users\l\Documents\Default.rdp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 10:40 - 2009-07-14 06:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-17 10:40 - 2009-07-14 06:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-17 10:32 - 2013-12-03 19:49 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-17 10:31 - 2012-10-27 14:09 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-17 10:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-16 19:29 - 2011-04-12 10:34 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2015-05-16 19:29 - 2011-04-12 10:34 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2015-05-16 19:29 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-16 19:28 - 2012-10-27 14:09 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 19:24 - 2014-09-08 21:59 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job
2015-05-16 19:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-16 18:37 - 2015-01-23 22:24 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-16 18:37 - 2013-08-27 18:10 - 00000912 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job
2015-05-16 18:37 - 2013-08-27 18:10 - 00000890 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job
2015-05-16 15:51 - 2012-04-22 15:17 - 00000008 __RSH () C:\Users\Katka\ntuser.pol
2015-05-16 15:51 - 2012-04-22 11:30 - 00000000 ____D () C:\Users\Katka
2015-05-16 12:10 - 2014-09-08 21:59 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job
2015-05-16 09:16 - 2015-01-23 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-16 09:16 - 2015-01-23 22:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-15 14:10 - 2012-04-22 15:17 - 00000008 __RSH () C:\Users\l\ntuser.pol
2015-05-15 14:10 - 2012-02-29 15:54 - 00000000 ____D () C:\Users\l
2015-05-15 13:45 - 2012-04-22 11:16 - 00000000 ____D () C:\Users\Dádulka
2015-05-15 13:45 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-15 12:23 - 2012-10-27 14:09 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 12:23 - 2012-10-27 14:09 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 11:59 - 2012-04-21 13:14 - 00000000 ____D () C:\Users\l\AppData\Local\Adobe
2015-05-15 00:20 - 2014-05-27 05:59 - 00000000 ____D () C:\Users\l\Desktop\X
2015-05-14 23:17 - 2013-03-25 20:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 23:17 - 2013-03-25 20:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 20:18 - 2012-04-22 11:38 - 00000000 ___RD () C:\Users\l\Desktop\Programy
2015-05-14 20:18 - 2012-04-20 17:44 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-14 20:18 - 2012-04-20 17:44 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-14 20:17 - 2014-12-24 08:39 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-14 20:16 - 2012-04-21 13:14 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-14 20:14 - 2013-03-25 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 16:01 - 2015-03-23 07:06 - 00002894 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_l
2015-05-14 15:55 - 2015-03-23 07:05 - 00000000 ____D () C:\ProgramData\IObit
2015-05-14 11:36 - 2012-12-29 12:24 - 00000000 ____D () C:\Users\l\Desktop\vytvoření Logu z HJT
2015-05-14 11:19 - 2012-05-10 06:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-14 09:25 - 2009-07-14 06:45 - 00347304 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 08:41 - 2011-04-12 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 08:38 - 2014-10-12 13:36 - 00000000 ___RD () C:\Users\Public\Veřejné programy
2015-05-13 16:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2015-05-13 13:04 - 2014-12-25 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-05-13 13:03 - 2014-08-20 06:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-13 12:59 - 2014-10-28 20:24 - 00000000 ____D () C:\Windows\pss
2015-05-13 12:57 - 2015-03-25 19:02 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-13 12:17 - 2014-06-22 21:38 - 00000000 ____D () C:\Users\l\Desktop\Moorhuhn 2
2015-05-12 16:25 - 2012-04-28 14:14 - 00000000 ____D () C:\Users\l\Documents\Microsoft Office
2015-05-12 12:50 - 2012-04-21 16:23 - 00000000 ____D () C:\Users\l\AppData\Roaming\Skype
2015-05-11 14:19 - 2015-02-19 17:22 - 00009379 _____ () C:\Users\l\Desktop\Spotřeba voda Grůza.xlsx
2015-05-09 21:46 - 2009-07-14 07:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-09 11:18 - 2012-04-28 16:56 - 00000000 ____D () C:\ProgramData\TEMP
2015-05-07 17:18 - 2014-04-21 18:20 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-07 17:18 - 2013-12-25 17:54 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-07 17:18 - 2013-12-03 19:49 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-07 17:18 - 2013-12-03 19:49 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-07 17:18 - 2013-12-03 19:48 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-07 17:18 - 2013-12-03 19:48 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-07 17:18 - 2013-12-03 19:48 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-07 17:18 - 2013-12-03 19:48 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-05 12:17 - 2013-12-24 12:45 - 00000574 _____ () C:\Users\Dádulka\Desktop\Typy filmi.txt
2015-05-03 16:36 - 2014-12-25 13:46 - 00000000 ____D () C:\Program Files (x86)\HP
2015-05-03 16:27 - 2012-02-29 16:11 - 00086016 _____ () C:\Users\l\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-03 15:54 - 2013-03-10 11:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-03 15:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-03 15:53 - 2012-02-29 15:59 - 00000000 ____D () C:\swsetup
2015-05-03 15:15 - 2014-01-15 21:07 - 01560276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-02 21:54 - 2011-05-13 18:58 - 00031040 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\hpdskflt.sys
2015-05-02 21:41 - 2013-03-21 19:15 - 00005372 _____ () C:\Windows\system32\RaCoInst.log
2015-05-02 21:35 - 2011-06-10 06:34 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-05-02 20:01 - 2015-03-23 07:05 - 00000000 ____D () C:\Users\l\AppData\Roaming\IObit
2015-05-02 19:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-29 20:06 - 2012-04-22 11:47 - 00000000 ____D () C:\Users\Dádulka\AppData\Roaming\Skype
2015-04-28 18:10 - 2014-08-20 06:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-28 06:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-25 07:48 - 2012-04-21 16:37 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-19 08:10 - 2014-07-10 18:56 - 00000000 ____D () C:\Users\l\Desktop\Lodžie
2015-04-17 15:42 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2012-05-07 21:41 - 2015-01-28 13:46 - 0015872 _____ () C:\Users\l\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-16 17:52 - 2014-09-16 17:52 - 0004096 ____H () C:\Users\l\AppData\Local\keyfile3.drm
2013-02-18 18:09 - 2013-04-20 14:06 - 0007598 _____ () C:\Users\l\AppData\Local\Resmon.ResmonCfg
2012-06-20 18:13 - 2013-01-14 19:28 - 0006059 _____ () C:\Users\l\AppData\Local\SRDownloader.err
2012-06-10 08:59 - 2013-03-05 20:00 - 0001368 _____ () C:\Users\l\AppData\Local\SRDownloader.nast
2012-12-18 18:18 - 2012-12-18 18:33 - 0000043 ___SH () C:\ProgramData\.zreglib
2014-12-25 13:45 - 2014-12-25 13:45 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-23 19:25




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:471.54 GB) (Free:88.8 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:459.87 GB) (Free:279.49 GB) NTFS

Available physical RAM: 6208.84 MB
Total physical RAM: 7989.86 MB
Percentage of memory in use: 22%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB8924FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=471.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=459.9 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:26B03563B86C66B1
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\l\Desktop" je 14066 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NETGEARGenie
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtsCM
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung Link
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^l^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Root_with_Restore_by_Bin4ry_v36.zip.lnk
C:\PROGRA~3\{F3A05~1\ROOT_W~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^l^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat v�strahy inkoustu - HP Deskjet 1510 series.lnk
C:\Windows\system32\RunDll32.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(10.39 KiB) Staženo 97 x

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#13 Příspěvek od Márty84 »

gruza.pavel píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\l\Desktop" je 14066 MB.
:arrow: Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :D



:arrow: Podle logu je problem v Chromu. Chtelo by to ho odinstalovat, pripadne, pokud uz v pc neni, smaznout i jeho zbytky, ktere zustaly.


:arrow: Vypnete trvale Windows Defender


:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

GroupPolicyUsers\S-1-5-21-1380381005-601281448-3109810809-1001\User: Group Policy Restriction detected <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

CHR dev: Chrome dev build detected! <======= ATTENTION

S3 cpuz134; \??\C:\Users\l\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz137; \??\C:\Users\l\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

2015-05-15 14:18 - 2015-05-15 14:18 - 00017682 _____ () C:\Users\l\Desktop\zoek-results.txt
2015-05-15 14:06 - 2015-05-15 12:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-15 12:15 - 2015-05-15 14:12 - 00017682 _____ () C:\zoek-results.log
2015-05-15 12:12 - 2015-05-15 13:45 - 00000000 ____D () C:\zoek_backup
2015-05-15 12:10 - 2015-05-15 12:10 - 00000828 _____ () C:\Users\l\Desktop\JRT.txt
2015-05-17 10:52 - 2015-05-17 10:52 - 00112640 _____ (forum.viry.cz) C:\Users\l\Desktop\FRSTLauncher.exe
2015-05-15 12:01 - 2015-05-15 12:03 - 01308672 _____ () C:\Users\l\Desktop\zoek.exe
2015-05-15 12:01 - 2015-05-15 12:01 - 02721175 _____ (Thisisu) C:\Users\l\Desktop\JRT.exe
2015-05-02 15:00 - 2015-05-02 15:00 - 48041760 _____ (IObit) C:\Users\l\Downloads\advanced-systemcare-setup.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {987B94C1-B73D-4C96-8819-244323EE1759} - \Driver Booster SkipUAC (l) No Task File <==== ATTENTION

AlternateDataStreams: C:\Windows:26B03563B86C66B1
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-27 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-03-26 2585376]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-28 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-27 116648]

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

gruza.pavel
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 bře 2008 13:46
Bydliště: Břeclav
Kontaktovat uživatele:

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#14 Příspěvek od gruza.pavel »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by l at 2015-05-17 13:08:05 Run:1
Running from C:\Users\l\Desktop
Loaded Profiles: l (Available profiles: l & Dádulka & Katka)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

GroupPolicyUsers\S-1-5-21-1380381005-601281448-3109810809-1001\User: Group Policy Restriction detected <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

CHR dev: Chrome dev build detected! <======= ATTENTION

S3 cpuz134; \??\C:\Users\l\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz137; \??\C:\Users\l\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

2015-05-15 14:18 - 2015-05-15 14:18 - 00017682 _____ () C:\Users\l\Desktop\zoek-results.txt
2015-05-15 14:06 - 2015-05-15 12:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-15 12:15 - 2015-05-15 14:12 - 00017682 _____ () C:\zoek-results.log
2015-05-15 12:12 - 2015-05-15 13:45 - 00000000 ____D () C:\zoek_backup
2015-05-15 12:10 - 2015-05-15 12:10 - 00000828 _____ () C:\Users\l\Desktop\JRT.txt
2015-05-17 10:52 - 2015-05-17 10:52 - 00112640 _____ (forum.viry.cz) C:\Users\l\Desktop\FRSTLauncher.exe
2015-05-15 12:01 - 2015-05-15 12:03 - 01308672 _____ () C:\Users\l\Desktop\zoek.exe
2015-05-15 12:01 - 2015-05-15 12:01 - 02721175 _____ (Thisisu) C:\Users\l\Desktop\JRT.exe
2015-05-02 15:00 - 2015-05-02 15:00 - 48041760 _____ (IObit) C:\Users\l\Downloads\advanced-systemcare-setup.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => C:\Users\l\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => C:\Users\l\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {987B94C1-B73D-4C96-8819-244323EE1759} - \Driver Booster SkipUAC (l) No Task File <==== ATTENTION

AlternateDataStreams: C:\Windows:26B03563B86C66B1
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-27 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-03-26 2585376]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-28 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-27 116648]

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1380381005-601281448-3109810809-1001\User => Moved successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
cpuz134 => Service deleted successfully.
cpuz137 => Service deleted successfully.
WinRing0_1_2_0 => Service deleted successfully.
C:\Users\l\Desktop\zoek-results.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\l\Desktop\JRT.txt => Moved successfully.
C:\Users\l\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\l\Desktop\zoek.exe => Moved successfully.
C:\Users\l\Desktop\JRT.exe => Moved successfully.
C:\Users\l\Downloads\advanced-systemcare-setup.exe => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1380381005-601281448-3109810809-1000UA.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{987B94C1-B73D-4C96-8819-244323EE1759}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{987B94C1-B73D-4C96-8819-244323EE1759}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (l)" => Key deleted successfully.
C:\Windows => ":26B03563B86C66B1" ADS removed successfully.
C:\ProgramData\TEMP => ":FB1B13D8" ADS removed successfully.
AdobeARMservice => Service deleted successfully.
AdvancedSystemCareService8 => Service not found.
gupdate => Service deleted successfully.
LiveUpdateSvc => Service not found.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service not found.
gupdatem => Service deleted successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 56.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 13:08:50 ====

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Po spuštění Firefoxu Avast hlásí blokování stránek

#15 Příspěvek od Márty84 »

:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.




21.6. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Zamčeno