Logfile of random's system information tool 1.10 (written by random/random)
Run by Paja at 2015-02-07 03:22:49
Microsoft Windows 8.1
System drive C: has 775 GB (83%) free of 935 GB
Total RAM: 3976 MB (69% free)
HijackThis download failed
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
"C:\Program Files\Elantech\ETDService.exe"
dashost.exe {b6c28d8d-346a-4141-94bb85ee16df26b0}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1f93c9dc-cf9e-44b4-a405-149179d2121e -SystemEventPortName:HostProcess-6116ec44-e136-43ce-b096-0ecd02a280d3 -IoCancelEventPortName:HostProcess-17e5b4cb-d9bf-4be8-b5fa-b5f28f0201ac -NonStateChangingEventPortName:HostProcess-85605b84-2406-4e2a-898a-f4390814e37b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:792cee08-1d87-4d04-99e0-43506929e709 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe"
"C:\Program Files (x86)\ClamWin\bin\ClamTray.exe" --logon
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" "C:\Users\Paja\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" S-1-5-21-1520336514-3769034717-236116784-1001 360 466 "C:\ProgramData\acer\CCD"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey AEFFF57D-EC0B-AF28-E9BC-916CC4C4C508 -Reinvoke
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Windows\system32\msiexec.exe" /i "C:\Windows\TEMP\f310fb98-ae32-468d-b83a-3fd57762eb4d\clear.fi_media.msi" REINSTALL=ALL REINSTALLMODE=rvemus SHORTCUTDESKTOP=1 ALLUSERS=1 /norestart /quiet /l*v "C:\oem\abinstaller\abMedia25_media_msi.log"
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\svchost.exe -k WerSvcGroup
Nircmd.3XE infobox "Warning!!~n~nDo not run ComboFix in Compatibility Mode.~nDoing so may damage the machine." "Warning - Compatibility Mode"
"C:\Users\Paja\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_45]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\extensions\
staged
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2014-11-23 362928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 1729744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-11-23 59824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-19 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-19 770032]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-06 2890056]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 13647576]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BacKGround Agent"=C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2014-12-19 62208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-12-17 311616]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2014-12-19 90880]
"ClamWin"=C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [2014-11-20 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-13 624640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-07 03:22:49 ----D---- C:\Program Files\trend micro
2015-02-07 03:22:48 ----D---- C:\rsit
2015-02-07 03:14:41 ----D---- C:\AdwCleaner
2015-02-06 18:35:01 ----D---- C:\Users\Paja\AppData\Roaming\.clamwin
2015-02-06 18:34:26 ----D---- C:\ProgramData\.clamwin
2015-02-06 18:34:26 ----D---- C:\Program Files (x86)\ClamWin
2015-02-06 18:33:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-02-06 18:28:01 ----D---- C:\Program Files (x86)\ESET
2015-02-06 18:17:58 ----SHD---- C:\$RECYCLE.BIN
2015-02-06 18:15:39 ----D---- C:\Windows\erdnt
2015-02-06 18:09:58 ----SD---- C:\32788R22FWJFW
2015-02-06 17:01:52 ----D---- C:\Users\Paja\AppData\Roaming\WildTangent
2015-01-27 23:27:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-14 09:38:37 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 09:38:10 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 09:38:09 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 09:38:08 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 09:38:08 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\WerFault.exe
2015-01-14 09:38:07 ----A---- C:\Windows\system32\wer.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\wermgr.exe
2015-01-14 09:38:06 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 09:38:06 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\ci.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AudioSes.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AudioEng.dll
2015-01-14 09:38:05 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\audiosrv.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\audiodg.exe
======List of files/folders modified in the last 1 month======
2015-02-07 03:22:50 ----SHD---- C:\Windows\Installer
2015-02-07 03:22:49 ----RD---- C:\Program Files
2015-02-07 03:22:35 ----D---- C:\Windows\Prefetch
2015-02-07 03:21:24 ----D---- C:\Windows\Temp
2015-02-07 03:21:15 ----D---- C:\Windows\Inf
2015-02-07 03:20:50 ----D---- C:\Windows\SoftwareDistribution
2015-02-07 03:18:38 ----D---- C:\Windows
2015-02-07 03:17:46 ----D---- C:\Windows\Tasks
2015-02-07 03:17:46 ----D---- C:\Windows\system32\Tasks
2015-02-07 03:17:35 ----D---- C:\Program Files (x86)
2015-02-07 03:17:34 ----HD---- C:\ProgramData
2015-02-07 03:06:45 ----D---- C:\Windows\Panther
2015-02-07 03:06:40 ----D---- C:\Windows\Logs
2015-02-07 03:06:40 ----D---- C:\Windows\debug
2015-02-07 03:02:02 ----D---- C:\Windows\system32\sru
2015-02-07 02:29:56 ----D---- C:\ProgramData\Norton
2015-02-07 02:27:41 ----D---- C:\Windows\system32\config
2015-02-07 02:17:57 ----D---- C:\Windows\Microsoft.NET
2015-02-06 21:11:11 ----D---- C:\Windows\system32\drivers
2015-02-06 21:11:09 ----D---- C:\ProgramData\NortonInstaller
2015-02-06 21:11:05 ----D---- C:\ProgramData\boost_interprocess
2015-02-06 20:17:34 ----SHD---- C:\System Volume Information
2015-02-06 19:50:08 ----D---- C:\Windows\SysWOW64
2015-02-06 18:28:04 ----SD---- C:\Windows\Downloaded Program Files
2015-02-06 18:16:10 ----RD---- C:\Windows\System32
2015-02-06 18:16:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-06 17:54:59 ----D---- C:\Windows\CbsTemp
2015-02-06 17:54:57 ----D---- C:\Windows\WinSxS
2015-02-06 17:02:12 ----D---- C:\Program Files (x86)\WildTangent Games
2015-02-06 17:01:53 ----D---- C:\ProgramData\WildTangent
2015-02-06 16:59:57 ----D---- C:\Users\Paja\AppData\Roaming\Seznam.cz
2015-02-06 16:59:42 ----D---- C:\Program Files (x86)\Seznam.cz
2015-02-03 20:31:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-03 18:18:50 ----D---- C:\Windows\AppReadiness
2015-02-03 18:18:48 ----HD---- C:\Program Files\WindowsApps
2015-02-01 13:06:29 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-20 16:44:37 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-15 15:56:36 ----D---- C:\Windows\system32\MRT
2015-01-15 15:51:25 ----A---- C:\Windows\system32\MRT.exe
2015-01-10 10:33:40 ----D---- C:\Program Files (x86)\Acer
2015-01-10 10:33:32 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-06-20 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 athr;@oem16.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-16 3859968]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2013-07-19 82128]
R3 BTATH_BUS;@oem17.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-09-07 34384]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-09-07 594120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-09-06 370504]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-13 4208640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 3613528]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-10-29 27032]
R3 k57nd60a;@oem13.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-07-26 458960]
R3 LMDriver;@oem4.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 RadioShim;@oem4.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2014-06-20 70600]
S3 AthBTPort;@oem20.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-09-07 89800]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTATH_A2DP;@oem19.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-09-07 338120]
S3 btath_avdt;@oem19.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-09-07 116424]
S3 BTATH_HCRP;@oem22.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-09-07 179432]
S3 BTATH_LWFLT;@oem24.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-09-07 77464]
S3 BTATH_RCP;@oem26.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-09-07 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-06-20 72128]
S3 dg_ssudbus;@oem31.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-10-29 39320]
S3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-13 449496]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-06-20 181704]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]
S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-09-07 312448]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2014-12-19 2713856]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-06 101192]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2013-08-03 457768]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-06-20 189912]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-07-06 663592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-19 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu logu, nefunguje ComboFix
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu logu, nefunguje ComboFix
Zdravim 
Proc chcete CF aplikovat??
Co se tyce ComboFixu, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu) 
Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Nebezpeci CFka
Log z nej (c:\combofix.txt) byste nasel??
Proc chcete CF aplikovat?? Co se tyce ComboFixu, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu) Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby" Nebezpeci CFka
- Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
- Maze stopy po haveti, takze v logu z RSIT neni nic videt
- Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
- CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
- CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
Log z nej (c:\combofix.txt) byste nasel??"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu, nefunguje ComboFix
Dobrý den,
v rámci několika scanů různými programy (online eset scanner, ClamWin) jsem narazil na infekce, chtěl jsem zkusit nainstalovat i ComboFix, ale už při instalaci narazím na hlášku "This operating system is not supported! ComboFix only runs on: XP, Vista, 7, 8
Windows 2000 is no longer supported."
log pro combofix není.
Děkuji
v rámci několika scanů různými programy (online eset scanner, ClamWin) jsem narazil na infekce, chtěl jsem zkusit nainstalovat i ComboFix, ale už při instalaci narazím na hlášku "This operating system is not supported! ComboFix only runs on: XP, Vista, 7, 8
Windows 2000 is no longer supported."
log pro combofix není.
Děkuji
Re: prosím o kontrolu logu, nefunguje ComboFix
Dobrý den,
opět jsem zkusil další kontrolu - tentokrát přes AVG a opět byla nalezena nějaká infekce.
Při pokusu o instalaci ComboFixu (myslím si, že pokud nelze instalovat, je tam nákaza) opět vyběhla hláška viz předchozí příspěvek.
Přikládám log a prosím o radu.
Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Paja at 2015-02-08 18:14:00
Microsoft Windows 8.1
System drive C: has 774 GB (83%) free of 935 GB
Total RAM: 3976 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:14:06, on 8. 2. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Users\Paja\AppData\Local\Pokki\Engine\HostAppService.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Paja.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9377 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
"C:\Program Files\Elantech\ETDService.exe"
dashost.exe {b6c28d8d-346a-4141-94bb85ee16df26b0}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1f93c9dc-cf9e-44b4-a405-149179d2121e -SystemEventPortName:HostProcess-6116ec44-e136-43ce-b096-0ecd02a280d3 -IoCancelEventPortName:HostProcess-17e5b4cb-d9bf-4be8-b5fa-b5f28f0201ac -NonStateChangingEventPortName:HostProcess-85605b84-2406-4e2a-898a-f4390814e37b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:792cee08-1d87-4d04-99e0-43506929e709 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe"
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" "C:\Users\Paja\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" S-1-5-21-1520336514-3769034717-236116784-1001 360 466 "C:\ProgramData\acer\CCD"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Users\Paja\AppData\Local\Pokki\Engine\HostAppService.exe" /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-e662-9906914e2a7c /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe"
ctfmon.exe
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.avgthreatlabs.com/virus-and- ... ZWNlLmV4ZQ"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe -Embedding
"C:\Users\Paja\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_45]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2014-11-23 362928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 1729744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-11-23 59824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-19 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-19 770032]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-06 2890056]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 13647576]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BacKGround Agent"=C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2014-12-19 62208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-12-17 311616]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2014-12-19 90880]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-01-06 3674576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-13 624640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2015-02-07 19:22:02 ----D---- C:\Users\Paja\AppData\Roaming\AVG2015
2015-02-07 19:21:11 ----D---- C:\Users\Paja\AppData\Roaming\TuneUp Software
2015-02-07 19:20:38 ----HD---- C:\$AVG
2015-02-07 19:20:38 ----D---- C:\ProgramData\AVG2015
2015-02-07 19:20:00 ----D---- C:\Program Files (x86)\AVG
2015-02-07 19:16:05 ----D---- C:\ProgramData\MFAData
2015-02-07 03:22:49 ----D---- C:\Program Files\trend micro
2015-02-07 03:22:48 ----D---- C:\rsit
2015-02-07 03:14:41 ----D---- C:\AdwCleaner
2015-02-06 18:33:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-02-06 18:28:01 ----D---- C:\Program Files (x86)\ESET
2015-02-06 18:17:58 ----SHD---- C:\$RECYCLE.BIN
2015-02-06 18:15:39 ----D---- C:\Windows\erdnt
2015-02-06 17:01:52 ----D---- C:\Users\Paja\AppData\Roaming\WildTangent
2015-01-27 23:27:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-14 09:38:37 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 09:38:10 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 09:38:09 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 09:38:08 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 09:38:08 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\WerFault.exe
2015-01-14 09:38:07 ----A---- C:\Windows\system32\wer.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\wermgr.exe
2015-01-14 09:38:06 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 09:38:06 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\ci.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AudioSes.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AudioEng.dll
2015-01-14 09:38:05 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\audiosrv.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\audiodg.exe
2015-01-04 09:37:13 ----D---- C:\Program Files\Microsoft Silverlight
2015-01-04 09:37:13 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-01-03 23:13:23 ----D---- C:\Users\Paja\AppData\Roaming\Opera Software
2015-01-03 23:12:28 ----D---- C:\Program Files (x86)\Opera
2015-01-03 23:11:22 ----D---- C:\Users\Paja\AppData\Roaming\AVG
2015-01-03 23:09:33 ----HD---- C:\ProgramData\Common Files
2015-01-03 23:09:33 ----D---- C:\ProgramData\AVG
2015-01-03 23:06:38 ----D---- C:\ProgramData\Freemake
2015-01-03 23:06:20 ----D---- C:\Program Files (x86)\Freemake
2015-01-03 22:57:30 ----D---- C:\Users\Paja\AppData\Roaming\QuickScan
2015-01-03 22:55:46 ----D---- C:\ProgramData\DivX
2015-01-03 22:53:53 ----D---- C:\Program Files (x86)\Seznam.cz
2015-01-03 22:53:37 ----D---- C:\Users\Paja\AppData\Roaming\Seznam.cz
2015-01-02 21:16:32 ----D---- C:\Users\Paja\AppData\Roaming\Skype
2015-01-02 17:47:18 ----D---- C:\ProgramData\Skype
2014-12-25 13:44:43 ----D---- C:\Users\Paja\AppData\Roaming\Samsung
2014-12-25 13:43:47 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2014-12-25 13:43:47 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2014-12-25 13:42:07 ----D---- C:\Program Files (x86)\MyFree Codec
2014-12-25 13:39:20 ----A---- C:\Windows\SYSWOW64\secman.dll
2014-12-25 13:39:19 ----A---- C:\Windows\SYSWOW64\Redemption.dll
2014-12-25 13:38:03 ----D---- C:\ProgramData\Samsung
2014-12-25 13:38:03 ----D---- C:\Program Files (x86)\Samsung
2014-12-20 19:29:49 ----A---- C:\Windows\system32\poqexec.exe
2014-12-20 19:29:48 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-12-11 12:25:58 ----A---- C:\Windows\system32\crypt32.dll
2014-12-11 12:25:57 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-12-11 12:25:52 ----A---- C:\Windows\SYSWOW64\DeviceSetupStatusProvider.dll
2014-12-11 12:25:52 ----A---- C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 12:25:49 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-12-11 12:25:48 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-12-11 08:49:47 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 08:49:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 08:49:42 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 08:49:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 08:49:40 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 08:49:39 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 08:49:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 08:49:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 08:49:38 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 08:49:38 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 08:49:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 08:49:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 08:49:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 08:49:35 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 08:49:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 08:49:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 08:49:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 08:49:32 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 08:49:32 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 08:49:32 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 08:49:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 08:49:31 ----A---- C:\Windows\system32\iepeers.dll
2014-12-11 08:49:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 08:49:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 08:49:29 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-12-11 08:49:29 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 08:49:29 ----A---- C:\Windows\system32\webcheck.dll
2014-12-11 08:49:29 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 08:49:29 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 08:49:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 08:49:28 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-12-11 08:49:27 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-12-11 08:49:27 ----A---- C:\Windows\system32\jscript.dll
2014-12-11 08:49:27 ----A---- C:\Windows\system32\inetcomm.dll
2014-12-11 08:49:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-12-11 08:48:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 08:48:32 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 08:48:31 ----AC---- C:\Windows\system32\drivers\sdbus.sys
2014-12-11 08:48:31 ----AC---- C:\Windows\system32\drivers\intelpep.sys
2014-12-11 08:48:31 ----AC---- C:\Windows\system32\drivers\dumpsd.sys
2014-12-11 08:48:31 ----A---- C:\Windows\system32\drivers\pdc.sys
2014-12-08 21:24:26 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys
2014-11-29 11:47:11 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-11-29 11:47:10 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-11-29 11:47:10 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-11-29 11:47:10 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2014-11-29 11:47:03 ----D---- C:\Program Files (x86)\VAG-304-CZ FULL + Driver XP,Vista, 7
2014-11-29 11:46:23 ----D---- C:\Users\Paja\AppData\Roaming\WinRAR
2014-11-29 11:43:48 ----D---- C:\Program Files (x86)\WinRAR
2014-11-23 10:12:47 ----D---- C:\ProgramData\Sun
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\java.exe
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2014-11-23 10:11:41 ----D---- C:\Program Files (x86)\Java
2014-11-19 15:17:09 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 15:17:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 15:17:09 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 15:17:09 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 21:42:04 ----A---- C:\Windows\system32\drivers\avgidsha.sys
2014-11-18 20:47:50 ----A---- C:\Windows\system32\FM20.DLL
2014-11-12 14:47:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-12 09:33:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 09:33:33 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 09:33:33 ----A---- C:\Windows\system32\dpapisrv.dll
2014-11-12 09:33:32 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-12 09:33:32 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-12 09:33:27 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-12 09:33:26 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 09:33:26 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-11-12 09:33:26 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 09:33:26 ----A---- C:\Windows\system32\rfxvmt.dll
2014-11-12 09:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 09:33:26 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-11-12 09:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 09:33:26 ----A---- C:\Windows\system32\drivers\cng.sys
2014-11-12 09:33:26 ----A---- C:\Windows\system32\certcli.dll
2014-11-12 09:33:26 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 09:33:25 ----A---- C:\Windows\system32\rdpudd.dll
2014-11-12 09:33:25 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 09:33:17 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 09:33:16 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 09:33:16 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 09:33:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-12 09:33:15 ----A---- C:\Windows\system32\msi.dll
2014-11-12 09:33:15 ----A---- C:\Windows\system32\authui.dll
2014-11-12 09:33:14 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-12 09:33:14 ----A---- C:\Windows\system32\msihnd.dll
2014-11-12 09:33:14 ----A---- C:\Windows\system32\consent.exe
2014-11-12 09:33:14 ----A---- C:\Windows\system32\appinfo.dll
2014-11-12 09:33:11 ----A---- C:\Windows\system32\wuaueng.dll
2014-11-12 09:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-11-12 09:33:10 ----A---- C:\Windows\system32\wucltux.dll
2014-11-12 09:33:10 ----A---- C:\Windows\system32\wuapi.dll
2014-11-12 09:33:09 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-11-12 09:33:09 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-11-12 09:33:09 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-11-12 09:33:09 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wuwebv.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wups2.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wups.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wudriver.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wuauclt.exe
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wuapp.exe
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wuaext.dll
2014-11-12 09:32:57 ----A---- C:\Windows\system32\user32.dll
2014-11-12 09:32:56 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-12 09:32:56 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2014-11-12 09:32:56 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-12 09:32:55 ----A---- C:\Windows\SYSWOW64\winshfhc.dll
2014-11-12 09:32:55 ----A---- C:\Windows\system32\winshfhc.dll
2014-11-12 09:32:55 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-12 09:31:24 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-12 09:31:23 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 09:31:22 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 09:31:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 09:31:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 09:31:19 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 09:31:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 09:31:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 09:31:17 ----A---- C:\Windows\SYSWOW64\hlink.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\inseng.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 09:31:16 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 09:31:16 ----A---- C:\Windows\system32\hlink.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\pngfilt.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\occache.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\licmgr10.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\imgutil.dll
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\url.dll
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 09:31:14 ----A---- C:\Windows\system32\wextract.exe
2014-11-12 09:31:14 ----A---- C:\Windows\system32\url.dll
2014-11-12 09:31:14 ----A---- C:\Windows\system32\mshta.exe
2014-11-12 09:31:14 ----A---- C:\Windows\system32\msfeedssync.exe
2014-11-12 09:31:14 ----A---- C:\Windows\system32\iexpress.exe
2014-11-12 09:31:14 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 09:31:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 09:31:14 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-11-12 09:31:01 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 09:31:01 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 09:30:57 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 09:30:57 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 09:30:57 ----A---- C:\Windows\system32\packager.dll
2014-11-12 09:30:54 ----A---- C:\Windows\system32\shell32.dll
2014-11-12 09:30:53 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-11-12 09:30:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-11-12 09:30:51 ----A---- C:\Windows\system32\twinui.dll
2014-11-12 09:30:51 ----A---- C:\Windows\system32\SettingsHandlers.dll
2014-11-12 09:30:50 ----A---- C:\Windows\system32\MFMediaEngine.dll
2014-11-12 09:30:50 ----A---- C:\Windows\system32\localspl.dll
2014-11-12 09:30:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-12 09:30:49 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-12 09:30:49 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2014-11-12 09:30:48 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2014-11-12 09:30:48 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2014-11-12 09:30:48 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-12 09:30:48 ----A---- C:\Windows\system32\win32spl.dll
2014-11-12 09:30:48 ----A---- C:\Windows\system32\drivers\netio.sys
2014-11-12 09:30:47 ----AC---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-11-12 09:30:47 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-12 09:30:47 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2014-11-12 09:30:47 ----A---- C:\Windows\system32\puiobj.dll
2014-11-12 09:30:47 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-11-12 09:30:46 ----A---- C:\Windows\SYSWOW64\untfs.dll
2014-11-12 09:30:46 ----A---- C:\Windows\system32\untfs.dll
2014-11-12 09:30:46 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-12 09:30:46 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-12 09:30:45 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
======List of files/folders modified in the last 3 months======
2015-02-08 18:13:01 ----D---- C:\Windows\Temp
2015-02-08 18:06:47 ----D---- C:\Windows\Prefetch
2015-02-08 18:01:17 ----D---- C:\Program Files (x86)
2015-02-08 18:01:16 ----HD---- C:\ProgramData
2015-02-08 18:00:00 ----D---- C:\Windows\system32\sru
2015-02-07 20:30:57 ----D---- C:\Windows\SysWOW64
2015-02-07 19:21:37 ----SHD---- C:\Windows\Installer
2015-02-07 19:21:03 ----HD---- C:\Windows\ELAMBKUP
2015-02-07 19:21:03 ----D---- C:\Windows\system32\drivers
2015-02-07 19:21:01 ----D---- C:\Windows\Inf
2015-02-07 19:20:56 ----D---- C:\Windows\system32\DriverStore
2015-02-07 19:20:19 ----SHD---- C:\System Volume Information
2015-02-07 19:19:21 ----RD---- C:\Windows\System32
2015-02-07 19:08:31 ----HD---- C:\Program Files\WindowsApps
2015-02-07 19:08:31 ----D---- C:\Windows\AppReadiness
2015-02-07 03:34:40 ----D---- C:\Windows\debug
2015-02-07 03:22:49 ----RD---- C:\Program Files
2015-02-07 03:20:50 ----D---- C:\Windows\SoftwareDistribution
2015-02-07 03:18:38 ----D---- C:\Windows
2015-02-07 03:17:46 ----D---- C:\Windows\Tasks
2015-02-07 03:17:46 ----D---- C:\Windows\system32\Tasks
2015-02-07 03:06:45 ----D---- C:\Windows\Panther
2015-02-07 03:06:40 ----D---- C:\Windows\Logs
2015-02-07 02:29:56 ----D---- C:\ProgramData\Norton
2015-02-07 02:27:41 ----D---- C:\Windows\system32\config
2015-02-07 02:17:57 ----D---- C:\Windows\Microsoft.NET
2015-02-06 21:11:09 ----D---- C:\ProgramData\NortonInstaller
2015-02-06 21:11:05 ----D---- C:\ProgramData\boost_interprocess
2015-02-06 18:28:04 ----SD---- C:\Windows\Downloaded Program Files
2015-02-06 18:16:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-06 17:54:59 ----D---- C:\Windows\CbsTemp
2015-02-06 17:54:57 ----D---- C:\Windows\WinSxS
2015-02-06 17:02:12 ----D---- C:\Program Files (x86)\WildTangent Games
2015-02-06 17:01:53 ----D---- C:\ProgramData\WildTangent
2015-02-01 13:06:29 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-20 16:44:37 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-15 15:56:36 ----D---- C:\Windows\system32\MRT
2015-01-15 15:51:25 ----A---- C:\Windows\system32\MRT.exe
2015-01-10 10:33:40 ----D---- C:\Program Files (x86)\Acer
2015-01-10 10:33:32 ----RSD---- C:\Windows\assembly
2015-01-04 08:04:13 ----D---- C:\Windows\system32\catroot
2015-01-04 08:01:48 ----D---- C:\Program Files (x86)\Common Files
2015-01-03 22:55:30 ----SD---- C:\ProgramData\Microsoft
2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-25 14:06:53 ----SD---- C:\Users\Paja\AppData\Roaming\Microsoft
2014-12-25 14:00:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-17 11:56:31 ----D---- C:\Windows\rescache
2014-12-16 09:50:30 ----D---- C:\Windows\system32\catroot2
2014-12-14 17:20:24 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-14 17:20:24 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-14 17:20:24 ----D---- C:\Windows\system32\sr-Latn-RS
2014-12-14 17:20:24 ----D---- C:\Windows\system32\sr-Latn-CS
2014-12-14 17:20:24 ----D---- C:\Windows\system32\en-US
2014-12-14 17:20:24 ----D---- C:\Windows\system32\cs-CZ
2014-12-14 17:20:20 ----D---- C:\Program Files\Internet Explorer
2014-12-14 17:20:20 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-14 17:20:19 ----D---- C:\Windows\PolicyDefinitions
2014-12-13 17:47:08 ----D---- C:\Users\Paja\AppData\Roaming\CyberLink
2014-12-13 17:44:57 ----D---- C:\Users\Paja\AppData\Roaming\vlc
2014-12-13 15:30:07 ----D---- C:\ProgramData\Microsoft Help
2014-12-10 18:46:22 ----D---- C:\Windows\LiveKernelReports
2014-11-21 19:00:36 ----HD---- C:\OEM
2014-11-12 13:10:28 ----RD---- C:\Windows\ToastData
2014-11-12 13:10:27 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-12 13:10:27 ----D---- C:\Windows\apppatch
2014-11-12 13:10:26 ----D---- C:\Program Files\Windows Defender
2014-11-12 13:10:26 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-12 13:10:24 ----D---- C:\Windows\system32\wbem
2014-11-12 13:10:22 ----D---- C:\Windows\SYSWOW64\migration
2014-11-12 13:10:21 ----D---- C:\Windows\system32\migration
2014-11-12 12:50:47 ----A---- C:\Windows\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-06-20 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem38.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 athr;@oem16.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-16 3859968]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2013-07-19 82128]
R3 BTATH_BUS;@oem17.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-09-07 34384]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-09-07 594120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-09-06 370504]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-13 4208640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 3613528]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-10-29 27032]
R3 k57nd60a;@oem13.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-07-26 458960]
R3 LMDriver;@oem4.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 RadioShim;@oem4.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2014-06-20 70600]
S3 AthBTPort;@oem20.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-09-07 89800]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTATH_A2DP;@oem19.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-09-07 338120]
S3 btath_avdt;@oem19.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-09-07 116424]
S3 BTATH_HCRP;@oem22.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-09-07 179432]
S3 BTATH_LWFLT;@oem24.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-09-07 77464]
S3 BTATH_RCP;@oem26.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-09-07 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-06-20 72128]
S3 dg_ssudbus;@oem31.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-10-29 39320]
S3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-13 449496]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-06-20 181704]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]
S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-09-07 312448]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-01-06 1507632]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-01-06 3440080]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-01-06 309232]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2014-12-19 2713856]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-06 101192]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2013-08-03 457768]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-06-20 189912]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-07-06 663592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-19 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
-----------------EOF-----------------
opět jsem zkusil další kontrolu - tentokrát přes AVG a opět byla nalezena nějaká infekce.
Při pokusu o instalaci ComboFixu (myslím si, že pokud nelze instalovat, je tam nákaza) opět vyběhla hláška viz předchozí příspěvek.
Přikládám log a prosím o radu.
Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Paja at 2015-02-08 18:14:00
Microsoft Windows 8.1
System drive C: has 774 GB (83%) free of 935 GB
Total RAM: 3976 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:14:06, on 8. 2. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Users\Paja\AppData\Local\Pokki\Engine\HostAppService.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Paja.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9377 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
"C:\Program Files\Elantech\ETDService.exe"
dashost.exe {b6c28d8d-346a-4141-94bb85ee16df26b0}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1f93c9dc-cf9e-44b4-a405-149179d2121e -SystemEventPortName:HostProcess-6116ec44-e136-43ce-b096-0ecd02a280d3 -IoCancelEventPortName:HostProcess-17e5b4cb-d9bf-4be8-b5fa-b5f28f0201ac -NonStateChangingEventPortName:HostProcess-85605b84-2406-4e2a-898a-f4390814e37b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:792cee08-1d87-4d04-99e0-43506929e709 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe"
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" "C:\Users\Paja\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" S-1-5-21-1520336514-3769034717-236116784-1001 360 466 "C:\ProgramData\acer\CCD"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Users\Paja\AppData\Local\Pokki\Engine\HostAppService.exe" /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-e662-9906914e2a7c /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe"
ctfmon.exe
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.avgthreatlabs.com/virus-and- ... ZWNlLmV4ZQ"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe -Embedding
"C:\Users\Paja\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_45]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2014-11-23 362928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 1729744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-11-23 59824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-19 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-19 770032]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-06 2890056]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 13647576]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BacKGround Agent"=C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2014-12-19 62208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-12-17 311616]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2014-12-19 90880]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-01-06 3674576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-13 624640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2015-02-07 19:22:02 ----D---- C:\Users\Paja\AppData\Roaming\AVG2015
2015-02-07 19:21:11 ----D---- C:\Users\Paja\AppData\Roaming\TuneUp Software
2015-02-07 19:20:38 ----HD---- C:\$AVG
2015-02-07 19:20:38 ----D---- C:\ProgramData\AVG2015
2015-02-07 19:20:00 ----D---- C:\Program Files (x86)\AVG
2015-02-07 19:16:05 ----D---- C:\ProgramData\MFAData
2015-02-07 03:22:49 ----D---- C:\Program Files\trend micro
2015-02-07 03:22:48 ----D---- C:\rsit
2015-02-07 03:14:41 ----D---- C:\AdwCleaner
2015-02-06 18:33:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-02-06 18:28:01 ----D---- C:\Program Files (x86)\ESET
2015-02-06 18:17:58 ----SHD---- C:\$RECYCLE.BIN
2015-02-06 18:15:39 ----D---- C:\Windows\erdnt
2015-02-06 17:01:52 ----D---- C:\Users\Paja\AppData\Roaming\WildTangent
2015-01-27 23:27:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-14 09:38:37 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 09:38:10 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 09:38:09 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 09:38:09 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 09:38:08 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 09:38:08 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 09:38:07 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\WerFault.exe
2015-01-14 09:38:07 ----A---- C:\Windows\system32\wer.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 09:38:07 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-01-14 09:38:06 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\wermgr.exe
2015-01-14 09:38:06 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 09:38:06 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\ci.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AudioSes.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-01-14 09:38:06 ----A---- C:\Windows\system32\AudioEng.dll
2015-01-14 09:38:05 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\audiosrv.dll
2015-01-14 09:38:05 ----A---- C:\Windows\system32\audiodg.exe
2015-01-04 09:37:13 ----D---- C:\Program Files\Microsoft Silverlight
2015-01-04 09:37:13 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-01-03 23:13:23 ----D---- C:\Users\Paja\AppData\Roaming\Opera Software
2015-01-03 23:12:28 ----D---- C:\Program Files (x86)\Opera
2015-01-03 23:11:22 ----D---- C:\Users\Paja\AppData\Roaming\AVG
2015-01-03 23:09:33 ----HD---- C:\ProgramData\Common Files
2015-01-03 23:09:33 ----D---- C:\ProgramData\AVG
2015-01-03 23:06:38 ----D---- C:\ProgramData\Freemake
2015-01-03 23:06:20 ----D---- C:\Program Files (x86)\Freemake
2015-01-03 22:57:30 ----D---- C:\Users\Paja\AppData\Roaming\QuickScan
2015-01-03 22:55:46 ----D---- C:\ProgramData\DivX
2015-01-03 22:53:53 ----D---- C:\Program Files (x86)\Seznam.cz
2015-01-03 22:53:37 ----D---- C:\Users\Paja\AppData\Roaming\Seznam.cz
2015-01-02 21:16:32 ----D---- C:\Users\Paja\AppData\Roaming\Skype
2015-01-02 17:47:18 ----D---- C:\ProgramData\Skype
2014-12-25 13:44:43 ----D---- C:\Users\Paja\AppData\Roaming\Samsung
2014-12-25 13:43:47 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2014-12-25 13:43:47 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2014-12-25 13:42:07 ----D---- C:\Program Files (x86)\MyFree Codec
2014-12-25 13:39:20 ----A---- C:\Windows\SYSWOW64\secman.dll
2014-12-25 13:39:19 ----A---- C:\Windows\SYSWOW64\Redemption.dll
2014-12-25 13:38:03 ----D---- C:\ProgramData\Samsung
2014-12-25 13:38:03 ----D---- C:\Program Files (x86)\Samsung
2014-12-20 19:29:49 ----A---- C:\Windows\system32\poqexec.exe
2014-12-20 19:29:48 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-12-11 12:25:58 ----A---- C:\Windows\system32\crypt32.dll
2014-12-11 12:25:57 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-12-11 12:25:52 ----A---- C:\Windows\SYSWOW64\DeviceSetupStatusProvider.dll
2014-12-11 12:25:52 ----A---- C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 12:25:49 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-12-11 12:25:48 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-12-11 08:49:47 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 08:49:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 08:49:42 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 08:49:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 08:49:40 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 08:49:39 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 08:49:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 08:49:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 08:49:38 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 08:49:38 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 08:49:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 08:49:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 08:49:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 08:49:35 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 08:49:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 08:49:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 08:49:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 08:49:32 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 08:49:32 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 08:49:32 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 08:49:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 08:49:31 ----A---- C:\Windows\system32\iepeers.dll
2014-12-11 08:49:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 08:49:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 08:49:29 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-12-11 08:49:29 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 08:49:29 ----A---- C:\Windows\system32\webcheck.dll
2014-12-11 08:49:29 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 08:49:29 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 08:49:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 08:49:28 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-12-11 08:49:27 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-12-11 08:49:27 ----A---- C:\Windows\system32\jscript.dll
2014-12-11 08:49:27 ----A---- C:\Windows\system32\inetcomm.dll
2014-12-11 08:49:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-12-11 08:48:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 08:48:32 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 08:48:31 ----AC---- C:\Windows\system32\drivers\sdbus.sys
2014-12-11 08:48:31 ----AC---- C:\Windows\system32\drivers\intelpep.sys
2014-12-11 08:48:31 ----AC---- C:\Windows\system32\drivers\dumpsd.sys
2014-12-11 08:48:31 ----A---- C:\Windows\system32\drivers\pdc.sys
2014-12-08 21:24:26 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys
2014-11-29 11:47:11 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-11-29 11:47:11 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-11-29 11:47:10 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-11-29 11:47:10 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-11-29 11:47:10 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2014-11-29 11:47:03 ----D---- C:\Program Files (x86)\VAG-304-CZ FULL + Driver XP,Vista, 7
2014-11-29 11:46:23 ----D---- C:\Users\Paja\AppData\Roaming\WinRAR
2014-11-29 11:43:48 ----D---- C:\Program Files (x86)\WinRAR
2014-11-23 10:12:47 ----D---- C:\ProgramData\Sun
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\java.exe
2014-11-23 10:11:56 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2014-11-23 10:11:41 ----D---- C:\Program Files (x86)\Java
2014-11-19 15:17:09 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 15:17:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 15:17:09 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 15:17:09 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 21:42:04 ----A---- C:\Windows\system32\drivers\avgidsha.sys
2014-11-18 20:47:50 ----A---- C:\Windows\system32\FM20.DLL
2014-11-12 14:47:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-12 09:33:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 09:33:33 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 09:33:33 ----A---- C:\Windows\system32\dpapisrv.dll
2014-11-12 09:33:32 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-12 09:33:32 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-12 09:33:27 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-12 09:33:26 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 09:33:26 ----A---- C:\Windows\SYSWOW64\certcli.dll
2014-11-12 09:33:26 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 09:33:26 ----A---- C:\Windows\system32\rfxvmt.dll
2014-11-12 09:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 09:33:26 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-11-12 09:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 09:33:26 ----A---- C:\Windows\system32\drivers\cng.sys
2014-11-12 09:33:26 ----A---- C:\Windows\system32\certcli.dll
2014-11-12 09:33:26 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 09:33:25 ----A---- C:\Windows\system32\rdpudd.dll
2014-11-12 09:33:25 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 09:33:17 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 09:33:16 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 09:33:16 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 09:33:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-12 09:33:15 ----A---- C:\Windows\system32\msi.dll
2014-11-12 09:33:15 ----A---- C:\Windows\system32\authui.dll
2014-11-12 09:33:14 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-12 09:33:14 ----A---- C:\Windows\system32\msihnd.dll
2014-11-12 09:33:14 ----A---- C:\Windows\system32\consent.exe
2014-11-12 09:33:14 ----A---- C:\Windows\system32\appinfo.dll
2014-11-12 09:33:11 ----A---- C:\Windows\system32\wuaueng.dll
2014-11-12 09:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-11-12 09:33:10 ----A---- C:\Windows\system32\wucltux.dll
2014-11-12 09:33:10 ----A---- C:\Windows\system32\wuapi.dll
2014-11-12 09:33:09 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-11-12 09:33:09 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-11-12 09:33:09 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-11-12 09:33:09 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wuwebv.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wups2.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wups.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wudriver.dll
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wuauclt.exe
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wuapp.exe
2014-11-12 09:33:09 ----A---- C:\Windows\system32\wuaext.dll
2014-11-12 09:32:57 ----A---- C:\Windows\system32\user32.dll
2014-11-12 09:32:56 ----A---- C:\Windows\SYSWOW64\user32.dll
2014-11-12 09:32:56 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2014-11-12 09:32:56 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-12 09:32:55 ----A---- C:\Windows\SYSWOW64\winshfhc.dll
2014-11-12 09:32:55 ----A---- C:\Windows\system32\winshfhc.dll
2014-11-12 09:32:55 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-12 09:31:24 ----A---- C:\Windows\system32\actxprxy.dll
2014-11-12 09:31:23 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 09:31:22 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 09:31:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 09:31:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 09:31:19 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 09:31:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 09:31:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 09:31:17 ----A---- C:\Windows\SYSWOW64\hlink.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-12 09:31:16 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\inseng.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 09:31:16 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-12 09:31:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 09:31:16 ----A---- C:\Windows\system32\hlink.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 09:31:15 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\pngfilt.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\occache.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\licmgr10.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 09:31:15 ----A---- C:\Windows\system32\imgutil.dll
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\url.dll
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 09:31:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 09:31:14 ----A---- C:\Windows\system32\wextract.exe
2014-11-12 09:31:14 ----A---- C:\Windows\system32\url.dll
2014-11-12 09:31:14 ----A---- C:\Windows\system32\mshta.exe
2014-11-12 09:31:14 ----A---- C:\Windows\system32\msfeedssync.exe
2014-11-12 09:31:14 ----A---- C:\Windows\system32\iexpress.exe
2014-11-12 09:31:14 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 09:31:14 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 09:31:14 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-11-12 09:31:01 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 09:31:01 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 09:30:57 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 09:30:57 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 09:30:57 ----A---- C:\Windows\system32\packager.dll
2014-11-12 09:30:54 ----A---- C:\Windows\system32\shell32.dll
2014-11-12 09:30:53 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-11-12 09:30:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-11-12 09:30:51 ----A---- C:\Windows\system32\twinui.dll
2014-11-12 09:30:51 ----A---- C:\Windows\system32\SettingsHandlers.dll
2014-11-12 09:30:50 ----A---- C:\Windows\system32\MFMediaEngine.dll
2014-11-12 09:30:50 ----A---- C:\Windows\system32\localspl.dll
2014-11-12 09:30:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-12 09:30:49 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-12 09:30:49 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2014-11-12 09:30:48 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2014-11-12 09:30:48 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2014-11-12 09:30:48 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-12 09:30:48 ----A---- C:\Windows\system32\win32spl.dll
2014-11-12 09:30:48 ----A---- C:\Windows\system32\drivers\netio.sys
2014-11-12 09:30:47 ----AC---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-11-12 09:30:47 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-12 09:30:47 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2014-11-12 09:30:47 ----A---- C:\Windows\system32\puiobj.dll
2014-11-12 09:30:47 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-11-12 09:30:46 ----A---- C:\Windows\SYSWOW64\untfs.dll
2014-11-12 09:30:46 ----A---- C:\Windows\system32\untfs.dll
2014-11-12 09:30:46 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-12 09:30:46 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-12 09:30:45 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
======List of files/folders modified in the last 3 months======
2015-02-08 18:13:01 ----D---- C:\Windows\Temp
2015-02-08 18:06:47 ----D---- C:\Windows\Prefetch
2015-02-08 18:01:17 ----D---- C:\Program Files (x86)
2015-02-08 18:01:16 ----HD---- C:\ProgramData
2015-02-08 18:00:00 ----D---- C:\Windows\system32\sru
2015-02-07 20:30:57 ----D---- C:\Windows\SysWOW64
2015-02-07 19:21:37 ----SHD---- C:\Windows\Installer
2015-02-07 19:21:03 ----HD---- C:\Windows\ELAMBKUP
2015-02-07 19:21:03 ----D---- C:\Windows\system32\drivers
2015-02-07 19:21:01 ----D---- C:\Windows\Inf
2015-02-07 19:20:56 ----D---- C:\Windows\system32\DriverStore
2015-02-07 19:20:19 ----SHD---- C:\System Volume Information
2015-02-07 19:19:21 ----RD---- C:\Windows\System32
2015-02-07 19:08:31 ----HD---- C:\Program Files\WindowsApps
2015-02-07 19:08:31 ----D---- C:\Windows\AppReadiness
2015-02-07 03:34:40 ----D---- C:\Windows\debug
2015-02-07 03:22:49 ----RD---- C:\Program Files
2015-02-07 03:20:50 ----D---- C:\Windows\SoftwareDistribution
2015-02-07 03:18:38 ----D---- C:\Windows
2015-02-07 03:17:46 ----D---- C:\Windows\Tasks
2015-02-07 03:17:46 ----D---- C:\Windows\system32\Tasks
2015-02-07 03:06:45 ----D---- C:\Windows\Panther
2015-02-07 03:06:40 ----D---- C:\Windows\Logs
2015-02-07 02:29:56 ----D---- C:\ProgramData\Norton
2015-02-07 02:27:41 ----D---- C:\Windows\system32\config
2015-02-07 02:17:57 ----D---- C:\Windows\Microsoft.NET
2015-02-06 21:11:09 ----D---- C:\ProgramData\NortonInstaller
2015-02-06 21:11:05 ----D---- C:\ProgramData\boost_interprocess
2015-02-06 18:28:04 ----SD---- C:\Windows\Downloaded Program Files
2015-02-06 18:16:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-06 17:54:59 ----D---- C:\Windows\CbsTemp
2015-02-06 17:54:57 ----D---- C:\Windows\WinSxS
2015-02-06 17:02:12 ----D---- C:\Program Files (x86)\WildTangent Games
2015-02-06 17:01:53 ----D---- C:\ProgramData\WildTangent
2015-02-01 13:06:29 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-20 16:44:37 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-15 15:56:36 ----D---- C:\Windows\system32\MRT
2015-01-15 15:51:25 ----A---- C:\Windows\system32\MRT.exe
2015-01-10 10:33:40 ----D---- C:\Program Files (x86)\Acer
2015-01-10 10:33:32 ----RSD---- C:\Windows\assembly
2015-01-04 08:04:13 ----D---- C:\Windows\system32\catroot
2015-01-04 08:01:48 ----D---- C:\Program Files (x86)\Common Files
2015-01-03 22:55:30 ----SD---- C:\ProgramData\Microsoft
2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-25 14:06:53 ----SD---- C:\Users\Paja\AppData\Roaming\Microsoft
2014-12-25 14:00:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-17 11:56:31 ----D---- C:\Windows\rescache
2014-12-16 09:50:30 ----D---- C:\Windows\system32\catroot2
2014-12-14 17:20:24 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-14 17:20:24 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-14 17:20:24 ----D---- C:\Windows\system32\sr-Latn-RS
2014-12-14 17:20:24 ----D---- C:\Windows\system32\sr-Latn-CS
2014-12-14 17:20:24 ----D---- C:\Windows\system32\en-US
2014-12-14 17:20:24 ----D---- C:\Windows\system32\cs-CZ
2014-12-14 17:20:20 ----D---- C:\Program Files\Internet Explorer
2014-12-14 17:20:20 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-14 17:20:19 ----D---- C:\Windows\PolicyDefinitions
2014-12-13 17:47:08 ----D---- C:\Users\Paja\AppData\Roaming\CyberLink
2014-12-13 17:44:57 ----D---- C:\Users\Paja\AppData\Roaming\vlc
2014-12-13 15:30:07 ----D---- C:\ProgramData\Microsoft Help
2014-12-10 18:46:22 ----D---- C:\Windows\LiveKernelReports
2014-11-21 19:00:36 ----HD---- C:\OEM
2014-11-12 13:10:28 ----RD---- C:\Windows\ToastData
2014-11-12 13:10:27 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-12 13:10:27 ----D---- C:\Windows\apppatch
2014-11-12 13:10:26 ----D---- C:\Program Files\Windows Defender
2014-11-12 13:10:26 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-12 13:10:24 ----D---- C:\Windows\system32\wbem
2014-11-12 13:10:22 ----D---- C:\Windows\SYSWOW64\migration
2014-11-12 13:10:21 ----D---- C:\Windows\system32\migration
2014-11-12 12:50:47 ----A---- C:\Windows\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-06-20 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem38.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 athr;@oem16.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-16 3859968]
R3 bScsiSDa;bScsiSDa; C:\Windows\System32\drivers\bScsiSDa.sys [2013-07-19 82128]
R3 BTATH_BUS;@oem17.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-09-07 34384]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-09-07 594120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-09-06 370504]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-13 4208640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 3613528]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-10-29 27032]
R3 k57nd60a;@oem13.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-07-26 458960]
R3 LMDriver;@oem4.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 RadioShim;@oem4.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2014-06-20 70600]
S3 AthBTPort;@oem20.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-09-07 89800]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BTATH_A2DP;@oem19.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-09-07 338120]
S3 btath_avdt;@oem19.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-09-07 116424]
S3 BTATH_HCRP;@oem22.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-09-07 179432]
S3 BTATH_LWFLT;@oem24.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-09-07 77464]
S3 BTATH_RCP;@oem26.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-09-07 137928]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-06-20 72128]
S3 dg_ssudbus;@oem31.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-10-29 39320]
S3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-13 449496]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-06-20 181704]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]
S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-09-07 312448]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-01-06 1507632]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-01-06 3440080]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-01-06 309232]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2014-12-19 2713856]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-06 101192]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2013-08-03 457768]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-06-20 189912]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-07-06 663592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-19 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
-----------------EOF-----------------
Re: prosím o kontrolu logu, nefunguje ComboFix
Mate pristup k jeho navodu, vite co provadi pri svem skenu\mazani? Tak jak uvadi licence CF??vyosek píše:Zdravim
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu, nefunguje ComboFix
Dobrý den,
nikde jsem nepsal, že ho budu používat sám bez rad tohoto serveru. Jen vím, že se často používá, proto dávám i informaci, že nejde nainstalovat, a tedy asi nepůjde použít.
Jestli si rozumíme, mohu požádat o pomoc?
nikde jsem nepsal, že ho budu používat sám bez rad tohoto serveru. Jen vím, že se často používá, proto dávám i informaci, že nejde nainstalovat, a tedy asi nepůjde použít.
Jestli si rozumíme, mohu požádat o pomoc?
Re: prosím o kontrolu logu, nefunguje ComboFix
Uz tim ze jste jej spustil\pokusil se spustit, jste porusil jeho podminky. Me nemusite informovat o tom, ze nejde, vim to dosti dobre, jelikoz CF neni s W8.1. kompatibilni a autor nam to ihned po vydani W8.1. sdelil. Takze ja bych Vam ani nedaval pokyn k jeho spusteni... Udelejte MBAM dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu, nefunguje ComboFix
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 9. 2. 2015
Scan Time: 16:46:25
Logfile:
Administrator: No
Version: 2.00.4.1028
Malware Database: v2015.02.09.06
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Paja
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 514063
Time Elapsed: 1 hr, 54 min, 6 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 3
PUP.Optional.BrowserGuardian.A, HKLM\SOFTWARE\WOW6432NODE\Browser Guardian, , [bab0f22a701a1026302b3275986b1ae6],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HDQ-1.2cV03.01, , [7eecb765741603337e317e909e679e62],
PUP.Optional.InternetSpeedChecker, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Internet Speed Checker, , [3139110bb4d671c56515c2e38a796f91],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.Proxy.A, C:\Users\Paja\AppData\Local\proxy.log, , [aebc40dc5139b48238096f367b8840c0],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 9. 2. 2015
Scan Time: 16:46:25
Logfile:
Administrator: No
Version: 2.00.4.1028
Malware Database: v2015.02.09.06
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Paja
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 514063
Time Elapsed: 1 hr, 54 min, 6 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 3
PUP.Optional.BrowserGuardian.A, HKLM\SOFTWARE\WOW6432NODE\Browser Guardian, , [bab0f22a701a1026302b3275986b1ae6],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HDQ-1.2cV03.01, , [7eecb765741603337e317e909e679e62],
PUP.Optional.InternetSpeedChecker, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Internet Speed Checker, , [3139110bb4d671c56515c2e38a796f91],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.Proxy.A, C:\Users\Paja\AppData\Local\proxy.log, , [aebc40dc5139b48238096f367b8840c0],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: prosím o kontrolu logu, nefunguje ComboFix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu, nefunguje ComboFix
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Paja (administrator) on PC-PAD on 10-02-2015 04:03:47
Running from C:\Users\Paja\Desktop
Loaded Profiles: Paja (Available profiles: Paja)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Pokki) C:\Users\Paja\AppData\Local\Pokki\Engine\HostAppService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(forum.viry.cz) C:\Users\Paja\Desktop\FRSTLauncher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcfgex.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-12-17] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3674576 2015-01-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2880536 2015-02-09] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1520336514-3769034717-236116784-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={05993E27- ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={05 ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {C09A9654-BB60-4A3D-881C-BE5003198855} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {E63FD759-5593-4899-AF48-3718CB03E3AF} URL =
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com?cid={05993E27- ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\Extensions\avg@toolbar [2015-02-09]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2015-01-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1507632 2015-01-06] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3440080 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1826328 2015-02-09] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-10 04:03 - 2015-02-10 04:04 - 00018746 _____ () C:\Users\Paja\Desktop\FRST.txt
2015-02-10 04:03 - 2015-02-10 04:03 - 00000000 ____D () C:\FRST
2015-02-10 04:02 - 2015-02-10 04:02 - 00112640 _____ (forum.viry.cz) C:\Users\Paja\Desktop\FRSTLauncher.exe
2015-02-10 03:58 - 2015-02-10 03:58 - 02132992 _____ (Farbar) C:\Users\Paja\Desktop\FRST64.exe
2015-02-09 18:42 - 2015-02-09 18:42 - 00001548 _____ () C:\kkk.txt
2015-02-09 18:16 - 2015-02-09 18:16 - 00001961 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-02-09 16:45 - 2015-02-09 16:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-09 16:44 - 2015-02-09 16:44 - 00001078 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-09 16:44 - 2015-02-09 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-09 16:44 - 2015-02-09 16:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-09 16:44 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-09 16:44 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-09 16:44 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-09 16:43 - 2015-02-09 16:43 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Paja\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-09 16:03 - 2015-02-09 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 17:49 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-02-07 19:22 - 2015-02-07 19:22 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\AVG2015
2015-02-07 19:21 - 2015-02-07 19:21 - 00000957 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-02-07 19:21 - 2015-02-07 19:21 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\TuneUp Software
2015-02-07 19:21 - 2015-02-07 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-02-07 19:20 - 2015-02-07 19:21 - 00000000 ____D () C:\ProgramData\AVG2015
2015-02-07 19:20 - 2015-02-07 19:20 - 00000000 ___HD () C:\$AVG
2015-02-07 19:20 - 2015-02-07 19:20 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-02-07 19:16 - 2015-02-10 03:49 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-07 19:16 - 2015-02-07 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\Avg2015
2015-02-07 19:16 - 2015-02-07 19:16 - 00000000 ____D () C:\Users\Paja\AppData\Local\MFAData
2015-02-07 19:15 - 2015-02-07 19:15 - 04579184 _____ (AVG Technologies) C:\Users\Paja\Downloads\avg_free_stb_eu_2015_5315.exe
2015-02-07 03:22 - 2015-02-08 18:14 - 00000000 ____D () C:\Program Files\trend micro
2015-02-07 03:22 - 2015-02-07 03:22 - 00000000 ____D () C:\rsit
2015-02-07 03:18 - 2015-02-07 03:18 - 00001268 _____ () C:\Windows\PFRO.log
2015-02-07 03:18 - 2015-02-07 03:18 - 00000116 _____ () C:\Windows\setupact.log
2015-02-07 03:18 - 2015-02-07 03:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-07 03:17 - 2015-02-10 03:42 - 01120297 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 03:14 - 2015-02-07 03:17 - 00000000 ____D () C:\AdwCleaner
2015-02-07 03:13 - 2015-02-07 03:13 - 00221358 _____ () C:\Users\Paja\Documents\cc_20150207_031322.reg
2015-02-07 03:04 - 2015-02-07 03:04 - 02112512 _____ () C:\Users\Paja\Downloads\adwcleaner_4.110.exe
2015-02-07 02:57 - 2015-02-07 02:58 - 01222144 _____ () C:\Users\Paja\Downloads\RSITx64.exe
2015-02-07 02:54 - 2015-02-07 02:57 - 05325208 _____ (Piriform Ltd) C:\Users\Paja\Downloads\ccsetup502.exe
2015-02-06 18:33 - 2015-02-06 18:33 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-06 18:29 - 2015-02-06 18:31 - 106081972 _____ (alch ) C:\Users\Paja\Downloads\clamwin-0.98.5-setup.exe
2015-02-06 18:28 - 2015-02-06 18:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-06 18:15 - 2015-02-06 18:15 - 00000000 ____D () C:\Windows\erdnt
2015-02-06 18:15 - 2013-12-23 07:33 - 05156441 ____R (Swearware) C:\Users\Paja\Downloads\ComboFix.exe
2015-02-06 18:09 - 2015-02-08 18:04 - 00000000 ____D () C:\Users\Paja\Downloads\fff
2015-02-06 18:08 - 2015-02-06 18:08 - 05153975 _____ () C:\Users\Paja\Downloads\Pro-silně-zavirované-PC--combofix.zip
2015-02-06 17:48 - 2015-02-06 17:48 - 05609462 _____ (Swearware) C:\Users\Paja\Downloads\Ccc.exe
2015-02-06 17:01 - 2015-02-06 17:01 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\WildTangent
2015-02-01 13:11 - 2015-02-01 14:43 - 733734912 _____ () C:\Users\Paja\Downloads\Ovecka-Shaun-cz(od-Lukuz).avi
2015-01-31 21:45 - 2015-01-31 22:24 - 345932879 _____ () C:\Users\Paja\Downloads\Jumper-cz.avi
2015-01-27 23:27 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-17 18:05 - 2015-01-17 21:51 - 2027509760 _____ () C:\Users\Paja\Downloads\expendables-3-postradatelni-3-akcni-thriller-usa-2014-cz-dabing-pres-MultiLoad.cz.avi
2015-01-17 17:04 - 2015-01-17 17:24 - 1472787662 _____ () C:\Users\Paja\Downloads\Ghost.Rider.2.Duch.pomsty.2011_BDRip.CZ_xvid.avi
2015-01-16 23:14 - 2015-01-16 23:34 - 126329468 _____ () C:\Users\Paja\Downloads\Ghost-Rider-2-cz-(Nicolas-Cage)(1).avi
2015-01-16 19:24 - 2015-01-16 19:44 - 780261074 _____ () C:\Users\Paja\Downloads\Vesmírní-kovbojové-cz-dabing.avi
2015-01-16 16:31 - 2015-01-16 16:34 - 625390500 _____ () C:\Users\Paja\Downloads\Ghost-Rider-2-cz-(Nicolas-Cage).avi
2015-01-15 19:19 - 2015-01-15 20:19 - 729839362 _____ () C:\Users\Paja\Downloads\Ghost-Rider-1-cz-(Nicolas-Cage).avi
2015-01-14 09:38 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 09:38 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 09:38 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 09:38 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 09:38 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 09:38 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 09:38 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 09:38 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 09:38 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 09:38 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 09:38 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 09:38 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 09:38 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 09:38 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 09:38 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-14 09:38 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-14 09:38 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-14 09:38 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-14 09:38 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-14 09:38 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 09:38 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-14 09:38 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 09:38 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 09:38 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 18:54 - 2015-01-13 18:54 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-13 18:54 - 2015-01-13 18:54 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2021-10-21 14:36 - 2014-03-12 20:31 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2014-03-12 20:31 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2015-02-10 04:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-10 03:59 - 2014-08-29 14:39 - 00892416 ___SH () C:\Users\Paja\Downloads\Thumbs.db
2015-02-10 03:33 - 2014-10-17 19:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-10 01:27 - 2014-08-03 20:11 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1C3AB334-EB35-4CCA-95E3-0E68CE23E5BB}
2015-02-09 18:41 - 2014-08-03 19:55 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1520336514-3769034717-236116784-1001
2015-02-09 18:16 - 2013-10-31 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-09 18:15 - 2014-08-03 19:51 - 00000000 ____D () C:\Users\Paja\AppData\Local\clear.fi
2015-02-07 19:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-07 19:21 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-02-07 19:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-07 03:25 - 2014-08-03 20:22 - 00000000 ____D () C:\Users\Paja\AppData\Local\CrashDumps
2015-02-07 03:20 - 2014-10-17 20:58 - 00003754 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-07 03:18 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-07 03:06 - 2013-10-31 08:19 - 00000000 ____D () C:\Windows\Panther
2015-02-07 02:56 - 2014-08-03 19:48 - 00000000 ____D () C:\Users\Paja\AppData\Local\Pokki
2015-02-07 02:29 - 2014-03-12 20:50 - 00000000 ____D () C:\ProgramData\Norton
2015-02-06 22:03 - 2014-08-03 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\Doc
2015-02-06 22:01 - 2014-08-03 19:55 - 00000000 ____D () C:\Users\Paja\AppData\Local\ClearfiPhoto
2015-02-06 21:11 - 2014-03-12 20:50 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-02-06 19:50 - 2014-11-29 11:46 - 00000000 ____D () C:\Users\Paja\Downloads\VAG-304-IHR-OBD-2---CZ---FULL-VERSION-+-crack-
2015-02-06 18:33 - 2014-10-17 19:07 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-06 18:24 - 2015-01-04 14:00 - 00000000 ____D () C:\Users\Paja\AppData\Local\Google
2015-02-06 18:16 - 2014-03-12 20:46 - 00743142 _____ () C:\Windows\system32\perfh005.dat
2015-02-06 18:16 - 2014-03-12 20:46 - 00152856 _____ () C:\Windows\system32\perfc005.dat
2015-02-06 18:16 - 2013-10-31 07:27 - 01754528 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 17:54 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-06 17:18 - 2014-11-29 20:24 - 00000479 _____ () C:\Users\Paja\rgut
2015-02-06 17:07 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-06 17:02 - 2013-10-31 07:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-06 17:02 - 2013-10-31 07:30 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-06 17:01 - 2013-10-31 07:30 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-06 16:59 - 2015-01-03 22:53 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\Seznam.cz
2015-02-06 16:59 - 2015-01-03 22:53 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-02-06 16:56 - 2014-08-08 16:53 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-06 16:56 - 2014-08-08 16:53 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-06 16:56 - 2014-08-03 19:49 - 00001426 _____ () C:\Users\Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-03 20:31 - 2014-11-12 14:47 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-12 14:47 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 15:38 - 2015-01-04 13:18 - 00000000 ____D () C:\Users\Paja\Documents\DoctorPC
2015-02-01 13:08 - 2014-08-04 07:08 - 00002329 _____ () C:\Users\Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-01 13:06 - 2014-08-08 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 15:56 - 2014-08-14 20:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 15:51 - 2014-08-14 20:52 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2014-03-12 20:32 - 2014-03-12 20:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Paja\AppData\Local\Temp\Quarantine.exe
C:\Users\Paja\AppData\Local\Temp\sqlite3.dll
C:\Users\Paja\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Paja\Desktop" je 1740 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Paja (administrator) on PC-PAD on 10-02-2015 04:03:47
Running from C:\Users\Paja\Desktop
Loaded Profiles: Paja (Available profiles: Paja)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Pokki) C:\Users\Paja\AppData\Local\Pokki\Engine\HostAppService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(forum.viry.cz) C:\Users\Paja\Desktop\FRSTLauncher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcfgex.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-12-17] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3674576 2015-01-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2880536 2015-02-09] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1520336514-3769034717-236116784-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={05993E27- ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={05 ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {C09A9654-BB60-4A3D-881C-BE5003198855} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {E63FD759-5593-4899-AF48-3718CB03E3AF} URL =
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com?cid={05993E27- ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\Extensions\avg@toolbar [2015-02-09]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2015-01-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1507632 2015-01-06] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3440080 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1826328 2015-02-09] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-10 04:03 - 2015-02-10 04:04 - 00018746 _____ () C:\Users\Paja\Desktop\FRST.txt
2015-02-10 04:03 - 2015-02-10 04:03 - 00000000 ____D () C:\FRST
2015-02-10 04:02 - 2015-02-10 04:02 - 00112640 _____ (forum.viry.cz) C:\Users\Paja\Desktop\FRSTLauncher.exe
2015-02-10 03:58 - 2015-02-10 03:58 - 02132992 _____ (Farbar) C:\Users\Paja\Desktop\FRST64.exe
2015-02-09 18:42 - 2015-02-09 18:42 - 00001548 _____ () C:\kkk.txt
2015-02-09 18:16 - 2015-02-09 18:16 - 00001961 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-02-09 16:45 - 2015-02-09 16:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-09 16:44 - 2015-02-09 16:44 - 00001078 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-09 16:44 - 2015-02-09 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-09 16:44 - 2015-02-09 16:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-09 16:44 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-09 16:44 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-09 16:44 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-09 16:43 - 2015-02-09 16:43 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Paja\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-09 16:03 - 2015-02-09 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 17:49 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-02-07 19:22 - 2015-02-07 19:22 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\AVG2015
2015-02-07 19:21 - 2015-02-07 19:21 - 00000957 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-02-07 19:21 - 2015-02-07 19:21 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\TuneUp Software
2015-02-07 19:21 - 2015-02-07 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-02-07 19:20 - 2015-02-07 19:21 - 00000000 ____D () C:\ProgramData\AVG2015
2015-02-07 19:20 - 2015-02-07 19:20 - 00000000 ___HD () C:\$AVG
2015-02-07 19:20 - 2015-02-07 19:20 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-02-07 19:16 - 2015-02-10 03:49 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-07 19:16 - 2015-02-07 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\Avg2015
2015-02-07 19:16 - 2015-02-07 19:16 - 00000000 ____D () C:\Users\Paja\AppData\Local\MFAData
2015-02-07 19:15 - 2015-02-07 19:15 - 04579184 _____ (AVG Technologies) C:\Users\Paja\Downloads\avg_free_stb_eu_2015_5315.exe
2015-02-07 03:22 - 2015-02-08 18:14 - 00000000 ____D () C:\Program Files\trend micro
2015-02-07 03:22 - 2015-02-07 03:22 - 00000000 ____D () C:\rsit
2015-02-07 03:18 - 2015-02-07 03:18 - 00001268 _____ () C:\Windows\PFRO.log
2015-02-07 03:18 - 2015-02-07 03:18 - 00000116 _____ () C:\Windows\setupact.log
2015-02-07 03:18 - 2015-02-07 03:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-07 03:17 - 2015-02-10 03:42 - 01120297 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 03:14 - 2015-02-07 03:17 - 00000000 ____D () C:\AdwCleaner
2015-02-07 03:13 - 2015-02-07 03:13 - 00221358 _____ () C:\Users\Paja\Documents\cc_20150207_031322.reg
2015-02-07 03:04 - 2015-02-07 03:04 - 02112512 _____ () C:\Users\Paja\Downloads\adwcleaner_4.110.exe
2015-02-07 02:57 - 2015-02-07 02:58 - 01222144 _____ () C:\Users\Paja\Downloads\RSITx64.exe
2015-02-07 02:54 - 2015-02-07 02:57 - 05325208 _____ (Piriform Ltd) C:\Users\Paja\Downloads\ccsetup502.exe
2015-02-06 18:33 - 2015-02-06 18:33 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-06 18:29 - 2015-02-06 18:31 - 106081972 _____ (alch ) C:\Users\Paja\Downloads\clamwin-0.98.5-setup.exe
2015-02-06 18:28 - 2015-02-06 18:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-06 18:15 - 2015-02-06 18:15 - 00000000 ____D () C:\Windows\erdnt
2015-02-06 18:15 - 2013-12-23 07:33 - 05156441 ____R (Swearware) C:\Users\Paja\Downloads\ComboFix.exe
2015-02-06 18:09 - 2015-02-08 18:04 - 00000000 ____D () C:\Users\Paja\Downloads\fff
2015-02-06 18:08 - 2015-02-06 18:08 - 05153975 _____ () C:\Users\Paja\Downloads\Pro-silně-zavirované-PC--combofix.zip
2015-02-06 17:48 - 2015-02-06 17:48 - 05609462 _____ (Swearware) C:\Users\Paja\Downloads\Ccc.exe
2015-02-06 17:01 - 2015-02-06 17:01 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\WildTangent
2015-02-01 13:11 - 2015-02-01 14:43 - 733734912 _____ () C:\Users\Paja\Downloads\Ovecka-Shaun-cz(od-Lukuz).avi
2015-01-31 21:45 - 2015-01-31 22:24 - 345932879 _____ () C:\Users\Paja\Downloads\Jumper-cz.avi
2015-01-27 23:27 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-17 18:05 - 2015-01-17 21:51 - 2027509760 _____ () C:\Users\Paja\Downloads\expendables-3-postradatelni-3-akcni-thriller-usa-2014-cz-dabing-pres-MultiLoad.cz.avi
2015-01-17 17:04 - 2015-01-17 17:24 - 1472787662 _____ () C:\Users\Paja\Downloads\Ghost.Rider.2.Duch.pomsty.2011_BDRip.CZ_xvid.avi
2015-01-16 23:14 - 2015-01-16 23:34 - 126329468 _____ () C:\Users\Paja\Downloads\Ghost-Rider-2-cz-(Nicolas-Cage)(1).avi
2015-01-16 19:24 - 2015-01-16 19:44 - 780261074 _____ () C:\Users\Paja\Downloads\Vesmírní-kovbojové-cz-dabing.avi
2015-01-16 16:31 - 2015-01-16 16:34 - 625390500 _____ () C:\Users\Paja\Downloads\Ghost-Rider-2-cz-(Nicolas-Cage).avi
2015-01-15 19:19 - 2015-01-15 20:19 - 729839362 _____ () C:\Users\Paja\Downloads\Ghost-Rider-1-cz-(Nicolas-Cage).avi
2015-01-14 09:38 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 09:38 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 09:38 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 09:38 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 09:38 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 09:38 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 09:38 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 09:38 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 09:38 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 09:38 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 09:38 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 09:38 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 09:38 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 09:38 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 09:38 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 09:38 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-14 09:38 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-14 09:38 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-14 09:38 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-14 09:38 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-14 09:38 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 09:38 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-14 09:38 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 09:38 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 09:38 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 18:54 - 2015-01-13 18:54 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-13 18:54 - 2015-01-13 18:54 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2021-10-21 14:36 - 2014-03-12 20:31 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2014-03-12 20:31 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2015-02-10 04:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-10 03:59 - 2014-08-29 14:39 - 00892416 ___SH () C:\Users\Paja\Downloads\Thumbs.db
2015-02-10 03:33 - 2014-10-17 19:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-10 01:27 - 2014-08-03 20:11 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1C3AB334-EB35-4CCA-95E3-0E68CE23E5BB}
2015-02-09 18:41 - 2014-08-03 19:55 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1520336514-3769034717-236116784-1001
2015-02-09 18:16 - 2013-10-31 07:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-09 18:15 - 2014-08-03 19:51 - 00000000 ____D () C:\Users\Paja\AppData\Local\clear.fi
2015-02-07 19:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-07 19:21 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-02-07 19:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-07 03:25 - 2014-08-03 20:22 - 00000000 ____D () C:\Users\Paja\AppData\Local\CrashDumps
2015-02-07 03:20 - 2014-10-17 20:58 - 00003754 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-07 03:18 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-07 03:06 - 2013-10-31 08:19 - 00000000 ____D () C:\Windows\Panther
2015-02-07 02:56 - 2014-08-03 19:48 - 00000000 ____D () C:\Users\Paja\AppData\Local\Pokki
2015-02-07 02:29 - 2014-03-12 20:50 - 00000000 ____D () C:\ProgramData\Norton
2015-02-06 22:03 - 2014-08-03 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\Doc
2015-02-06 22:01 - 2014-08-03 19:55 - 00000000 ____D () C:\Users\Paja\AppData\Local\ClearfiPhoto
2015-02-06 21:11 - 2014-03-12 20:50 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-02-06 19:50 - 2014-11-29 11:46 - 00000000 ____D () C:\Users\Paja\Downloads\VAG-304-IHR-OBD-2---CZ---FULL-VERSION-+-crack-
2015-02-06 18:33 - 2014-10-17 19:07 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-06 18:24 - 2015-01-04 14:00 - 00000000 ____D () C:\Users\Paja\AppData\Local\Google
2015-02-06 18:16 - 2014-03-12 20:46 - 00743142 _____ () C:\Windows\system32\perfh005.dat
2015-02-06 18:16 - 2014-03-12 20:46 - 00152856 _____ () C:\Windows\system32\perfc005.dat
2015-02-06 18:16 - 2013-10-31 07:27 - 01754528 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 17:54 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-06 17:18 - 2014-11-29 20:24 - 00000479 _____ () C:\Users\Paja\rgut
2015-02-06 17:07 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-06 17:02 - 2013-10-31 07:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-06 17:02 - 2013-10-31 07:30 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-06 17:01 - 2013-10-31 07:30 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-06 16:59 - 2015-01-03 22:53 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\Seznam.cz
2015-02-06 16:59 - 2015-01-03 22:53 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-02-06 16:56 - 2014-08-08 16:53 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-06 16:56 - 2014-08-08 16:53 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-06 16:56 - 2014-08-03 19:49 - 00001426 _____ () C:\Users\Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-03 20:31 - 2014-11-12 14:47 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-12 14:47 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 15:38 - 2015-01-04 13:18 - 00000000 ____D () C:\Users\Paja\Documents\DoctorPC
2015-02-01 13:08 - 2014-08-04 07:08 - 00002329 _____ () C:\Users\Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-01 13:06 - 2014-08-08 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 15:56 - 2014-08-14 20:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 15:51 - 2014-08-14 20:52 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2014-03-12 20:32 - 2014-03-12 20:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Paja\AppData\Local\Temp\Quarantine.exe
C:\Users\Paja\AppData\Local\Temp\sqlite3.dll
C:\Users\Paja\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Paja\Desktop" je 1740 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (7.08 KiB) Staženo 24 x
Re: prosím o kontrolu logu, nefunguje ComboFix
Odinstalujte AVG Web TuneUp a byt na me, tak dam cele AVG do pryc a nahradim jej Avastem Free Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2880536 2015-02-09] () HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1 HKU\S-1-5-21-1520336514-3769034717-236116784-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={05993E27-081F-404E-A36E-D12409437D48}&mid=66f9603485af47cda1d429e025e431bf-b1b6a54a1d745d78cdc31513f12342f8d999fc67&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={05993E27-081F-404E-A36E-D12409437D48}&mid=66f9603485af47cda1d429e025e431bf-b1b6a54a1d745d78cdc31513f12342f8d999fc67&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {C09A9654-BB60-4A3D-881C-BE5003198855} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194 SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {E63FD759-5593-4899-AF48-3718CB03E3AF} URL = SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194 BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG) BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll (AVG Secure Search) FF SelectedSearchEngine: AVG Secure Search FF Homepage: https://mysearch.avg.com?cid={05993E27-081F-404E-A36E-D12409437D48}&mid=66f9603485af47cda1d429e025e431bf-b1b6a54a1d745d78cdc31513f12342f8d999fc67&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File FF SearchPlugin: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml FF Extension: AVG Web TuneUp - C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\Extensions\avg@toolbar [2015-02-09] R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1826328 2015-02-09] (AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp C:\Program Files (x86)\Common Files\AVG Secure Search 2015-02-10 04:03 - 2015-02-10 04:04 - 00018746 _____ () C:\Users\Paja\Desktop\FRST.txt 2015-02-10 04:02 - 2015-02-10 04:02 - 00112640 _____ (forum.viry.cz) C:\Users\Paja\Desktop\FRSTLauncher.exe 2015-02-09 16:03 - 2015-02-09 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\AVG Web TuneUp 2015-02-09 16:03 - 2015-02-09 17:49 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar 2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp 2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Secure Search 2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp 2015-02-07 19:15 - 2015-02-07 19:15 - 04579184 _____ (AVG Technologies) C:\Users\Paja\Downloads\avg_free_stb_eu_2015_5315.exe 2015-02-07 03:22 - 2015-02-08 18:14 - 00000000 ____D () C:\Program Files\trend micro 2015-02-07 03:22 - 2015-02-07 03:22 - 00000000 ____D () C:\rsit 2015-02-07 03:18 - 2015-02-07 03:18 - 00001268 _____ () C:\Windows\PFRO.log 2015-02-07 03:18 - 2015-02-07 03:18 - 00000116 _____ () C:\Windows\setupact.log 2015-02-07 03:18 - 2015-02-07 03:18 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-07 03:14 - 2015-02-07 03:17 - 00000000 ____D () C:\AdwCleaner 2015-02-07 03:13 - 2015-02-07 03:13 - 00221358 _____ () C:\Users\Paja\Documents\cc_20150207_031322.reg 2015-02-07 03:04 - 2015-02-07 03:04 - 02112512 _____ () C:\Users\Paja\Downloads\adwcleaner_4.110.exe 2015-02-07 02:57 - 2015-02-07 02:58 - 01222144 _____ () C:\Users\Paja\Downloads\RSITx64.exe 2015-02-07 02:54 - 2015-02-07 02:57 - 05325208 _____ (Piriform Ltd) C:\Users\Paja\Downloads\ccsetup502.exe 2015-02-06 18:33 - 2015-02-06 18:33 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-02-06 18:29 - 2015-02-06 18:31 - 106081972 _____ (alch ) C:\Users\Paja\Downloads\clamwin-0.98.5-setup.exe 2015-02-06 18:15 - 2013-12-23 07:33 - 05156441 ____R (Swearware) C:\Users\Paja\Downloads\ComboFix.exe 2015-02-06 18:09 - 2015-02-08 18:04 - 00000000 ____D () C:\Users\Paja\Downloads\fff 2015-02-06 18:08 - 2015-02-06 18:08 - 05153975 _____ () C:\Users\Paja\Downloads\Pro-silně-zavirované-PC--combofix.zip 2015-02-06 17:48 - 2015-02-06 17:48 - 05609462 _____ (Swearware) C:\Users\Paja\Downloads\Ccc.exe 2015-02-06 17:01 - 2015-02-06 17:01 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\WildTangent 2015-02-07 03:20 - 2014-10-17 20:58 - 00003754 _____ () C:\Windows\System32\Tasks\AutoKMS 2015-02-07 02:56 - 2014-08-03 19:48 - 00000000 ____D () C:\Users\Paja\AppData\Local\Pokki Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu, nefunguje ComboFix
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Paja at 2015-02-10 12:55:40 Run:1
Running from C:\Users\Paja\Desktop
Loaded Profiles: Paja (Available profiles: Paja)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2880536 2015-02-09] ()
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1520336514-3769034717-236116784-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={05993E27- ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={05 ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {C09A9654-BB60-4A3D-881C-BE5003198855} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {E63FD759-5593-4899-AF48-3718CB03E3AF} URL =
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll (AVG Secure Search)
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com?cid={05993E27- ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF SearchPlugin: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\Extensions\avg@toolbar [2015-02-09]
R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1826328 2015-02-09] (AVG Secure Search)
C:\Program Files (x86)\AVG Web TuneUp
C:\Program Files (x86)\Common Files\AVG Secure Search
2015-02-10 04:03 - 2015-02-10 04:04 - 00018746 _____ () C:\Users\Paja\Desktop\FRST.txt
2015-02-10 04:02 - 2015-02-10 04:02 - 00112640 _____ (forum.viry.cz) C:\Users\Paja\Desktop\FRSTLauncher.exe
2015-02-09 16:03 - 2015-02-09 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 17:49 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-02-07 19:15 - 2015-02-07 19:15 - 04579184 _____ (AVG Technologies) C:\Users\Paja\Downloads\avg_free_stb_eu_2015_5315.exe
2015-02-07 03:22 - 2015-02-08 18:14 - 00000000 ____D () C:\Program Files\trend micro
2015-02-07 03:22 - 2015-02-07 03:22 - 00000000 ____D () C:\rsit
2015-02-07 03:18 - 2015-02-07 03:18 - 00001268 _____ () C:\Windows\PFRO.log
2015-02-07 03:18 - 2015-02-07 03:18 - 00000116 _____ () C:\Windows\setupact.log
2015-02-07 03:18 - 2015-02-07 03:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-07 03:14 - 2015-02-07 03:17 - 00000000 ____D () C:\AdwCleaner
2015-02-07 03:13 - 2015-02-07 03:13 - 00221358 _____ () C:\Users\Paja\Documents\cc_20150207_031322.reg
2015-02-07 03:04 - 2015-02-07 03:04 - 02112512 _____ () C:\Users\Paja\Downloads\adwcleaner_4.110.exe
2015-02-07 02:57 - 2015-02-07 02:58 - 01222144 _____ () C:\Users\Paja\Downloads\RSITx64.exe
2015-02-07 02:54 - 2015-02-07 02:57 - 05325208 _____ (Piriform Ltd) C:\Users\Paja\Downloads\ccsetup502.exe
2015-02-06 18:33 - 2015-02-06 18:33 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-06 18:29 - 2015-02-06 18:31 - 106081972 _____ (alch ) C:\Users\Paja\Downloads\clamwin-0.98.5-setup.exe
2015-02-06 18:15 - 2013-12-23 07:33 - 05156441 ____R (Swearware) C:\Users\Paja\Downloads\ComboFix.exe
2015-02-06 18:09 - 2015-02-08 18:04 - 00000000 ____D () C:\Users\Paja\Downloads\fff
2015-02-06 18:08 - 2015-02-06 18:08 - 05153975 _____ () C:\Users\Paja\Downloads\Pro-silně-zavirované-PC--combofix.zip
2015-02-06 17:48 - 2015-02-06 17:48 - 05609462 _____ (Swearware) C:\Users\Paja\Downloads\Ccc.exe
2015-02-06 17:01 - 2015-02-06 17:01 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\WildTangent
2015-02-07 03:20 - 2014-10-17 20:58 - 00003754 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-07 02:56 - 2014-08-03 19:48 - 00000000 ____D () C:\Users\Paja\AppData\Local\Pokki
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => Value not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1520336514-3769034717-236116784-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
"HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C09A9654-BB60-4A3D-881C-BE5003198855}" => Key deleted successfully.
HKCR\CLSID\{C09A9654-BB60-4A3D-881C-BE5003198855} => Key not found.
"HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E63FD759-5593-4899-AF48-3718CB03E3AF}" => Key deleted successfully.
HKCR\CLSID\{E63FD759-5593-4899-AF48-3718CB03E3AF} => Key not found.
"HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021}" => Key deleted successfully.
HKCR\CLSID\{F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\viprotocol => Key not found.
HKCR\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => Key not found.
"C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\searchplugins\avg-secure-search.xml" => not found.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml => Moved successfully.
C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\Extensions\avg@toolbar not found.
vToolbarUpdater18.3.0 => Service not found.
C:\Program Files (x86)\AVG Web TuneUp => Moved successfully.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
C:\Users\Paja\Desktop\FRST.txt => Moved successfully.
C:\Users\Paja\Desktop\FRSTLauncher.exe => Moved successfully.
"C:\Users\Paja\AppData\Local\AVG Web TuneUp" => File/Directory not found.
C:\ProgramData\AVG Security Toolbar => Moved successfully.
"C:\ProgramData\AVG Web TuneUp" => File/Directory not found.
"C:\ProgramData\AVG Secure Search" => File/Directory not found.
"C:\Program Files\AVG Web TuneUp" => File/Directory not found.
"C:\Program Files (x86)\AVG Web TuneUp" => File/Directory not found.
C:\Users\Paja\Downloads\avg_free_stb_eu_2015_5315.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Paja\Documents\cc_20150207_031322.reg => Moved successfully.
C:\Users\Paja\Downloads\adwcleaner_4.110.exe => Moved successfully.
C:\Users\Paja\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Paja\Downloads\ccsetup502.exe => Moved successfully.
C:\Windows\SysWOW64\FlashPlayerInstaller.exe => Moved successfully.
C:\Users\Paja\Downloads\clamwin-0.98.5-setup.exe => Moved successfully.
C:\Users\Paja\Downloads\ComboFix.exe => Moved successfully.
C:\Users\Paja\Downloads\fff => Moved successfully.
C:\Users\Paja\Downloads\Pro-silně-zavirované-PC--combofix.zip => Moved successfully.
C:\Users\Paja\Downloads\Ccc.exe => Moved successfully.
C:\Users\Paja\AppData\Roaming\WildTangent => Moved successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
C:\Users\Paja\AppData\Local\Pokki => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 688.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 12:57:49 ====
Ran by Paja at 2015-02-10 12:55:40 Run:1
Running from C:\Users\Paja\Desktop
Loaded Profiles: Paja (Available profiles: Paja)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2880536 2015-02-09] ()
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1520336514-3769034717-236116784-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={05993E27- ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={05 ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {C09A9654-BB60-4A3D-881C-BE5003198855} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {E63FD759-5593-4899-AF48-3718CB03E3AF} URL =
SearchScopes: HKU\S-1-5-21-1520336514-3769034717-236116784-1001 -> {F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.6.10\AVG Web TuneUp.dll (AVG)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll (AVG Secure Search)
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com?cid={05993E27- ... 2015-02-09 16:03:38&v=4.0.6.10&pid=wtu&sg=&sap=hp
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF SearchPlugin: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\Extensions\avg@toolbar [2015-02-09]
R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1826328 2015-02-09] (AVG Secure Search)
C:\Program Files (x86)\AVG Web TuneUp
C:\Program Files (x86)\Common Files\AVG Secure Search
2015-02-10 04:03 - 2015-02-10 04:04 - 00018746 _____ () C:\Users\Paja\Desktop\FRST.txt
2015-02-10 04:02 - 2015-02-10 04:02 - 00112640 _____ (forum.viry.cz) C:\Users\Paja\Desktop\FRSTLauncher.exe
2015-02-09 16:03 - 2015-02-09 20:04 - 00000000 ____D () C:\Users\Paja\AppData\Local\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 17:49 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2015-02-09 16:03 - 2015-02-09 16:03 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-02-07 19:15 - 2015-02-07 19:15 - 04579184 _____ (AVG Technologies) C:\Users\Paja\Downloads\avg_free_stb_eu_2015_5315.exe
2015-02-07 03:22 - 2015-02-08 18:14 - 00000000 ____D () C:\Program Files\trend micro
2015-02-07 03:22 - 2015-02-07 03:22 - 00000000 ____D () C:\rsit
2015-02-07 03:18 - 2015-02-07 03:18 - 00001268 _____ () C:\Windows\PFRO.log
2015-02-07 03:18 - 2015-02-07 03:18 - 00000116 _____ () C:\Windows\setupact.log
2015-02-07 03:18 - 2015-02-07 03:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-07 03:14 - 2015-02-07 03:17 - 00000000 ____D () C:\AdwCleaner
2015-02-07 03:13 - 2015-02-07 03:13 - 00221358 _____ () C:\Users\Paja\Documents\cc_20150207_031322.reg
2015-02-07 03:04 - 2015-02-07 03:04 - 02112512 _____ () C:\Users\Paja\Downloads\adwcleaner_4.110.exe
2015-02-07 02:57 - 2015-02-07 02:58 - 01222144 _____ () C:\Users\Paja\Downloads\RSITx64.exe
2015-02-07 02:54 - 2015-02-07 02:57 - 05325208 _____ (Piriform Ltd) C:\Users\Paja\Downloads\ccsetup502.exe
2015-02-06 18:33 - 2015-02-06 18:33 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-06 18:29 - 2015-02-06 18:31 - 106081972 _____ (alch ) C:\Users\Paja\Downloads\clamwin-0.98.5-setup.exe
2015-02-06 18:15 - 2013-12-23 07:33 - 05156441 ____R (Swearware) C:\Users\Paja\Downloads\ComboFix.exe
2015-02-06 18:09 - 2015-02-08 18:04 - 00000000 ____D () C:\Users\Paja\Downloads\fff
2015-02-06 18:08 - 2015-02-06 18:08 - 05153975 _____ () C:\Users\Paja\Downloads\Pro-silně-zavirované-PC--combofix.zip
2015-02-06 17:48 - 2015-02-06 17:48 - 05609462 _____ (Swearware) C:\Users\Paja\Downloads\Ccc.exe
2015-02-06 17:01 - 2015-02-06 17:01 - 00000000 ____D () C:\Users\Paja\AppData\Roaming\WildTangent
2015-02-07 03:20 - 2014-10-17 20:58 - 00003754 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-07 02:56 - 2014-08-03 19:48 - 00000000 ____D () C:\Users\Paja\AppData\Local\Pokki
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => Value not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1520336514-3769034717-236116784-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
"HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C09A9654-BB60-4A3D-881C-BE5003198855}" => Key deleted successfully.
HKCR\CLSID\{C09A9654-BB60-4A3D-881C-BE5003198855} => Key not found.
"HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E63FD759-5593-4899-AF48-3718CB03E3AF}" => Key deleted successfully.
HKCR\CLSID\{E63FD759-5593-4899-AF48-3718CB03E3AF} => Key not found.
"HKU\S-1-5-21-1520336514-3769034717-236116784-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021}" => Key deleted successfully.
HKCR\CLSID\{F7C3BE5C-9EA9-4C5B-83CA-8EDF00FAD021} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\viprotocol => Key not found.
HKCR\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => Key not found.
"C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\searchplugins\avg-secure-search.xml" => not found.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml => Moved successfully.
C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\sxgw3jh7.default\Extensions\avg@toolbar not found.
vToolbarUpdater18.3.0 => Service not found.
C:\Program Files (x86)\AVG Web TuneUp => Moved successfully.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
C:\Users\Paja\Desktop\FRST.txt => Moved successfully.
C:\Users\Paja\Desktop\FRSTLauncher.exe => Moved successfully.
"C:\Users\Paja\AppData\Local\AVG Web TuneUp" => File/Directory not found.
C:\ProgramData\AVG Security Toolbar => Moved successfully.
"C:\ProgramData\AVG Web TuneUp" => File/Directory not found.
"C:\ProgramData\AVG Secure Search" => File/Directory not found.
"C:\Program Files\AVG Web TuneUp" => File/Directory not found.
"C:\Program Files (x86)\AVG Web TuneUp" => File/Directory not found.
C:\Users\Paja\Downloads\avg_free_stb_eu_2015_5315.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Paja\Documents\cc_20150207_031322.reg => Moved successfully.
C:\Users\Paja\Downloads\adwcleaner_4.110.exe => Moved successfully.
C:\Users\Paja\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Paja\Downloads\ccsetup502.exe => Moved successfully.
C:\Windows\SysWOW64\FlashPlayerInstaller.exe => Moved successfully.
C:\Users\Paja\Downloads\clamwin-0.98.5-setup.exe => Moved successfully.
C:\Users\Paja\Downloads\ComboFix.exe => Moved successfully.
C:\Users\Paja\Downloads\fff => Moved successfully.
C:\Users\Paja\Downloads\Pro-silně-zavirované-PC--combofix.zip => Moved successfully.
C:\Users\Paja\Downloads\Ccc.exe => Moved successfully.
C:\Users\Paja\AppData\Roaming\WildTangent => Moved successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
C:\Users\Paja\AppData\Local\Pokki => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 688.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 12:57:49 ====
Re: prosím o kontrolu logu, nefunguje ComboFix
Jak se chova PC???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu, nefunguje ComboFix
Dobrý den,
Nainstaloval jsem ten Avast. Všechno se zdá ok.
Nainstaloval jsem ten Avast. Všechno se zdá ok.
Re: prosím o kontrolu logu, nefunguje ComboFix
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?