Dobré ráno, prosím o preventivku

Zpráva

Ecinazuz · #1 Příspěvek od **Ecinazuz** » 22 bře 2015 07:51

Dobrý den milí rádcové, prosím o preventivku, nevím, zda se děje něco zvláštního, ale asi 3 x se mi po restartu či zapnutí PC zdálo divné chování ( v posledních cca14 dnech)- po spuštění nejprve naskočila černá obraz. s okýnkem NO signal... ale pak se to spustí.
pro jistotu tedy log.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Safrovi at 2015-03-22 07:43:08
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 1817 GB (96%) free of 1892 GB
Total RAM: 8129 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:43:12, on 22.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Safrovi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13962 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3468
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-be572ac8-3e32-4491-85ec-0f79c490da18 -SystemEventPortName:HostProcess-7600640a-9a49-46eb-aa1e-65742d29e9e1 -IoCancelEventPortName:HostProcess-dd6c3a85-46ef-4b99-a7ba-419db2b7f507 -NonStateChangingEventPortName:HostProcess-06a2f2ae-4a50-4e36-a588-ee038b05a84a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7fa48364-d001-4ecd-8bee-18d158b52611 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
taskeng.exe {4B7B88AB-A17C-4503-BE36-8F2E18CCF903}
taskeng.exe {BF82411E-AF8B-4AAE-BBB3-A12B8C60D236}

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Safrovi\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041068d2d5829.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8d75ec939fc0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForSAFROVI-HP$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForSAFROVI-HP$ (null)
C:\Windows\tasks\HPCeeScheduleForSafrovi.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForSafrovi (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=undefined&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default\searchplugins\
firmycz.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10 886488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-09 122456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-02-10 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10 710864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-30 1425408]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-03-30 37888]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-09-22 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-11-06 290688]
"HP KEYBOARDx"=C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [2010-02-11 710656]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-10-16 684064]
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-09 12310616]
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-22 07:43:08 ----D---- C:\rsit
2015-03-22 07:43:08 ----D---- C:\Program Files\trend micro
2015-03-21 20:53:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 05:38:39 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 05:38:39 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 05:38:39 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 05:38:38 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 05:38:37 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 05:38:35 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 05:38:35 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 05:38:35 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 05:38:35 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 05:38:35 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 05:38:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 05:38:35 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 05:38:35 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 05:38:35 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 05:38:34 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 05:38:34 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 05:38:34 ----A---- C:\Windows\system32\evr.dll
2015-03-11 05:38:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 05:38:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 05:38:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-11 05:38:32 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 05:38:32 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 05:38:32 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 05:38:32 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 05:38:31 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 05:38:31 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 05:38:31 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 05:38:31 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 05:38:31 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 05:38:31 ----A---- C:\Windows\system32\mf.dll
2015-03-11 05:38:31 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 05:38:31 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\winload.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\smss.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 05:38:30 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\ci.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 05:38:29 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 05:38:29 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 05:38:15 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 05:38:15 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 05:38:14 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 05:38:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 05:38:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 05:38:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 05:38:09 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 05:38:09 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 05:38:09 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 05:38:06 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 05:38:06 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 05:38:06 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 05:38:06 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 05:38:05 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-11 05:38:02 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 05:38:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 05:38:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 05:38:02 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-11 05:38:01 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 05:38:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 05:38:01 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 05:38:00 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 05:37:59 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 05:37:57 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 05:37:57 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 05:37:56 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-11 05:37:56 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-09 17:14:46 ----D---- C:\Program Files\Common Files\DESIGNER
2015-03-03 21:36:20 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-03-03 21:36:20 ----A---- C:\Windows\system32\wdi.dll
2015-03-03 21:36:20 ----A---- C:\Windows\system32\powertracker.dll
2015-03-03 21:36:20 ----A---- C:\Windows\system32\perftrack.dll
2015-02-28 13:10:15 ----D---- C:\Program Files (x86)\PMlabs

======List of files/folders modified in the last 1 month======

2015-03-22 07:43:12 ----D---- C:\Windows\Prefetch
2015-03-22 07:43:09 ----D---- C:\Windows\Temp
2015-03-22 07:43:08 ----RD---- C:\Program Files
2015-03-22 07:39:20 ----D---- C:\Windows\system32\config
2015-03-22 07:29:39 ----A---- C:\Windows\SYSWOW64\log.txt
2015-03-22 07:27:44 ----D---- C:\ProgramData\PDFC
2015-03-22 07:26:54 ----D---- C:\Windows
2015-03-22 07:26:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 23:18:30 ----RD---- C:\Program Files (x86)
2015-03-21 23:18:03 ----D---- C:\Windows\inf
2015-03-21 11:13:43 ----SHD---- C:\System Volume Information
2015-03-20 12:28:28 ----D---- C:\Windows\SoftwareDistribution
2015-03-20 12:24:12 ----D---- C:\Program Files\Defraggler
2015-03-19 09:01:18 ----D---- C:\Windows\System32
2015-03-19 09:01:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-18 22:24:52 ----D---- C:\Users\Safrovi\AppData\Roaming\VSO
2015-03-17 14:04:23 ----D---- C:\Windows\Tasks
2015-03-17 14:04:23 ----D---- C:\Windows\system32\Tasks
2015-03-16 19:26:31 ----D---- C:\Windows\Microsoft.NET
2015-03-16 18:42:40 ----RSD---- C:\Windows\assembly
2015-03-16 18:19:03 ----SHD---- C:\Windows\Installer
2015-03-16 18:18:38 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-03-16 18:17:51 ----D---- C:\Program Files\Microsoft Office 15
2015-03-13 07:27:18 ----D---- C:\Windows\winsxs
2015-03-13 06:32:51 ----D---- C:\Windows\system32\catroot2
2015-03-11 22:29:06 ----D---- C:\Windows\debug
2015-03-11 15:56:51 ----D---- C:\Windows\rescache
2015-03-11 07:14:29 ----D---- C:\Windows\SysWOW64
2015-03-11 07:14:28 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-11 07:14:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-11 07:14:28 ----D---- C:\Program Files\Windows Media Player
2015-03-11 07:14:28 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-11 07:14:27 ----D---- C:\Windows\system32\en-US
2015-03-11 07:14:27 ----D---- C:\Windows\system32\drivers
2015-03-11 07:14:27 ----D---- C:\Windows\system32\Dism
2015-03-11 07:14:27 ----D---- C:\Windows\system32\cs-CZ
2015-03-11 07:14:26 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-11 07:14:26 ----D---- C:\Windows\system32\Boot
2015-03-11 07:14:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-11 07:14:23 ----D---- C:\Program Files\Internet Explorer
2015-03-11 07:14:23 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 05:57:00 ----D---- C:\Windows\system32\MRT
2015-03-11 05:54:35 ----A---- C:\Windows\system32\MRT.exe
2015-03-09 17:14:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-03-09 17:14:46 ----D---- C:\Program Files\Common Files
2015-03-04 09:18:41 ----D---- C:\Windows\tracing
2015-03-03 22:44:46 ----D---- C:\ProgramData\tmp
2015-02-28 22:46:49 ----D---- C:\Program Files\CCleaner
2015-02-24 04:17:24 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-09-22 63160]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2013-04-30 677360]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2013-04-30 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2012-11-06 20024]
R0 MfeEpeOpal;MfeEpeOpal; C:\Windows\system32\drivers\MfeEpeOpal.sys [2013-02-21 91176]
R0 MfeEpePc;MfeEpePc; C:\Windows\system32\drivers\MfeEpePc.sys [2013-02-21 158760]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-09-22 44632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-09-22 222280]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2013-03-25 108312]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2012-11-06 358456]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2012-11-06 791608]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-09-20 108656]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\HECIx64.sys [2012-04-11 60184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-04 189288]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-03-30 535040]
S1 iSafeKrnlR3;iSafeKrnl Ring3 Driver; \??\C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys []
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2012-11-09 64832]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-02-10 2714800]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-07-21 494456]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-09-16 1350112]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPFSService;File Sanitizer for HP ProtectTools; c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-09 372824]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-04-11 277784]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2013-02-21 1327104]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-24 884512]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-10-16 1135136]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-30 311296]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-14 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2012-11-19 477056]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-13 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-21 148080]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-02-12 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-02-12 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 22 bře 2015 09:03

Zdravim

Ta cerna obrazovka jen problikne, nebo je tam dele?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Ecinazuz · #3 Příspěvek od **Ecinazuz** » 22 bře 2015 10:47

ta černá tam byla cca 10-20 sec a pohybovalo se okno s nápisem no signal, ale pak to naběhlo

Ecinazuz · #4 Příspěvek od **Ecinazuz** » 22 bře 2015 11:08

# AdwCleaner v4.112 - Logfile created 22/03/2015 at 11:03:38
# Updated 09/03/2015 by Xplode
# Database : 2015-03-22.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Safrovi - SAFROVI-HP
# Running from : C:\Users\Safrovi\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : iSafeKrnlR3

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Safrovi\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Safrovi\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File Deleted : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
File Deleted : C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

-\\ Mozilla Firefox v36.0.4 (x86 cs)

-\\ Google Chrome v41.0.2272.101

*************************

AdwCleaner[R0].txt - [3004 bytes] - [22/03/2015 10:49:42]
AdwCleaner[R1].txt - [3063 bytes] - [22/03/2015 11:00:52]
AdwCleaner[S0].txt - [3100 bytes] - [22/03/2015 11:03:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3159 bytes] ##########

#5 Příspěvek od **Márty84** » 22 bře 2015 11:35

Jedna se o stolni pc, nebo notas?

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Ecinazuz · #6 Příspěvek od **Ecinazuz** » 22 bře 2015 11:49

stolní PC

Ecinazuz · #7 Příspěvek od **Ecinazuz** » 22 bře 2015 12:44

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.3.2015
Čas skenování: 11:54:19
Protokol: malware výsledky sken.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.03.22.03
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Safrovi

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 502540
Uplynulý čas: 46 min, 40 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
FraudTool.YAC, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\iSafeKrnlBoot.sys.vir, , [7615b5936f1bd95d801be2502ad8ce32],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#8 Příspěvek od **Márty84** » 22 bře 2015 13:23

MBAM muzete odinstalovat (nalez uz je v karantene ADWCleaneru, takze je neskodny)

Zkontrolujte, zda je poradne upevnena snura spojujici bednu s monitorem.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Ecinazuz · #9 Příspěvek od **Ecinazuz** » 22 bře 2015 14:07

tohle mi jde stáhnout tažení Farbar Recovery Scan Tool
ale toto je blokováno i při vypnutém antivuru Stažení FRSTLauncheru

#10 Příspěvek od **Márty84** » 22 bře 2015 14:12

Tak mi dejte log jen ze samotneho FRST, bez Launcheru. Sice nebude tak podrobny, ale nevadi. Dejte mi k nemu i novy log z RSIT a ja uz si z toho vytahnu co potrebuju a sepisu skript

Ecinazuz · #11 Příspěvek od **Ecinazuz** » 22 bře 2015 14:16

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Safrovi (administrator) on SAFROVI-HP on 22-03-2015 14:14:26
Running from C:\Users\Safrovi\Desktop
Loaded Profiles: Safrovi (Available profiles: Safrovi)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-30] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2014-09-22] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-11-06] (Intel Corporation)
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684064 2012-10-16] (PDF Complete Inc)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM -> {32D14CA0-5EF8-4F80-993B-2E368DFAD94D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {32D14CA0-5EF8-4F80-993B-2E368DFAD94D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002 -> {32D14CA0-5EF8-4F80-993B-2E368DFAD94D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-09] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-10-04] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default
FF Homepage: www.seznam.cz
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=undefined&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-04] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-10-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-10-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-21] (Digital Persona, Inc.)
FF SearchPlugin: C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default\searchplugins\firmycz.xml [2013-12-16]
FF SearchPlugin: C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default\searchplugins\mapycz.xml [2013-12-16]
FF SearchPlugin: C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default\searchplugins\zbocz.xml [2013-12-16]
FF Extension: Speed Dial - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-12-16]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-21]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-09-30]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-21]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-19]
CHR Extension: (Google Drive) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-19]
CHR Extension: (YouTube) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-19]
CHR Extension: (Google Search) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-19]
CHR Extension: (Skype Click to Call) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-16]
CHR Extension: (Google Wallet) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-19]
CHR Extension: (Gmail) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-21] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1350112 2014-09-16] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-02-21] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135136 2012-10-16] (PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [311296 2012-03-30] (IDT, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-09-22] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-09-22] (ESET)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91176 2013-02-21] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-02-21] (McAfee, Inc.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 14:14 - 2015-03-22 14:14 - 00019602 _____ () C:\Users\Safrovi\Desktop\FRST.txt
2015-03-22 14:13 - 2015-03-22 14:14 - 00000000 ____D () C:\FRST
2015-03-22 14:00 - 2015-03-22 14:00 - 02095616 _____ (Farbar) C:\Users\Safrovi\Desktop\FRST64.exe
2015-03-22 12:42 - 2015-03-22 12:42 - 00001266 _____ () C:\Users\Safrovi\Desktop\malware výsledky sken.txt
2015-03-22 10:49 - 2015-03-22 11:03 - 00000000 ____D () C:\AdwCleaner
2015-03-22 10:47 - 2015-03-22 10:47 - 02171392 _____ () C:\Users\Safrovi\Desktop\adwcleaner_4.112.exe
2015-03-22 08:37 - 2015-03-22 08:38 - 00000000 ____D () C:\Users\Safrovi\Desktop\květuška
2015-03-22 07:43 - 2015-03-22 07:43 - 00000000 ____D () C:\rsit
2015-03-22 07:43 - 2015-03-22 07:43 - 00000000 ____D () C:\Program Files\trend micro
2015-03-22 07:40 - 2015-03-22 07:41 - 01222144 _____ () C:\Users\Safrovi\Desktop\RSITx64.exe
2015-03-22 07:26 - 2015-03-22 11:04 - 00000112 _____ () C:\Windows\setupact.log
2015-03-22 07:26 - 2015-03-22 07:26 - 00000398 _____ () C:\Windows\PFRO.log
2015-03-22 07:26 - 2015-03-22 07:26 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-21 20:53 - 2015-03-21 20:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 12:27 - 2015-03-22 11:30 - 00166550 _____ () C:\Windows\WindowsUpdate.log
2015-03-20 00:02 - 2015-03-20 00:02 - 00012019 _____ () C:\Users\Safrovi\Desktop\slepičky a kohoutek.txt
2015-03-17 23:13 - 2015-03-17 23:23 - 00004012 _____ () C:\Users\Safrovi\Desktop\bouřka mraky.txt
2015-03-12 19:32 - 2015-03-12 19:32 - 00024444 _____ () C:\Users\Safrovi\Downloads\johnny_automatic_snowdrop.svg
2015-03-11 22:29 - 2015-03-11 22:29 - 00000188 _____ () C:\Users\Safrovi\Documents\cc_20150311_222923.reg
2015-03-11 05:38 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 05:38 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 05:38 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 05:38 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 05:38 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 05:38 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 05:38 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 05:38 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 05:38 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 05:38 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 05:38 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 05:38 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 05:38 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 05:38 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 05:38 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 05:38 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 05:38 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 05:38 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 05:38 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 05:38 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 05:38 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 05:38 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 05:38 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 05:38 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 05:38 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 05:38 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 05:38 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 05:38 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 05:38 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 05:38 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 05:38 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 05:38 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 05:38 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 05:38 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 05:38 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 05:38 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 05:38 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 05:38 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 05:38 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 05:38 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 05:38 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 05:38 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 05:38 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 05:38 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 05:38 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 05:38 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 05:38 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 05:38 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 05:38 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 05:38 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 05:38 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 05:38 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 05:38 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 05:38 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 05:38 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 05:38 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 05:38 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 05:38 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 05:38 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 05:38 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 05:38 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 05:38 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 05:38 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 05:38 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 05:38 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 05:38 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 05:38 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 05:38 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 05:38 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 05:38 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 05:38 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 05:38 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 05:38 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 05:38 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 05:38 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 05:38 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 05:38 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 05:38 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 05:38 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 05:38 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 05:38 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 05:38 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 05:38 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 05:38 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 05:38 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 05:38 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 05:38 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 05:38 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 05:38 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 05:38 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 05:38 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 05:38 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 05:38 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 05:38 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 05:38 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 05:38 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 05:38 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 05:38 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 05:38 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 05:38 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 05:38 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 05:38 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 05:38 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 05:38 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 05:38 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 05:38 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 05:38 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 05:38 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 05:38 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 05:37 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 05:37 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 05:37 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 05:37 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 05:37 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 05:37 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 05:37 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 05:37 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 05:37 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 05:37 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 05:37 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 05:37 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 05:37 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 05:37 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 05:37 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 05:37 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 05:37 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 05:37 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 05:37 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 05:37 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 05:37 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 05:37 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 10:44 - 2015-03-10 10:44 - 00000470 _____ () C:\Users\Safrovi\Documents\cc_20150310_104436.reg
2015-03-10 10:44 - 2015-03-10 10:44 - 00000174 _____ () C:\Users\Safrovi\Documents\cc_20150310_104451.reg
2015-03-09 17:14 - 2015-03-09 17:14 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-03-04 18:11 - 2015-03-07 09:34 - 00011275 _____ () C:\Users\Safrovi\Desktop\Sešit1- graf.xlsx
2015-03-03 23:51 - 2015-03-03 23:51 - 00000460 _____ () C:\Users\Safrovi\Documents\cc_20150303_235120.reg
2015-03-03 21:36 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:36 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:36 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:36 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-03 09:57 - 2015-03-03 10:02 - 00000000 ____D () C:\Users\Safrovi\Desktop\karneval
2015-03-03 09:03 - 2015-03-22 10:42 - 00000000 ____D () C:\Users\Safrovi\Desktop\VÝTVARNÉ PRÁCE MŠ
2015-02-28 22:47 - 2015-02-28 22:47 - 00000542 _____ () C:\Users\Safrovi\Documents\cc_20150228_224724.reg
2015-02-28 13:10 - 2015-02-28 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\waterMark V2
2015-02-28 13:10 - 2015-02-28 13:14 - 00000000 ____D () C:\Program Files (x86)\PMlabs
2015-02-26 22:52 - 2015-02-26 22:52 - 00000460 _____ () C:\Users\Safrovi\Documents\cc_20150226_225251.reg
2015-02-26 15:40 - 2015-02-26 15:41 - 00181210 _____ () C:\Users\Safrovi\Downloads\1500-pohádek-pro-děti.-Pohádky-zdarma-ke-stažení.-Doc-texty.htm
2015-02-25 06:40 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 06:40 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-20 20:03 - 2015-02-20 20:03 - 00048393 _____ () C:\Users\Safrovi\Downloads\vexernxxek.jpeg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 13:55 - 2013-09-30 23:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-22 13:47 - 2015-02-05 06:42 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e.job
2015-03-22 13:47 - 2014-06-21 18:26 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d75ec939fc0.job
2015-03-22 11:34 - 2009-07-14 05:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 11:34 - 2009-07-14 05:45 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 11:05 - 2013-09-30 23:23 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-22 11:04 - 2015-02-05 06:42 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829.job
2015-03-22 11:04 - 2013-12-19 10:59 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 11:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-22 11:03 - 2014-07-05 20:42 - 00000000 ____D () C:\Windows\system32\log
2015-03-22 11:03 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-22 07:26 - 2013-12-16 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 21:31 - 2014-08-29 16:57 - 00000000 ____D () C:\Users\Safrovi\Desktop\ŠKOLKA PŘÍPRAVY 2015
2015-03-21 19:41 - 2015-02-07 21:24 - 00007595 _____ () C:\Users\Safrovi\Desktop\Artikulační cvičení.txt
2015-03-21 18:48 - 2013-12-19 10:59 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-21 14:04 - 2014-07-27 07:24 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSafrovi
2015-03-21 14:04 - 2014-07-27 07:24 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForSafrovi.job
2015-03-20 21:38 - 2014-11-19 08:39 - 00000000 ____D () C:\Users\Safrovi\Desktop\upravené obrázky
2015-03-20 19:35 - 2013-12-31 07:35 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSAFROVI-HP$
2015-03-20 19:35 - 2013-12-31 07:35 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForSAFROVI-HP$.job
2015-03-20 12:24 - 2014-03-05 15:19 - 00000000 ____D () C:\Program Files\Defraggler
2015-03-20 12:23 - 2014-03-05 15:19 - 00001726 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-03-19 15:39 - 2014-09-22 16:52 - 00000000 ____D () C:\Users\Safrovi\Desktop\VÝTVORY MŠ
2015-03-19 15:28 - 2015-01-26 17:02 - 00000000 ____D () C:\Users\Safrovi\Desktop\HOTOVÉ SADY VE WORDU
2015-03-19 09:01 - 2013-09-30 22:41 - 00672158 _____ () C:\Windows\system32\perfh005.dat
2015-03-19 09:01 - 2013-09-30 22:41 - 00142754 _____ () C:\Windows\system32\perfc005.dat
2015-03-19 09:01 - 2009-07-14 06:13 - 01593238 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-18 22:24 - 2013-12-16 22:41 - 00000000 ____D () C:\Users\Safrovi\AppData\Roaming\VSO
2015-03-17 14:04 - 2013-12-30 23:33 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-16 20:10 - 2014-09-07 19:46 - 00000000 ___RD () C:\Users\Safrovi\Desktop\FINCLUB
2015-03-16 18:17 - 2014-10-04 13:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-15 16:22 - 2014-09-01 20:48 - 00000000 ___RD () C:\Users\Safrovi\Desktop\UČITELKA PŘÍPRAVY WEB
2015-03-11 15:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 07:17 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-11 07:17 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 07:17 - 2009-07-14 05:45 - 00432872 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 07:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 07:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 05:57 - 2013-12-16 20:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 05:54 - 2013-12-16 20:05 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-09 17:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-09 17:13 - 2014-10-04 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-07 17:00 - 2015-02-03 19:28 - 00000000 ____D () C:\Users\Safrovi\Desktop\Nová složka
2015-03-06 19:17 - 2014-11-08 19:36 - 00000000 ____D () C:\Users\Safrovi\Desktop\foto z mobilu
2015-03-04 09:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-03 22:44 - 2014-12-22 19:03 - 00000000 ____D () C:\ProgramData\tmp
2015-03-03 22:04 - 2015-01-26 12:45 - 00000000 ____D () C:\Users\Safrovi\Desktop\POMOCNÉ MATERIÁLY Z PLOCHY K PŘÍPRAVÁM
2015-03-02 11:18 - 2009-07-14 06:08 - 00032550 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-28 22:46 - 2013-12-16 22:18 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-28 22:46 - 2013-12-16 22:18 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-24 04:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-12-18 07:40 - 2014-01-07 19:02 - 0000028 _____ () C:\Users\Safrovi\AppData\Roaming\mscuuh.dat
2013-12-16 20:22 - 2014-01-07 07:09 - 0001686 _____ () C:\Users\Safrovi\AppData\Roaming\msimyel.dat
2013-12-16 20:22 - 2014-01-07 19:02 - 0000028 _____ () C:\Users\Safrovi\AppData\Roaming\msoaact.dat
2013-12-18 07:40 - 2014-01-07 07:09 - 0001702 _____ () C:\Users\Safrovi\AppData\Roaming\mssctobr.dat
2014-09-30 16:44 - 2014-10-01 22:05 - 0088978 _____ () C:\ProgramData\hpcsmmsilogs.log
2014-12-09 19:18 - 2014-12-09 20:12 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt

Some content of TEMP:
====================
C:\Users\Safrovi\AppData\Local\Temp\Quarantine.exe
C:\Users\Safrovi\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-15 10:26

==================== End Of Log ============================

Ecinazuz · #12 Příspěvek od **Ecinazuz** » 22 bře 2015 14:17

Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.13.3317.03143 - Alcor Micro Corp.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Doplněk Microsoft Outlook Hotmail Connector (64bitový) (HKLM\...\{95140000-007A-0405-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.40.35706 - Hewlett-Packard Company)
ESET Smart Security (HKLM\...\{B7412400-95EF-4C4A-A887-6D6644235E7D}) (Version: 8.0.301.4 - ESET, spol s r. o.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.97 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.4 - Hewlett-Packard Company)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: - )
Golden Trails 2: The Lost Legacy Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Desktop Keyboard (HKLM-x32\...\HP Keyboard_is1) (Version: 1.0.0.13 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.2.1213 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
hppLaserJetService (x32 Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (x32 Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (x32 Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 Small Business Premium - cs-cz (HKLM\...\O365SmallBusPremRetail - cs-cz) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 cs) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 cs)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Farm Life 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyFreeCodec (HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MyFreeCodec) (Version: - )
NVIDIA Graphics Driver 311.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.10 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.12 - PDF Complete, Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.6207 - CyberLink Corp.) Hidden
Recovery Manager (x32 Version: 5.5.0.5223 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.1.02 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.1.02 - Hewlett-Packard Company) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
Youda Fisherman (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Safrovi\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Safrovi\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Safrovi\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Safrovi\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Safrovi\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

21-03-2015 11:13:28 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2712CCD2-31C4-4AF6-BB29-39F99C50F9A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {3699698A-62DA-466A-8B7E-A854593CB39E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {39B1BFBA-FE3D-4855-B692-B1A46CFD25BB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {478D398B-F0EA-4FD5-8A9B-A3FFB2467432} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {5CBFD334-CB30-48E7-AB28-1352E3198130} - System32\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)
Task: {87B2C705-2F97-4166-A2F4-D2016CA04924} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)
Task: {9165A0B3-A9CB-4A85-9E86-7CDD3384D37D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {A08540FE-2812-411F-B684-03476077FDF8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8d75ec939fc0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)
Task: {C29E497B-4C37-4EAC-8C51-C87047C78DC5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C41149FB-7EFB-419D-B31D-A5ACEBC9B249} - System32\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19] (Google Inc.)
Task: {D28F2FDB-99A6-497C-A0BF-475B08492BAA} - System32\Tasks\HPCeeScheduleForSAFROVI-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {EB5A0D84-20DA-441B-B7B5-3F656A5E0783} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {F5230F97-CFE7-4929-A330-3A309680E2D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F7CBAF79-8964-4C5C-A73C-7E5D0A5604C6} - System32\Tasks\HPCeeScheduleForSafrovi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {FA2A6549-8571-49CB-B500-CD747693C7B5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d75ec939fc0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSAFROVI-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSafrovi.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2013-02-21 19:50 - 2013-02-21 19:50 - 03346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2013-02-21 19:03 - 2013-02-21 19:03 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2014-01-10 17:56 - 2012-09-29 13:25 - 00409088 ____N () C:\Windows\System32\HPM1210LM.DLL
2014-01-10 17:56 - 2012-09-29 13:25 - 00074240 ____N () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2014-01-10 17:56 - 2012-09-29 13:26 - 03120128 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2014-01-10 17:56 - 2012-09-29 13:53 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2013-09-30 23:07 - 2013-01-24 23:57 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-16 19:59 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-10-04 13:15 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-19 22:40 - 2015-02-19 22:40 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-02-21 19:05 - 2013-02-21 19:05 - 01327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2013-09-30 23:18 - 2009-07-02 22:58 - 00406016 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
2009-10-15 11:13 - 2009-10-15 11:13 - 00061440 _____ () C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2009-10-15 11:13 - 2009-10-15 11:13 - 00964096 _____ () C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2012-12-24 06:53 - 2012-12-24 06:53 - 00082944 _____ () C:\Windows\system32\mvusbews.DLL
2013-02-21 19:32 - 2013-02-21 19:32 - 02854912 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-02-21 19:02 - 2013-02-21 19:02 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-21 19:31 - 2013-02-21 19:31 - 03035136 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2013-02-21 19:36 - 2013-02-21 19:36 - 02867200 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-21 19:34 - 2013-02-21 19:34 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-21 19:06 - 2013-02-21 19:06 - 02043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-21 19:08 - 2013-02-21 19:08 - 01949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Safrovi\Downloads\Letadla-(2013)-CZ-dabing-TOP-KVALITA.avi:TOC.WMV
AlternateDataStreams: C:\Users\Safrovi\Downloads\Letadla-2-Planes-2-(2014)-CZ-Dabing-NOVINKA.avi:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Safrovi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

==================== Accounts: =============================

Administrator (S-1-5-21-3453386134-3950636445-3288212601-500 - Administrator - Disabled)
Guest (S-1-5-21-3453386134-3950636445-3288212601-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3453386134-3950636445-3288212601-1003 - Limited - Enabled)
Safrovi (S-1-5-21-3453386134-3950636445-3288212601-1002 - Administrator - Enabled) => C:\Users\Safrovi

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2015 01:35:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 36.0.3.5556 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 7c0

Čas spuštění: 01d063d16251fb93

Čas ukončení: 182

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: b2afef9c-cfc6-11e4-8286-54bef72455b2

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))

System errors:
=============
Error: (03/22/2015 11:05:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
StarOpen

Error: (03/22/2015 11:04:11 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\StarOpen.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/22/2015 11:03:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Support Assistant Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/22/2015 11:03:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/22/2015 11:03:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/22/2015 11:03:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Software Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/22/2015 11:03:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (03/22/2015 11:03:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Document Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/22/2015 11:03:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/22/2015 11:03:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office Sessions:
=========================
Error: (03/21/2015 01:35:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe36.0.3.55567c001d063d16251fb93182C:\Program Files (x86)\Mozilla Firefox\firefox.exeb2afef9c-cfc6-11e4-8286-54bef72455b2

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (03/21/2015 08:22:31 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8129.12 MB
Available physical RAM: 5840.68 MB
Total Pagefile: 16256.42 MB
Available Pagefile: 13667.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1847.41 GB) (Free:1774.42 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:15.41 GB) (Free:1.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EC6DB269)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1847.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=101 MB) - (Type=27)

==================== End Of Log ============================

#13 Příspěvek od **Márty84** » 22 bře 2015 14:30

Jeste dejte ten novy log z RSIT a budem mazat.

Ecinazuz · #14 Příspěvek od **Ecinazuz** » 22 bře 2015 14:44

ok

Logfile of random's system information tool 1.10 (written by random/random)
Run by Safrovi at 2015-03-22 14:44:12
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 1817 GB (96%) free of 1892 GB
Total RAM: 8129 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:44:13, on 22.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Safrovi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13777 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3404
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-484e6b39-a7c7-44b4-b665-2a959ecce2da -SystemEventPortName:HostProcess-431083eb-7204-4f85-beed-3412ed492cd5 -IoCancelEventPortName:HostProcess-ddb480de-1a1c-434a-81e9-135049362c1a -NonStateChangingEventPortName:HostProcess-1e981d7a-3370-4d65-bd69-72d058fce35b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:81844212-9b2e-4010-a563-c47e8e6f84a9 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Users\Safrovi\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041068d2d5829.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8d75ec939fc0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForSAFROVI-HP$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForSAFROVI-HP$ (null)
C:\Windows\tasks\HPCeeScheduleForSafrovi.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForSafrovi (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=undefined&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\gchzsjxy.default\searchplugins\
firmycz.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10 886488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-09 122456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-02-10 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10 710864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-30 1425408]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-03-30 37888]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-09-22 5595848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-11-06 290688]
"HP KEYBOARDx"=C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [2010-02-11 710656]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-10-16 684064]
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-09 12310616]
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-22 14:13:20 ----D---- C:\FRST
2015-03-22 10:49:31 ----D---- C:\AdwCleaner
2015-03-22 07:43:08 ----D---- C:\rsit
2015-03-22 07:43:08 ----D---- C:\Program Files\trend micro
2015-03-21 20:53:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 05:38:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 05:38:46 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 05:38:39 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 05:38:39 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 05:38:39 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 05:38:38 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 05:38:37 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 05:38:35 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 05:38:35 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 05:38:35 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 05:38:35 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 05:38:35 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 05:38:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 05:38:35 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 05:38:35 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 05:38:35 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 05:38:34 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 05:38:34 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 05:38:34 ----A---- C:\Windows\system32\evr.dll
2015-03-11 05:38:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 05:38:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 05:38:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-11 05:38:32 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 05:38:32 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 05:38:32 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 05:38:32 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 05:38:31 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 05:38:31 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 05:38:31 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 05:38:31 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 05:38:31 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 05:38:31 ----A---- C:\Windows\system32\mf.dll
2015-03-11 05:38:31 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 05:38:31 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 05:38:30 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\winload.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\smss.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 05:38:30 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\ci.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 05:38:30 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 05:38:30 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 05:38:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 05:38:29 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 05:38:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 05:38:29 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 05:38:15 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 05:38:15 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 05:38:14 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 05:38:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-11 05:38:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 05:38:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 05:38:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 05:38:09 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 05:38:09 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 05:38:09 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 05:38:09 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 05:38:06 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 05:38:06 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 05:38:06 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 05:38:06 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 05:38:05 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-11 05:38:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-11 05:38:02 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 05:38:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 05:38:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 05:38:02 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-11 05:38:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-11 05:38:01 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 05:38:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 05:38:01 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-11 05:38:00 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 05:38:00 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 05:38:00 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-11 05:37:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 05:37:59 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 05:37:59 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 05:37:58 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 05:37:57 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 05:37:57 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 05:37:56 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-11 05:37:56 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-09 17:14:46 ----D---- C:\Program Files\Common Files\DESIGNER
2015-03-03 21:36:20 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-03-03 21:36:20 ----A---- C:\Windows\system32\wdi.dll
2015-03-03 21:36:20 ----A---- C:\Windows\system32\powertracker.dll
2015-03-03 21:36:20 ----A---- C:\Windows\system32\perftrack.dll
2015-02-28 13:10:15 ----D---- C:\Program Files (x86)\PMlabs

======List of files/folders modified in the last 1 month======

2015-03-22 14:44:13 ----D---- C:\Windows\Temp
2015-03-22 14:44:13 ----D---- C:\Windows\Prefetch
2015-03-22 14:14:52 ----D---- C:\Windows
2015-03-22 13:57:57 ----RD---- C:\Program Files (x86)
2015-03-22 13:57:57 ----D---- C:\Windows\system32\drivers
2015-03-22 13:07:42 ----D---- C:\Windows\inf
2015-03-22 11:40:24 ----D---- C:\Windows\system32\config
2015-03-22 11:07:05 ----A---- C:\Windows\SYSWOW64\log.txt
2015-03-22 11:05:07 ----D---- C:\ProgramData\PDFC
2015-03-22 11:03:39 ----D---- C:\Windows\system32\log
2015-03-22 07:43:08 ----RD---- C:\Program Files
2015-03-22 07:26:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-21 11:13:43 ----SHD---- C:\System Volume Information
2015-03-20 12:28:28 ----D---- C:\Windows\SoftwareDistribution
2015-03-20 12:24:12 ----D---- C:\Program Files\Defraggler
2015-03-19 09:01:18 ----D---- C:\Windows\System32
2015-03-19 09:01:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-18 22:24:52 ----D---- C:\Users\Safrovi\AppData\Roaming\VSO
2015-03-17 14:04:23 ----D---- C:\Windows\Tasks
2015-03-17 14:04:23 ----D---- C:\Windows\system32\Tasks
2015-03-16 19:26:31 ----D---- C:\Windows\Microsoft.NET
2015-03-16 18:42:40 ----RSD---- C:\Windows\assembly
2015-03-16 18:19:03 ----SHD---- C:\Windows\Installer
2015-03-16 18:18:38 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-03-16 18:17:51 ----D---- C:\Program Files\Microsoft Office 15
2015-03-13 07:27:18 ----D---- C:\Windows\winsxs
2015-03-13 06:32:51 ----D---- C:\Windows\system32\catroot2
2015-03-11 22:29:06 ----D---- C:\Windows\debug
2015-03-11 15:56:51 ----D---- C:\Windows\rescache
2015-03-11 07:14:29 ----D---- C:\Windows\SysWOW64
2015-03-11 07:14:28 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-11 07:14:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-11 07:14:28 ----D---- C:\Program Files\Windows Media Player
2015-03-11 07:14:28 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-11 07:14:27 ----D---- C:\Windows\system32\en-US
2015-03-11 07:14:27 ----D---- C:\Windows\system32\Dism
2015-03-11 07:14:27 ----D---- C:\Windows\system32\cs-CZ
2015-03-11 07:14:26 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-11 07:14:26 ----D---- C:\Windows\system32\Boot
2015-03-11 07:14:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-11 07:14:23 ----D---- C:\Program Files\Internet Explorer
2015-03-11 07:14:23 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 05:57:00 ----D---- C:\Windows\system32\MRT
2015-03-11 05:54:35 ----A---- C:\Windows\system32\MRT.exe
2015-03-09 17:14:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-03-09 17:14:46 ----D---- C:\Program Files\Common Files
2015-03-04 09:18:41 ----D---- C:\Windows\tracing
2015-03-03 22:44:46 ----D---- C:\ProgramData\tmp
2015-02-28 22:46:49 ----D---- C:\Program Files\CCleaner
2015-02-24 04:17:24 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-09-22 63160]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2013-04-30 677360]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2013-04-30 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2012-11-06 20024]
R0 MfeEpeOpal;MfeEpeOpal; C:\Windows\system32\drivers\MfeEpeOpal.sys [2013-02-21 91176]
R0 MfeEpePc;MfeEpePc; C:\Windows\system32\drivers\MfeEpePc.sys [2013-02-21 158760]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-09-22 44632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-09-22 222280]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2013-03-25 108312]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2012-11-06 358456]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2012-11-06 791608]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-09-20 108656]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\HECIx64.sys [2012-04-11 60184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-04 189288]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-03-30 535040]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2012-11-09 64832]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-02-10 2714800]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-07-21 494456]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-09-16 1350112]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPFSService;File Sanitizer for HP ProtectTools; c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-09 372824]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-04-11 277784]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2013-02-21 1327104]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-24 884512]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-10-16 1135136]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-30 311296]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-14 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2012-11-19 477056]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-13 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-21 148080]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-02-12 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-02-12 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#15 Příspěvek od **Márty84** » 22 bře 2015 15:44

Vypnete trvale Windows Defender

Napiste mi velikost adresare plochy (C:\Users\Safrovi\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684064 2012-10-16] (PDF Complete Inc)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM -> {32D14CA0-5EF8-4F80-993B-2E368DFAD94D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {32D14CA0-5EF8-4F80-993B-2E368DFAD94D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002 -> {32D14CA0-5EF8-4F80-993B-2E368DFAD94D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-21]

CHR Extension: (Skype Click to Call) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-19 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-13 136120]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d75ec939fc0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Users\Safrovi\Downloads\Letadla-(2013)-CZ-dabing-TOP-KVALITA.avi:TOC.WMV
AlternateDataStreams: C:\Users\Safrovi\Downloads\Letadla-2-Planes-2-(2014)-CZ-Dabing-NOVINKA.avi:TOC.WMV

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

VIRY.CZ

Dobré ráno, prosím o preventivku

Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku

Re: Dobré ráno, prosím o preventivku