Nesmazatelný vir, prosím o pomoc

Zpráva

RodenT · #1 Příspěvek od **RodenT** » 09 dub 2015 00:28

Zdravím,

V Aviře mi pořád vyskakuje nějaký vir, který nelze odstranit (stále vyskakuje)- počítač je zpomalený. Prosím mrkněte mi na log a poraďte co s tím. Moc díky.

Log z RSit:

Logfile of random's system information tool 1.10 (written by random/random)
Run by hrabos at 2015-04-09 01:05:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 35 GB (13%) free of 281 GB
Total RAM: 2934 MB (62% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe"
taskeng.exe {6A1E6022-2E50-4306-9359-25E32F89985D}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
"C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe" "SOFTWARE\SRAC\COSMOS_FloWorks 2014"
"C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe"
\??\C:\Windows\system32\conhost.exe "12115924801557981655-1579523980-953119807-1564265561-1004907098-19885516291587995348
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
WLIDSvcM.exe 2560
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\strokeit\StrokeIt_Portable\StrokeIt\Bin\strokeit.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
taskeng.exe {5CFCABDF-1E4B-4670-816C-8AC3A1D6DFDD}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000047c
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"taskhost.exe"
"C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe" --tray
C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\hrabos\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files (x86)\StatSoft\STATISTICA 12 Trial verze\Support\StaBHO.dll [2013-04-02 281088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10 886488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-02-10 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files (x86)\StatSoft\STATISTICA 12 Trial verze\StaBHO.dll [2013-04-01 232448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10 710864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10 1729744]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-05-03 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-05-03 391960]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-05-03 419096]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2480936]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-06 415680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Oxmics"=C:\Windows\system32\regsvr32.exe [2009-07-14 19456]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-02-19 26232152]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"ASLworks"=C:\Windows\SysWOW64\regsvr32.exe [2009-07-14 14848]
"StrokeIt"=C:\Program Files\strokeit\StrokeIt_Portable\StrokeIt\Bin\strokeit.exe [2010-01-03 26248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-02-16 94264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD]
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2010-07-23 111640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2011-01-25 525312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RescueTime.lnk]
C:\PROGRA~2\RESCUE~1\RESCUE~1.EXE [2014-06-25 3369984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-04-01 726320]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-05-03 385024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-04-09 01:05:24 ----D---- C:\rsit
2015-04-08 18:28:56 ----D---- C:\Windows\SYSWOW64\䶰
2015-04-08 16:28:52 ----D---- C:\Windows\SYSWOW64\䶸]
2015-04-08 11:46:42 ----D---- C:\Windows\SYSWOW64\䶰L
2015-04-08 00:13:13 ----D---- C:\Windows\SYSWOW64\欸͙
2015-04-07 22:12:59 ----D---- C:\Windows\SYSWOW64\㸀͹
2015-04-07 20:12:59 ----D---- C:\Windows\SYSWOW64\ꈠʹ
2015-04-07 15:18:37 ----D---- C:\Windows\SYSWOW64\ⳀΫ
2015-04-07 13:18:42 ----D---- C:\Windows\SYSWOW64\醸x
2015-04-07 11:18:34 ----D---- C:\Windows\SYSWOW64\�ˏ
2015-04-07 09:18:33 ----D---- C:\Windows\SYSWOW64\�ʞ
2015-04-07 00:22:10 ----D---- C:\Windows\SYSWOW64\҈ʮ
2015-04-06 22:22:07 ----D---- C:\Windows\SYSWOW64\ﴘ΄
2015-04-05 21:46:01 ----D---- C:\Windows\SYSWOW64\䍘Y
2015-04-05 17:08:23 ----D---- C:\Windows\SYSWOW64\쿰ʐ
2015-04-05 15:31:02 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-05 15:31:01 ----SD---- C:\Windows\system32\GWX
2015-04-05 15:08:17 ----D---- C:\Windows\SYSWOW64\莰#
2015-04-04 13:54:55 ----D---- C:\Windows\SYSWOW64\좐͆
2015-04-03 22:10:44 ----D---- C:\Windows\SYSWOW64\䑠ɫ
2015-04-03 20:02:31 ----D---- C:\Windows\SYSWOW64\⿐Θ
2015-04-02 15:26:02 ----D---- C:\Windows\SYSWOW64\ਘ̔
2015-04-02 10:03:38 ----D---- C:\Windows\SYSWOW64\쾐ȸ
2015-04-01 07:49:46 ----D---- C:\Program Files\Chaos Group
2015-03-31 12:55:38 ----D---- C:\Users\hrabos\AppData\Roaming\StatSoft
2015-03-31 01:30:10 ----D---- C:\Users\hrabos\AppData\Roaming\Softland
2015-03-31 01:29:36 ----A---- C:\Windows\system32\novamnk7.dll
2015-03-31 01:29:36 ----A---- C:\Windows\system32\novamik7.dll
2015-03-31 01:29:21 ----A---- C:\Windows\system32\GdiPlus.dll
2015-03-31 01:29:10 ----D---- C:\ProgramData\StatSoft
2015-03-31 01:26:22 ----D---- C:\Program Files (x86)\StatSoft
2015-03-30 09:36:38 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-03-30 09:36:38 ----A---- C:\Windows\explorer.exe
2015-03-30 09:36:37 ----A---- C:\Windows\system32\spoolsv.exe
2015-03-30 09:36:37 ----A---- C:\Windows\splwow64.exe
2015-03-29 03:28:50 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2015-03-29 03:25:58 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2015-03-29 03:25:58 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2015-03-29 03:25:57 ----A---- C:\Windows\system32\WUDFSvc.dll
2015-03-29 03:25:57 ----A---- C:\Windows\system32\WUDFPlatform.dll
2015-03-29 03:25:56 ----A---- C:\Windows\system32\WUDFx.dll
2015-03-29 03:25:56 ----A---- C:\Windows\system32\WUDFHost.exe
2015-03-29 03:25:56 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2015-03-29 03:18:44 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2015-03-29 03:18:44 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-03-28 22:52:08 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-03-28 22:52:08 ----A---- C:\Windows\system32\wdi.dll
2015-03-28 22:52:08 ----A---- C:\Windows\system32\powertracker.dll
2015-03-28 22:52:08 ----A---- C:\Windows\system32\perftrack.dll
2015-03-28 22:51:30 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2015-03-28 22:51:30 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2015-03-28 22:51:30 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2015-03-28 22:51:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2015-03-28 22:51:30 ----A---- C:\Windows\system32\RMActivate_isv.exe
2015-03-28 22:51:30 ----A---- C:\Windows\system32\RMActivate.exe
2015-03-28 22:51:29 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2015-03-28 22:51:29 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2015-03-28 22:51:29 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2015-03-28 22:51:29 ----A---- C:\Windows\SYSWOW64\secproc.dll
2015-03-28 22:51:29 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2015-03-28 22:51:29 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2015-03-28 22:51:29 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2015-03-28 22:51:29 ----A---- C:\Windows\system32\secproc_ssp.dll
2015-03-28 22:51:29 ----A---- C:\Windows\system32\secproc_isv.dll
2015-03-28 22:51:29 ----A---- C:\Windows\system32\secproc.dll
2015-03-28 22:51:29 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2015-03-28 22:51:29 ----A---- C:\Windows\system32\msdrm.dll
2015-03-28 22:51:21 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2015-03-28 22:51:21 ----A---- C:\Windows\system32\xmllite.dll
2015-03-28 22:51:19 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2015-03-28 22:51:19 ----A---- C:\Windows\system32\wwansvc.dll
2015-03-28 22:51:19 ----A---- C:\Windows\system32\wwanprotdim.dll
2015-03-28 22:51:19 ----A---- C:\Windows\system32\msieftp.dll
2015-03-28 22:51:16 ----A---- C:\Windows\system32\dhcpcore6.dll
2015-03-28 22:51:15 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2015-03-28 22:51:15 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2015-03-28 22:51:15 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2015-03-28 22:51:00 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2015-03-28 22:51:00 ----A---- C:\Windows\system32\ntshrui.dll
2015-03-28 22:50:57 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-03-28 22:50:57 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-03-28 22:50:57 ----A---- C:\Windows\system32\tquery.dll
2015-03-28 22:50:57 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-03-28 22:50:57 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-03-28 22:50:57 ----A---- C:\Windows\system32\mssrch.dll
2015-03-28 22:50:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-03-28 22:50:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-03-28 22:50:56 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2015-03-28 22:50:56 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-03-28 22:50:56 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2015-03-28 22:50:56 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-03-28 22:50:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2015-03-28 22:50:56 ----A---- C:\Windows\system32\SearchFilterHost.exe
2015-03-28 22:50:56 ----A---- C:\Windows\system32\mssvp.dll
2015-03-28 22:50:56 ----A---- C:\Windows\system32\mssphtb.dll
2015-03-28 22:50:56 ----A---- C:\Windows\system32\mssph.dll
2015-03-28 22:50:56 ----A---- C:\Windows\system32\msscntrs.dll
2015-03-28 22:50:53 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2015-03-28 22:50:53 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-03-28 22:50:40 ----A---- C:\Windows\system32\d3d10warp.dll
2015-03-28 22:50:39 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-03-28 22:50:22 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2015-03-28 22:50:22 ----A---- C:\Windows\SYSWOW64\credui.dll
2015-03-28 22:50:22 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2015-03-28 22:50:22 ----A---- C:\Windows\system32\credui.dll
2015-03-28 22:50:13 ----A---- C:\Windows\system32\drivers\ataport.sys
2015-03-28 22:50:09 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\system32\KBDRU.DLL
2015-03-28 22:50:09 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-03-28 22:50:07 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2015-03-28 22:50:07 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-03-28 22:49:57 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2015-03-28 22:49:57 ----A---- C:\Windows\system32\netcorehc.dll
2015-03-28 22:49:57 ----A---- C:\Windows\system32\iphlpsvc.dll
2015-03-28 22:49:57 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2015-03-28 22:49:56 ----A---- C:\Windows\SYSWOW64\netevent.dll
2015-03-28 22:49:56 ----A---- C:\Windows\system32\netevent.dll
2015-03-28 22:49:48 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-03-28 22:49:47 ----A---- C:\Windows\system32\WebClnt.dll
2015-03-28 22:49:46 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-03-28 22:49:46 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-03-28 22:49:46 ----A---- C:\Windows\system32\davclnt.dll
2015-03-28 22:49:44 ----A---- C:\Windows\system32\OxpsConverter.exe
2015-03-28 22:49:34 ----A---- C:\Windows\system32\Wpc.dll
2015-03-28 22:49:33 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2015-03-28 22:49:33 ----A---- C:\Windows\SYSWOW64\gameux.dll
2015-03-28 22:49:33 ----A---- C:\Windows\system32\gameux.dll
2015-03-28 22:48:48 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-03-28 22:48:48 ----A---- C:\Windows\system32\oleaut32.dll
2015-03-28 22:47:50 ----A---- C:\Windows\system32\drivers\bthport.sys
2015-03-28 22:47:41 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2015-03-28 22:47:41 ----A---- C:\Windows\system32\iologmsg.dll
2015-03-28 22:47:41 ----A---- C:\Windows\system32\drivers\storport.sys
2015-03-28 22:47:41 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2015-03-28 22:47:41 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2015-03-28 22:47:22 ----A---- C:\Windows\system32\mstscax.dll
2015-03-28 22:47:21 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-03-28 22:47:21 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-03-28 22:47:07 ----A---- C:\Windows\SYSWOW64\charmap.exe
2015-03-28 22:47:07 ----A---- C:\Windows\system32\charmap.exe
2015-03-28 22:47:06 ----A---- C:\Windows\system32\WsmSvc.dll
2015-03-28 22:47:05 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2015-03-28 22:47:05 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-03-28 22:47:05 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-03-28 22:47:04 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2015-03-28 22:47:04 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2015-03-28 22:47:04 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2015-03-28 22:47:04 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2015-03-28 22:47:04 ----A---- C:\Windows\system32\WsmAuto.dll
2015-03-28 22:47:04 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-03-28 22:46:49 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2015-03-28 22:46:49 ----A---- C:\Windows\system32\cryptdlg.dll
2015-03-28 22:46:26 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2015-03-28 22:46:26 ----A---- C:\Windows\system32\prevhost.exe
2015-03-28 22:46:16 ----A---- C:\Windows\system32\esent.dll
2015-03-28 22:46:15 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2015-03-28 22:46:15 ----A---- C:\Windows\SYSWOW64\esent.dll
2015-03-28 22:46:15 ----A---- C:\Windows\system32\fsutil.exe
2015-03-28 22:46:15 ----A---- C:\Windows\system32\drivers\nvraid.sys
2015-03-28 22:46:15 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2015-03-28 22:46:15 ----A---- C:\Windows\system32\drivers\amdxata.sys
2015-03-28 22:46:14 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2015-03-28 22:46:14 ----A---- C:\Windows\system32\drivers\nvstor.sys
2015-03-28 22:46:14 ----A---- C:\Windows\system32\drivers\amdsata.sys
2015-03-28 22:45:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-03-28 22:45:43 ----A---- C:\Windows\system32\tzres.dll
2015-03-28 22:45:15 ----A---- C:\Windows\system32\drivers\fvevol.sys
2015-03-28 22:45:13 ----A---- C:\Windows\system32\drivers\ntfs.sys
2015-03-28 22:45:09 ----A---- C:\Windows\system32\msi.dll
2015-03-28 22:45:08 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-03-28 22:44:37 ----A---- C:\Windows\system32\scavengeui.dll
2015-03-28 17:10:37 ----D---- C:\Windows\en
2015-03-28 17:09:51 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-03-28 17:09:08 ----D---- C:\Windows\PCHEALTH
2015-03-28 17:08:42 ----D---- C:\Program Files (x86)\Windows Live
2015-03-25 00:01:22 ----D---- C:\Users\hrabos\AppData\Roaming\wufumok
2015-03-12 19:45:02 ----D---- C:\Windows\SYSWOW64\bitstreams
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2015-03-12 19:45:02 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2015-03-12 19:45:00 ----D---- C:\Program Files (x86)\pdf creator full cz
2015-03-11 19:56:51 ----D---- C:\Program Files\strokeit
2015-03-11 18:57:58 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 18:57:58 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 18:57:57 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 18:57:57 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 18:57:57 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 18:57:57 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 18:57:57 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 18:57:57 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 18:57:57 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 18:57:57 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 18:57:24 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 18:57:24 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 18:57:23 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 18:57:22 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 18:57:21 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 18:57:17 ----A---- C:\Windows\system32\mf.dll
2015-03-11 18:57:16 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 18:57:16 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 18:57:15 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 18:57:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 18:57:12 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 18:57:08 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 18:57:08 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 18:57:07 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 18:57:07 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 18:57:07 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 18:57:07 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 18:57:06 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 18:57:06 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 18:57:06 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 18:57:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 18:57:05 ----A---- C:\Windows\system32\evr.dll
2015-03-11 18:57:03 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 18:57:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-11 18:57:02 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 18:57:02 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 18:57:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 18:57:01 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 18:57:01 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 18:57:01 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 18:57:00 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 18:57:00 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 18:57:00 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 18:57:00 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 18:56:59 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 18:56:59 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 18:56:59 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 18:56:59 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 18:56:58 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 18:56:58 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 18:56:58 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 18:56:58 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 18:56:58 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\winload.exe
2015-03-11 18:56:58 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 18:56:58 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 18:56:58 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 18:56:58 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\ci.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 18:56:58 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 18:56:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 18:56:57 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\smss.exe
2015-03-11 18:56:57 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 18:56:57 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 18:56:57 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 18:56:57 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 18:56:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 18:56:57 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 18:56:57 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 18:56:56 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 18:56:56 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 18:55:12 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 18:55:12 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 18:55:00 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 18:54:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-11 18:54:59 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-11 18:54:59 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 18:54:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 18:54:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 18:54:59 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-11 18:54:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 18:54:58 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 18:54:58 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 18:54:58 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 18:54:22 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 18:54:20 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 18:54:06 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 18:54:06 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 18:34:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 18:34:29 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 18:34:26 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 18:34:18 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-11 18:34:18 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 11:41:20 ----SHD---- C:\Config.Msi
2015-03-10 20:35:31 ----D---- C:\Users\hrabos\AppData\Roaming\TCB Networks
2015-03-10 20:34:13 ----D---- C:\Program Files\StrokeIt_Portable
2015-03-10 20:34:12 ----D---- C:\Program Files\StrokeIt_Gesta

======List of files/folders modified in the last 1 month======

2015-04-09 01:06:01 ----D---- C:\Program Files\trend micro
2015-04-09 01:05:29 ----D---- C:\Windows\Prefetch
2015-04-09 01:05:20 ----D---- C:\Windows\Temp
2015-04-08 18:28:56 ----D---- C:\Windows\SysWOW64
2015-04-08 14:38:51 ----D---- C:\Windows\system32\config
2015-04-08 14:23:37 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-08 12:18:16 ----D---- C:\Windows
2015-04-08 12:18:12 ----SHD---- C:\Windows\Installer
2015-04-08 12:18:12 ----D---- C:\Windows\system32\drivers
2015-04-08 12:16:35 ----D---- C:\Windows\inf
2015-04-08 11:28:13 ----D---- C:\Windows\System32
2015-04-08 11:28:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-08 07:47:15 ----D---- C:\ProgramData\boost_interprocess
2015-04-07 16:54:12 ----SHD---- C:\System Volume Information
2015-04-06 00:30:12 ----D---- C:\Windows\rescache
2015-04-05 15:32:25 ----D---- C:\Windows\Logs
2015-04-05 15:31:48 ----D---- C:\Windows\winsxs
2015-04-04 12:02:19 ----D---- C:\Windows\system32\catroot2
2015-04-03 13:08:08 ----D---- C:\Users\hrabos\AppData\Roaming\Skype
2015-04-02 02:33:24 ----RSD---- C:\Windows\assembly
2015-04-01 14:45:12 ----D---- C:\Users\hrabos\AppData\Roaming\Avira
2015-04-01 14:43:41 ----D---- C:\ProgramData\Avira
2015-04-01 12:25:39 ----D---- C:\Windows\Microsoft.NET
2015-04-01 07:49:51 ----D---- C:\Program Files\Common Files\ChaosGroup
2015-04-01 07:49:46 ----RD---- C:\Program Files
2015-03-31 17:30:19 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-03-31 01:29:18 ----D---- C:\Program Files (x86)\Common Files
2015-03-31 01:29:10 ----D---- C:\ProgramData
2015-03-31 01:26:22 ----RD---- C:\Program Files (x86)
2015-03-31 00:41:59 ----D---- C:\Windows\Minidump
2015-03-30 23:31:06 ----D---- C:\Windows\system32\Tasks
2015-03-29 10:34:08 ----D---- C:\Windows\system32\catroot
2015-03-29 10:33:37 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-29 10:33:37 ----D---- C:\Windows\system32\en-US
2015-03-29 10:33:36 ----D---- C:\Windows\AppPatch
2015-03-29 10:33:32 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-29 10:33:31 ----D---- C:\Windows\system32\Dism
2015-03-29 10:33:30 ----RSD---- C:\Windows\Fonts
2015-03-29 10:33:30 ----D---- C:\Windows\system32\drivers\en-US
2015-03-29 10:33:18 ----D---- C:\Windows\SYSWOW64\migration
2015-03-29 10:33:18 ----D---- C:\Windows\system32\migration
2015-03-29 10:32:55 ----D---- C:\Windows\system32\DriverStore
2015-03-28 18:27:58 ----D---- C:\Users\hrabos\AppData\Roaming\Audacity
2015-03-28 17:09:18 ----SD---- C:\ProgramData\Microsoft
2015-03-28 17:09:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-03-28 02:17:00 ----D---- C:\Users\hrabos\AppData\Roaming\uTorrent
2015-03-21 21:48:39 ----D---- C:\Windows\Tasks
2015-03-21 21:48:39 ----D---- C:\Windows\system32\wfp
2015-03-21 21:48:39 ----D---- C:\Windows\system32\wbem
2015-03-21 21:48:38 ----D---- C:\Users\hrabos\AppData\Roaming\Winamp
2015-03-21 21:48:36 ----D---- C:\ProgramData\ASGVIS
2015-03-21 21:48:36 ----D---- C:\Program Files (x86)\Cold Turkey
2015-03-21 21:48:03 ----D---- C:\Windows\registration
2015-03-21 21:17:03 ----D---- C:\Windows\system32\LogFiles
2015-03-21 13:22:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-03-21 13:16:51 ----D---- C:\Program Files (x86)\Opera
2015-03-21 13:00:54 ----SD---- C:\Users\hrabos\AppData\Roaming\Microsoft
2015-03-18 01:20:19 ----D---- C:\Windows\debug
2015-03-16 19:45:14 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-03-16 19:41:16 ----D---- C:\Program Files\Microsoft Office 15
2015-03-12 09:44:41 ----D---- C:\Program Files\Windows Media Player
2015-03-12 09:44:41 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-12 09:44:36 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-12 09:44:36 ----D---- C:\Windows\system32\Boot
2015-03-12 01:58:16 ----D---- C:\Windows\system32\MRT
2015-03-12 01:52:58 ----A---- C:\Windows\system32\MRT.exe
2015-03-11 18:09:54 ----D---- C:\Windows\SYSWOW64\wbem
2015-03-11 18:09:53 ----D---- C:\Windows\PolicyDefinitions
2015-03-11 18:09:53 ----D---- C:\Windows\L2Schemas
2015-03-11 18:09:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 18:09:45 ----D---- C:\Windows\schemas
2015-03-11 18:09:45 ----D---- C:\Windows\servicing
2015-03-11 18:09:34 ----D---- C:\ProgramData\FLEXnet
2015-03-11 12:37:29 ----D---- C:\Windows\tracing
2015-03-10 11:14:45 ----D---- C:\Windows\Vss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-05 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-08-15 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-21 283064]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-05 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-05 44088]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-05-03 12262624]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2011-05-03 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-05-03 317440]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-11-05 1041760]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-12-15 565352]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-01-25 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1403440]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACProtector;AC Auto-update system; C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe [2012-08-15 138752]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-04-01 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-04-01 434424]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-02-10 2714800]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-19 2372096]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-23 268824]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2014; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [2014-01-11 235656]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-25 296448]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-23 2320920]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2014-08-13 96272]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-04-01 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-04-01 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 CTService;CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [2014-10-19 326144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-21 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-21 267440]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2014-01-11 76328]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-01-12 1432400]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-10-25 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-21 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-13 136120]
S3 hpCMSrv;HP Connection Manager 4.0 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-16 1071160]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-09-06 1001376]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-10-30 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-10-30 5132888]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2014-10-25 79360]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 09 dub 2015 09:01

Zdravim

O jaky vir se ma jednat a jake je jeho umisteni?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

RodenT · #3 Příspěvek od **RodenT** » 09 dub 2015 09:43

Chtěl jsem nahodit screen, ale zrovna to okénko s virem nevyskakovalo

. Tak jsem to vyhledal v Aviře a je to tohle: 'BDS/SathoBot.pxr.2 [backdoor]'

RodenT · #4 Příspěvek od **RodenT** » 09 dub 2015 10:11

Tady je log z Adwčka. Dále přikládám screen, co přesně mi vyjíždí za okno z Aviry.

# AdwCleaner v4.201 - Logfile created 09/04/2015 at 10:55:46
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : hrabos - HRABOS-HP
# Running from : C:\Users\hrabos\Desktop\adwcleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\hrabos\AppData\Local\pdfforge

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

-\\ Mozilla Firefox v

-\\ Opera v28.0.1750.51

*************************

AdwCleaner[R0].txt - [5080 bytes] - [19/11/2014 12:19:12]
AdwCleaner[R1].txt - [1273 bytes] - [10/02/2015 20:08:21]
AdwCleaner[R2].txt - [1141 bytes] - [09/04/2015 10:49:34]
AdwCleaner[S0].txt - [4946 bytes] - [19/11/2014 12:21:59]
AdwCleaner[S1].txt - [1308 bytes] - [10/02/2015 20:13:17]
AdwCleaner[S2].txt - [1030 bytes] - [09/04/2015 10:55:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1089 bytes] ##########

#5 Příspěvek od **Márty84** » 09 dub 2015 10:24

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

RodenT · #6 Příspěvek od **RodenT** » 09 dub 2015 10:38

No dával jsem to do karantýny myslím, ale stejně to pořád vyskakuje, teď chvilku nic, tak nevím. Jdu na to MBAM.

#7 Příspěvek od **Márty84** » 09 dub 2015 18:40

OK. Podle vysledku zvolim dalsi postup.

RodenT · #8 Příspěvek od **RodenT** » 10 dub 2015 00:22

Já měl právě ten MBAM už nainstalovaný a už jsem to i scanoval a smazal všechno, co to našlo, což asi není ideál. Jde třeba nějak úplně základně rozlišit co smazat a co ne? tady je ten log, zatím díky:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9.4.2015
Čas skenování: 20:34:49
Protokol: log.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.09.06
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: hrabos

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 695742
Uplynulý čas: 4 hod, 25 min, 53 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
Trojan.Agent, HKLM\SOFTWARE\CLASSES\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}, , [abdf105ac9c1e650e2235fb3a85af50b],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 9
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe.vir, , [2862e7836d1dfb3be0c9b31c1fe2ac54],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\hrabos\AppData\LocalLow\BS_Player_ControlBar_B\hk64tbBS_P.dll.vir, , [5c2ebdad3357f5419217e6e9748d7888],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\hrabos\AppData\LocalLow\BS_Player_ControlBar_B\hktbBS_P.dll.vir, , [1d6d8bdf870363d3d2d7d1fec0416f91],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\hrabos\AppData\LocalLow\BS_Player_ControlBar_B\ldrtbBS_P.dll.vir, , [deac1258078355e17039725da25f2ed2],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\hrabos\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll.vir, , [85054c1e2a601f17c1e8408f35ccbe42],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\hrabos\AppData\LocalLow\BS_Player_ControlBar_B\tbBS_P.dll.vir, , [d5b5d59534563cfafbae438ce61b36ca],
Trojan.Agent, C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll, , [abdf105ac9c1e650e2235fb3a85af50b],
Trojan.Agent.DED, C:\ProgramData\Microsoft\Secure\Icons\temp\tmp6397.exe, , [ccbe81e9f892f145acdee4169170d32d],
Trojan.Agent.CRVED, C:\ProgramData\Microsoft\Secure\Icons\temp\tmpCC38.exe, , [1f6b47231278ab8bd0294bf1c43ede22],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#9 Příspěvek od **Márty84** » 10 dub 2015 04:02

Tech falesnych detekci neni mnoho, ale je lepsi to nejdrive nechat zkontrolovat. Nejaky navod co ano a co ne udelat nejde.

Vsechny nalezy nechte zase odstranit.

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

RodenT · #10 Příspěvek od **RodenT** » 10 dub 2015 12:45

Teď jsem ve fázi, kdy se připravuje log z kombofix. Akorát už to trvá více jak 30 min. Jak dlouho mám čekat? Může to tak dlouho trvat? díky

RodenT · #11 Příspěvek od **RodenT** » 10 dub 2015 14:32

Tak dobrý nechal jsem to dojet, tady je log:

ComboFix 15-04-09.01 - hrabos 10.04.2015 12:37:58.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.2934.1527 [GMT 2:00]
Spuštěný z: c:\users\hrabos\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\hrabos\AppData\Local\Temp\_MEI18402\_ctypes.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\_elementtree.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\_hashlib.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\_multiprocessing.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\_socket.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\_ssl.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\_yappi.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\hashobjs_ext.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\pyexpat.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\pysqlite2._sqlite.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\python27.dll
c:\users\hrabos\AppData\Local\Temp\_MEI18402\pythoncom27.dll
c:\users\hrabos\AppData\Local\Temp\_MEI18402\PyWinTypes27.dll
c:\users\hrabos\AppData\Local\Temp\_MEI18402\select.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\unicodedata.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32api.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32com.shell.shell.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32crypt.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32event.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32file.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32gui.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32inet.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32pdh.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32pipe.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32process.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32profile.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32security.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\win32ts.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\windows._lib_cacheinvalidation.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wx._animate.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wx._controls_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wx._core_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wx._gdi_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wx._html2.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wx._misc_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wx._windows_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wx._wizard.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wxbase294u_net_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wxbase294u_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wxmsw294u_adv_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wxmsw294u_core_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wxmsw294u_html_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI18402\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-10 do 2015-04-10 )))))))))))))))))))))))))))))))
.
.
2015-04-10 10:51 . 2015-04-10 10:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-04-10 10:51 . 2015-04-10 10:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-09 22:33 . 2015-04-09 22:36 -------- d-----w- c:\windows\SysWow64\25E3~1
2015-04-09 09:42 . 2015-04-09 18:34 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-09 09:42 . 2015-04-09 09:42 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-04-09 09:42 . 2015-03-17 04:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-09 09:42 . 2015-03-17 04:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-09 09:42 . 2015-03-17 04:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-08 23:05 . 2015-04-08 23:06 -------- d-----w- C:\rsit
2015-04-08 16:28 . 2015-04-08 16:28 -------- d-----w- c:\windows\SysWow64\4A88~1
2015-04-08 14:28 . 2015-04-08 14:29 -------- d-----w- c:\windows\SysWow64\_0112~1
2015-04-08 09:46 . 2015-04-08 09:49 -------- d-----w- c:\windows\SysWow64\L4D4E~1
2015-04-07 22:13 . 2015-04-07 22:15 -------- d-----w- c:\windows\SysWow64\4237~1
2015-04-07 20:12 . 2015-04-07 20:12 -------- d-----w- c:\windows\SysWow64\6F03~1
2015-04-07 18:12 . 2015-04-07 18:14 -------- d-----w- c:\windows\SysWow64\F4AA~1
2015-04-07 13:18 . 2015-04-07 13:20 -------- d-----w- c:\windows\SysWow64\7FB1~1
2015-04-07 11:18 . 2015-04-07 11:21 -------- d-----w- c:\windows\SysWow64\X0B5A~1
2015-04-07 09:18 . 2015-04-07 09:20 -------- d-----w- c:\windows\SysWow64\2D3F~1
2015-04-07 07:56 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{684BCE9F-7D2D-4E35-A7D6-23F9ECA8059A}\mpengine.dll
2015-04-07 07:18 . 2015-04-07 07:21 -------- d-----w- c:\windows\SysWow64\5B74~1
2015-04-06 22:22 . 2015-04-06 22:24 -------- d-----w- c:\windows\SysWow64\B8C4~1
2015-04-06 20:22 . 2015-04-06 20:23 -------- d-----w- c:\windows\SysWow64\49AC~1
2015-04-05 19:46 . 2015-04-05 19:46 -------- d-----w- c:\windows\SysWow64\Y40F4~1
2015-04-05 15:08 . 2015-04-05 15:08 -------- d-----w- c:\windows\SysWow64\93FA~1
2015-04-05 13:31 . 2015-04-05 13:31 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-05 13:31 . 2015-04-05 13:33 -------- d-s---w- c:\windows\system32\GWX
2015-04-05 13:08 . 2015-04-05 13:11 -------- d-----w- c:\windows\SysWow64\#A3F9~1
2015-04-04 11:54 . 2015-04-04 11:56 -------- d-----w- c:\windows\SysWow64\BC70~1
2015-04-03 20:10 . 2015-04-03 20:12 -------- d-----w- c:\windows\SysWow64\9AB4~1
2015-04-03 18:02 . 2015-04-03 18:06 -------- d-----w- c:\windows\SysWow64\A347~1
2015-04-02 13:26 . 2015-04-02 13:26 -------- d-----w- c:\windows\SysWow64\5382~1
2015-04-02 08:03 . 2015-04-02 08:07 -------- d-----w- c:\windows\SysWow64\82FC~1
2015-04-01 05:49 . 2015-04-01 05:49 -------- d-----w- c:\program files\Chaos Group
2015-03-31 10:55 . 2015-03-31 10:55 -------- d-----w- c:\users\hrabos\AppData\Roaming\StatSoft
2015-03-30 23:30 . 2015-03-30 23:30 -------- d-----w- c:\users\hrabos\AppData\Roaming\Softland
2015-03-30 23:29 . 2013-02-13 12:20 29504 ----a-w- c:\windows\system32\novamnk7.dll
2015-03-30 23:29 . 2013-02-13 12:20 22336 ----a-w- c:\windows\system32\novamik7.dll
2015-03-30 23:29 . 2010-02-05 12:00 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2015-03-30 23:29 . 2015-03-30 23:29 -------- d-----w- c:\program files (x86)\Common Files\StatSoft
2015-03-30 23:29 . 2015-03-30 23:29 -------- d-----w- c:\programdata\StatSoft
2015-03-30 23:26 . 2015-03-30 23:26 -------- d-----w- c:\program files (x86)\StatSoft
2015-03-30 07:36 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2015-03-30 07:36 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2015-03-30 07:36 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2015-03-30 07:36 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2015-03-29 01:30 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2015-03-29 01:28 . 2015-03-29 01:28 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2015-03-29 01:25 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2015-03-29 01:25 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2015-03-29 01:25 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2015-03-29 01:25 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2015-03-29 01:25 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2015-03-29 01:25 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2015-03-29 01:25 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2015-03-29 01:18 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-03-29 01:18 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2015-03-28 20:52 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-03-28 20:52 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-03-28 20:52 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-03-28 20:52 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-03-28 20:50 . 2011-05-04 05:25 2315776 ----a-w- c:\windows\system32\tquery.dll
2015-03-28 20:49 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2015-03-28 20:48 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-03-28 20:48 . 2014-11-26 03:32 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-03-28 20:46 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2015-03-28 20:45 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2015-03-28 20:45 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-03-28 20:45 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2015-03-28 20:45 . 2014-01-24 02:37 1684928 ----a-w- c:\windows\system32\drivers\ntfs.sys
2015-03-28 20:45 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2015-03-28 20:45 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2015-03-28 20:44 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2015-03-28 15:10 . 2015-03-28 15:10 -------- d-----w- c:\windows\en
2015-03-28 15:09 . 2015-03-28 15:09 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2015-03-28 15:09 . 2015-03-28 15:09 -------- d-----w- c:\windows\PCHEALTH
2015-03-28 15:08 . 2015-03-28 15:09 -------- d-----w- c:\program files (x86)\Windows Live
2015-03-28 15:03 . 2015-03-28 15:11 -------- d-----w- c:\users\hrabos\AppData\Local\Windows Live
2015-03-28 15:03 . 2015-03-28 15:03 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2015-03-24 22:01 . 2015-04-08 10:18 -------- d-----w- c:\users\hrabos\AppData\Roaming\wufumok
2015-03-12 17:45 . 2015-03-12 17:45 -------- d-----w- c:\windows\SysWow64\bitstreams
2015-03-12 17:45 . 2013-10-26 19:30 538126 --s-a-w- c:\windows\SysWow64\libcurl-4.dll
2015-03-12 17:45 . 2013-10-26 19:30 364544 --s-a-w- c:\windows\SysWow64\ssleay32.dll
2015-03-12 17:45 . 2013-10-26 19:30 192512 --s-a-w- c:\windows\SysWow64\libidn-11.dll
2015-03-12 17:45 . 2013-10-26 19:30 171008 --s-a-w- c:\windows\SysWow64\libssh2.dll
2015-03-12 17:45 . 2013-10-26 19:30 1704448 --s-a-w- c:\windows\SysWow64\libeay32.dll
2015-03-12 17:45 . 2013-10-26 19:30 133632 --s-a-w- c:\windows\SysWow64\librtmp.dll
2015-03-12 17:45 . 2013-06-12 14:15 119888 --s-a-w- c:\windows\SysWow64\pthreadGC2.dll
2015-03-12 17:45 . 2013-06-12 14:15 100864 --s-a-w- c:\windows\SysWow64\zlib1.dll
2015-03-12 17:45 . 2012-09-25 22:46 472424 --s-a-w- c:\windows\SysWow64\cudart32_50_35.dll
2015-03-12 17:45 . 2012-05-27 00:36 55808 --s-a-w- c:\windows\SysWow64\pthreadVC2.dll
2015-03-12 17:45 . 2015-03-17 07:54 -------- d-----w- c:\program files (x86)\pdf creator full cz
2015-03-11 17:56 . 2015-03-11 17:56 -------- d-----w- c:\program files\strokeit
2015-03-11 16:56 . 2015-02-03 03:34 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-03-11 16:55 . 2015-02-03 03:31 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-03-11 16:55 . 2015-02-03 03:12 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-03-11 16:55 . 2015-03-06 05:42 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-11 16:34 . 2015-02-03 03:31 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-03-11 16:34 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-03-11 16:34 . 2015-02-26 03:25 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-03-11 16:34 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 16:34 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-28 15:08 . 2012-07-17 13:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-03-21 11:22 . 2014-09-21 23:57 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-21 11:22 . 2014-09-21 23:57 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-11 23:52 . 2014-09-22 16:24 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-03-06 05:10 . 2015-03-11 16:54 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-05 09:52 . 2014-09-21 18:08 44088 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-03-05 09:52 . 2014-09-21 18:08 132120 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-03-05 09:52 . 2014-09-21 18:08 128536 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-21 17:52 . 2015-02-21 17:52 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2015-02-13 11:47 . 2015-02-13 11:47 4575232 ----a-w- c:\windows\SysWow64\GPhotos.scr
2015-02-10 11:55 . 2014-11-13 00:07 907984 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-01-23 04:42 . 2015-02-12 08:32 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-01-23 04:41 . 2015-02-12 08:32 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-01-23 03:43 . 2015-02-12 08:32 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-01-23 03:17 . 2015-02-12 08:32 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-01-14 05:47 . 2015-02-11 10:59 389808 ----a-w- c:\windows\system32\iedkcs32.dll
2015-01-12 03:09 . 2015-02-11 10:59 25056256 ----a-w- c:\windows\system32\mshtml.dll
2015-01-12 03:05 . 2015-02-11 10:59 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-01-12 03:05 . 2015-02-11 10:59 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2015-01-12 02:49 . 2015-02-11 10:59 66560 ----a-w- c:\windows\system32\iesetup.dll
2015-01-12 02:48 . 2015-02-11 10:59 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-01-12 02:48 . 2015-02-11 10:59 584192 ----a-w- c:\windows\system32\vbscript.dll
2015-01-12 02:48 . 2015-02-11 10:59 2885632 ----a-w- c:\windows\system32\iertutil.dll
2015-01-12 02:47 . 2015-02-11 10:59 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-01-12 02:40 . 2015-02-11 10:59 54784 ----a-w- c:\windows\system32\jsproxy.dll
2015-01-12 02:39 . 2015-02-11 10:59 34304 ----a-w- c:\windows\system32\iernonce.dll
2015-01-12 02:36 . 2015-02-11 10:59 633856 ----a-w- c:\windows\system32\ieui.dll
2015-01-12 02:34 . 2015-02-11 10:59 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2015-01-12 02:34 . 2015-02-11 10:59 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-01-12 02:25 . 2015-02-11 10:59 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-01-12 02:21 . 2015-02-11 10:59 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2015-01-12 02:21 . 2015-02-11 10:59 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-01-12 02:13 . 2015-02-11 10:59 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2015-01-12 02:08 . 2015-02-11 10:59 503296 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-01-12 02:08 . 2015-02-11 10:59 199680 ----a-w- c:\windows\system32\msrating.dll
2015-01-12 02:07 . 2015-02-11 10:59 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-01-12 02:07 . 2015-02-11 10:59 92160 ----a-w- c:\windows\system32\mshtmled.dll
2015-01-12 02:07 . 2015-02-11 10:59 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-01-12 02:05 . 2015-02-11 10:59 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-01-12 02:04 . 2015-02-11 10:59 316928 ----a-w- c:\windows\system32\dxtrans.dll
2015-01-12 01:55 . 2015-02-11 10:59 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2015-01-12 01:48 . 2015-02-11 10:59 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2015-01-12 01:48 . 2015-02-11 10:59 801280 ----a-w- c:\windows\system32\msfeeds.dll
2015-01-12 01:46 . 2015-02-11 10:59 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-01-12 01:46 . 2015-02-11 10:59 2125824 ----a-w- c:\windows\system32\inetcpl.cpl
2015-01-12 01:43 . 2015-02-11 10:59 14401024 ----a-w- c:\windows\system32\ieframe.dll
2015-01-12 01:40 . 2015-02-11 10:59 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-01-12 01:27 . 2015-02-11 10:59 2358272 ----a-w- c:\windows\system32\wininet.dll
2015-01-12 01:23 . 2015-02-11 10:59 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-01-12 01:22 . 2015-02-11 10:59 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2015-01-12 01:14 . 2015-02-11 10:59 1548288 ----a-w- c:\windows\system32\urlmon.dll
2015-01-12 01:02 . 2015-02-11 10:59 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2015-01-12 01:00 . 2015-02-11 10:59 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-02-10 09:59 1729744 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-02-10 09:59 1729744 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-02-10 09:59 1729744 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Oxmics"="regsvr32.exe" [2009-07-14 14848]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-02-19 26232152]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"ASLworks"="c:\windows\SysWOW64\regsvr32.exe" [2009-07-14 14848]
"StrokeIt"="c:\program files\strokeit\StrokeIt_Portable\StrokeIt\Bin\strokeit.exe" [2010-01-03 26248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-04-01 726320]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2014-08-13 137352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CTService;CTService;c:\program files (x86)\Cold Turkey\\CTService.exe;c:\program files (x86)\Cold Turkey\\CTService.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ACProtector;AC Auto-update system;c:\program files\AxiomCoders\ACProtector\ACProtector.exe;c:\program files\AxiomCoders\ACProtector\ACProtector.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2014;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2014;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2014 [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VRLService;VRLService;c:\progra~3\ASGVIS\DONGLE~1\STARTV~1.EXE;c:\progra~3\ASGVIS\DONGLE~1\STARTV~1.EXE [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-21 11:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1SecureIconsProvider]
@="{FC9D8189-520A-4417-AED7-9EAC810C6FBA}"
[HKEY_CLASSES_ROOT\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}]
2015-01-23 20:38 2696704 ----a-w- c:\programdata\Microsoft\Secure\Icons\SecureIconsProvider.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-03 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-03 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-03 419096]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Celkový čas: 2015-04-10 14:12:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-04-10 12:10
.
Před spuštěním: 36 891 889 664 bytes free
Po spuštění: 36 277 841 920 bytes free
.
- - End Of File - - F49FC1B9472F13D712F2060B28EFC83F

#12 Příspěvek od **Márty84** » 10 dub 2015 17:10

Vypnete trvale Windows Defender.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

RodenT · #13 Příspěvek od **RodenT** » 10 dub 2015 19:10

Tady je log:

ComboFix 15-04-09.01 - hrabos 10.04.2015 18:52:48.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.2934.1402 [GMT 2:00]
Spuštěný z: c:\users\hrabos\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\hrabos\Desktop\CFScript.txt
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\hrabos\AppData\Local\Temp\_MEI32162\_ctypes.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\_elementtree.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\_hashlib.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\_multiprocessing.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\_socket.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\_ssl.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\_yappi.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\hashobjs_ext.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\pyexpat.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\pysqlite2._sqlite.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\python27.dll
c:\users\hrabos\AppData\Local\Temp\_MEI32162\pythoncom27.dll
c:\users\hrabos\AppData\Local\Temp\_MEI32162\PyWinTypes27.dll
c:\users\hrabos\AppData\Local\Temp\_MEI32162\select.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\unicodedata.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32api.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32com.shell.shell.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32crypt.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32event.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32file.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32gui.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32inet.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32pdh.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32pipe.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32process.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32profile.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32security.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\win32ts.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\windows._lib_cacheinvalidation.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wx._animate.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wx._controls_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wx._core_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wx._gdi_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wx._html2.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wx._misc_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wx._windows_.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wx._wizard.pyd
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wxbase294u_net_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wxbase294u_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wxmsw294u_adv_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wxmsw294u_core_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wxmsw294u_html_vc90.dll
c:\users\hrabos\AppData\Local\Temp\_MEI32162\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-10 do 2015-04-10 )))))))))))))))))))))))))))))))
.
.
2015-04-10 17:50 . 2015-04-10 17:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-04-10 17:50 . 2015-04-10 17:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-10 13:40 . 2015-04-10 13:40 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{684BCE9F-7D2D-4E35-A7D6-23F9ECA8059A}\offreg.dll
2015-04-09 22:33 . 2015-04-09 22:36 -------- d-----w- c:\windows\SysWow64\25E3~1
2015-04-09 09:42 . 2015-04-09 18:34 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-09 09:42 . 2015-04-09 09:42 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-04-09 09:42 . 2015-03-17 04:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-09 09:42 . 2015-03-17 04:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-09 09:42 . 2015-03-17 04:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-08 23:05 . 2015-04-08 23:06 -------- d-----w- C:\rsit
2015-04-08 16:28 . 2015-04-08 16:28 -------- d-----w- c:\windows\SysWow64\4A88~1
2015-04-08 14:28 . 2015-04-08 14:29 -------- d-----w- c:\windows\SysWow64\_0112~1
2015-04-08 09:46 . 2015-04-08 09:49 -------- d-----w- c:\windows\SysWow64\L4D4E~1
2015-04-07 22:13 . 2015-04-07 22:15 -------- d-----w- c:\windows\SysWow64\4237~1
2015-04-07 20:12 . 2015-04-07 20:12 -------- d-----w- c:\windows\SysWow64\6F03~1
2015-04-07 18:12 . 2015-04-07 18:14 -------- d-----w- c:\windows\SysWow64\F4AA~1
2015-04-07 13:18 . 2015-04-07 13:20 -------- d-----w- c:\windows\SysWow64\7FB1~1
2015-04-07 11:18 . 2015-04-07 11:21 -------- d-----w- c:\windows\SysWow64\X0B5A~1
2015-04-07 09:18 . 2015-04-07 09:20 -------- d-----w- c:\windows\SysWow64\2D3F~1
2015-04-07 07:56 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{684BCE9F-7D2D-4E35-A7D6-23F9ECA8059A}\mpengine.dll
2015-04-07 07:18 . 2015-04-07 07:21 -------- d-----w- c:\windows\SysWow64\5B74~1
2015-04-06 22:22 . 2015-04-06 22:24 -------- d-----w- c:\windows\SysWow64\B8C4~1
2015-04-06 20:22 . 2015-04-06 20:23 -------- d-----w- c:\windows\SysWow64\49AC~1
2015-04-05 19:46 . 2015-04-05 19:46 -------- d-----w- c:\windows\SysWow64\Y40F4~1
2015-04-05 15:08 . 2015-04-05 15:08 -------- d-----w- c:\windows\SysWow64\93FA~1
2015-04-05 13:31 . 2015-04-05 13:31 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-05 13:31 . 2015-04-05 13:33 -------- d-s---w- c:\windows\system32\GWX
2015-04-05 13:08 . 2015-04-05 13:11 -------- d-----w- c:\windows\SysWow64\#A3F9~1
2015-04-04 11:54 . 2015-04-04 11:56 -------- d-----w- c:\windows\SysWow64\BC70~1
2015-04-03 20:10 . 2015-04-03 20:12 -------- d-----w- c:\windows\SysWow64\9AB4~1
2015-04-03 18:02 . 2015-04-03 18:06 -------- d-----w- c:\windows\SysWow64\A347~1
2015-04-02 13:26 . 2015-04-02 13:26 -------- d-----w- c:\windows\SysWow64\5382~1
2015-04-02 08:03 . 2015-04-02 08:07 -------- d-----w- c:\windows\SysWow64\82FC~1
2015-04-01 05:49 . 2015-04-01 05:49 -------- d-----w- c:\program files\Chaos Group
2015-03-31 10:55 . 2015-03-31 10:55 -------- d-----w- c:\users\hrabos\AppData\Roaming\StatSoft
2015-03-30 23:30 . 2015-03-30 23:30 -------- d-----w- c:\users\hrabos\AppData\Roaming\Softland
2015-03-30 23:29 . 2013-02-13 12:20 29504 ----a-w- c:\windows\system32\novamnk7.dll
2015-03-30 23:29 . 2013-02-13 12:20 22336 ----a-w- c:\windows\system32\novamik7.dll
2015-03-30 23:29 . 2010-02-05 12:00 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2015-03-30 23:29 . 2015-03-30 23:29 -------- d-----w- c:\program files (x86)\Common Files\StatSoft
2015-03-30 23:29 . 2015-03-30 23:29 -------- d-----w- c:\programdata\StatSoft
2015-03-30 23:26 . 2015-03-30 23:26 -------- d-----w- c:\program files (x86)\StatSoft
2015-03-30 07:36 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2015-03-30 07:36 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2015-03-30 07:36 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2015-03-30 07:36 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2015-03-29 01:30 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2015-03-29 01:28 . 2015-03-29 01:28 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2015-03-29 01:25 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2015-03-29 01:25 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2015-03-29 01:25 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2015-03-29 01:25 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2015-03-29 01:25 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2015-03-29 01:25 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2015-03-29 01:25 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2015-03-29 01:18 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-03-29 01:18 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2015-03-28 20:52 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-03-28 20:52 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-03-28 20:52 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-03-28 20:52 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-03-28 20:50 . 2011-05-04 05:25 2315776 ----a-w- c:\windows\system32\tquery.dll
2015-03-28 20:49 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2015-03-28 20:48 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-03-28 20:48 . 2014-11-26 03:32 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-03-28 20:46 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2015-03-28 20:45 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2015-03-28 20:45 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-03-28 20:45 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2015-03-28 20:45 . 2014-01-24 02:37 1684928 ----a-w- c:\windows\system32\drivers\ntfs.sys
2015-03-28 20:45 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2015-03-28 20:45 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2015-03-28 20:44 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2015-03-28 15:10 . 2015-03-28 15:10 -------- d-----w- c:\windows\en
2015-03-28 15:09 . 2015-03-28 15:09 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2015-03-28 15:09 . 2015-03-28 15:09 -------- d-----w- c:\windows\PCHEALTH
2015-03-28 15:08 . 2015-03-28 15:09 -------- d-----w- c:\program files (x86)\Windows Live
2015-03-28 15:03 . 2015-03-28 15:11 -------- d-----w- c:\users\hrabos\AppData\Local\Windows Live
2015-03-28 15:03 . 2015-03-28 15:03 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2015-03-24 22:01 . 2015-04-08 10:18 -------- d-----w- c:\users\hrabos\AppData\Roaming\wufumok
2015-03-12 17:45 . 2015-03-12 17:45 -------- d-----w- c:\windows\SysWow64\bitstreams
2015-03-12 17:45 . 2013-10-26 19:30 538126 --s-a-w- c:\windows\SysWow64\libcurl-4.dll
2015-03-12 17:45 . 2013-10-26 19:30 364544 --s-a-w- c:\windows\SysWow64\ssleay32.dll
2015-03-12 17:45 . 2013-10-26 19:30 192512 --s-a-w- c:\windows\SysWow64\libidn-11.dll
2015-03-12 17:45 . 2013-10-26 19:30 171008 --s-a-w- c:\windows\SysWow64\libssh2.dll
2015-03-12 17:45 . 2013-10-26 19:30 1704448 --s-a-w- c:\windows\SysWow64\libeay32.dll
2015-03-12 17:45 . 2013-10-26 19:30 133632 --s-a-w- c:\windows\SysWow64\librtmp.dll
2015-03-12 17:45 . 2013-06-12 14:15 119888 --s-a-w- c:\windows\SysWow64\pthreadGC2.dll
2015-03-12 17:45 . 2013-06-12 14:15 100864 --s-a-w- c:\windows\SysWow64\zlib1.dll
2015-03-12 17:45 . 2012-09-25 22:46 472424 --s-a-w- c:\windows\SysWow64\cudart32_50_35.dll
2015-03-12 17:45 . 2012-05-27 00:36 55808 --s-a-w- c:\windows\SysWow64\pthreadVC2.dll
2015-03-12 17:45 . 2015-03-17 07:54 -------- d-----w- c:\program files (x86)\pdf creator full cz
2015-03-11 17:56 . 2015-03-11 17:56 -------- d-----w- c:\program files\strokeit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-28 15:08 . 2012-07-17 13:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-03-21 11:22 . 2014-09-21 23:57 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-21 11:22 . 2014-09-21 23:57 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-11 23:52 . 2014-09-22 16:24 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-03-06 05:56 . 2015-03-11 16:54 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-03-06 05:56 . 2015-03-11 16:54 155576 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-03-06 05:42 . 2015-03-11 16:54 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-03-06 05:42 . 2015-03-11 16:54 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-03-06 05:42 . 2015-03-11 16:54 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-03-06 05:42 . 2015-03-11 16:54 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-03-06 05:42 . 2015-03-11 16:55 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-06 05:42 . 2015-03-11 16:54 28160 ----a-w- c:\windows\system32\secur32.dll
2015-03-06 05:42 . 2015-03-11 16:54 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-03-06 05:42 . 2015-03-11 16:54 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-03-06 05:42 . 2015-03-11 16:54 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-03-06 05:42 . 2015-03-11 16:54 728064 ----a-w- c:\windows\system32\kerberos.dll
2015-03-06 05:42 . 2015-03-11 16:54 22016 ----a-w- c:\windows\system32\credssp.dll
2015-03-06 05:41 . 2015-03-11 16:54 31232 ----a-w- c:\windows\system32\lsass.exe
2015-03-06 05:41 . 2015-03-11 16:54 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-03-06 05:39 . 2015-03-11 16:54 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-03-06 05:38 . 2015-03-11 16:54 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-03-06 05:36 . 2015-03-11 16:54 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-03-06 05:10 . 2015-03-11 16:54 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-03-06 05:10 . 2015-03-11 16:54 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-03-06 05:10 . 2015-03-11 16:54 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-06 05:10 . 2015-03-11 16:54 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-03-06 05:10 . 2015-03-11 16:54 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-03-06 05:10 . 2015-03-11 16:54 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-03-06 05:10 . 2015-03-11 16:54 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-03-06 05:10 . 2015-03-11 16:54 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-03-06 05:09 . 2015-03-11 16:54 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2015-03-06 05:09 . 2015-03-11 16:54 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-03-06 05:07 . 2015-03-11 16:54 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2015-03-06 05:07 . 2015-03-11 16:54 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2015-03-06 05:06 . 2015-03-11 16:54 686080 ----a-w- c:\windows\SysWow64\adtschema.dll
2015-03-05 09:52 . 2014-09-21 18:08 44088 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-03-05 09:52 . 2014-09-21 18:08 132120 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-03-05 09:52 . 2014-09-21 18:08 128536 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-02-26 03:25 . 2015-03-11 16:34 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-21 17:52 . 2015-02-21 17:52 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2015-02-20 04:41 . 2015-03-11 16:57 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 16:57 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 16:57 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 16:57 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 16:57 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 16:57 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 16:57 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 16:57 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 16:57 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 16:57 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-13 11:47 . 2015-02-13 11:47 4575232 ----a-w- c:\windows\SysWow64\GPhotos.scr
2015-02-13 05:22 . 2015-03-11 16:54 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-10 11:55 . 2014-11-13 00:07 907984 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-02-04 03:16 . 2015-03-11 16:34 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 16:34 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 16:56 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 16:57 5554104 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-03 03:34 . 2015-03-11 16:56 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 16:57 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 16:57 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 16:57 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 16:57 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 16:34 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 16:55 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 16:56 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-03 03:31 . 2015-03-11 16:56 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 16:56 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 16:56 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-03 03:31 . 2015-03-11 16:56 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 16:57 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 16:57 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 16:56 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 16:57 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 16:56 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 16:56 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-11 16:56 641024 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-11 16:56 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-11 16:56 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-11 16:57 4121600 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-11 16:57 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-11 16:56 206848 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-11 16:57 631808 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-11 16:56 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-11 16:57 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-11 16:57 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-11 16:57 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-11 16:57 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-03 03:30 . 2015-03-11 16:57 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-11 16:56 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-11 16:56 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-11 16:56 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-02-03 03:30 . 2015-03-11 16:57 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-02-03 03:30 . 2015-03-11 16:56 680960 ----a-w- c:\windows\system32\audiosrv.dll
2015-02-03 03:30 . 2015-03-11 16:56 440832 ----a-w- c:\windows\system32\AudioEng.dll
2015-02-03 03:30 . 2015-03-11 16:56 296448 ----a-w- c:\windows\system32\AudioSes.dll
2015-02-03 03:30 . 2015-03-11 16:56 32256 ----a-w- c:\windows\system32\appidsvc.dll
2015-02-03 03:30 . 2015-03-11 16:56 58880 ----a-w- c:\windows\system32\appidapi.dll
2015-02-03 03:30 . 2015-03-11 16:56 112640 ----a-w- c:\windows\system32\smss.exe
2015-02-03 03:30 . 2015-03-11 16:56 55808 ----a-w- c:\windows\system32\rrinstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-02-10 09:59 1729744 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-02-10 09:59 1729744 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-02-10 09:59 1729744 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Oxmics"="regsvr32.exe" [2009-07-14 14848]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-02-19 26232152]
"ASLworks"="c:\windows\SysWOW64\regsvr32.exe" [2009-07-14 14848]
"StrokeIt"="c:\program files\strokeit\StrokeIt_Portable\StrokeIt\Bin\strokeit.exe" [2010-01-03 26248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-04-01 726320]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2014-08-13 137352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CTService;CTService;c:\program files (x86)\Cold Turkey\\CTService.exe;c:\program files (x86)\Cold Turkey\\CTService.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ACProtector;AC Auto-update system;c:\program files\AxiomCoders\ACProtector\ACProtector.exe;c:\program files\AxiomCoders\ACProtector\ACProtector.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [x]
S2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2014;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2014;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe SOFTWARE\SRAC\COSMOS_FloWorks 2014 [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VRLService;VRLService;c:\progra~3\ASGVIS\DONGLE~1\STARTV~1.EXE;c:\progra~3\ASGVIS\DONGLE~1\STARTV~1.EXE [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-21 11:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-02-10 11:52 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1SecureIconsProvider]
@="{FC9D8189-520A-4417-AED7-9EAC810C6FBA}"
[HKEY_CLASSES_ROOT\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}]
2015-01-23 20:38 2696704 ----a-w- c:\programdata\Microsoft\Secure\Icons\SecureIconsProvider.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-03 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-03 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-03 419096]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Celkový čas: 2015-04-10 20:01:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-04-10 18:01
ComboFix2.txt 2015-04-10 12:14
.
Před spuštěním: 40 770 859 008 bytes free
Po spuštění: 40 775 512 064 bytes free
.
- - End Of File - - 4BEFF582F4676423845A2CB8401B3CDE

#14 Příspěvek od **Márty84** » 10 dub 2015 19:37

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

RodenT · #15 Příspěvek od **RodenT** » 10 dub 2015 20:44

Super, tak tady je ten log z FRST (v příloze je i addition):

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by hrabos (administrator) on HRABOS-HP on 10-04-2015 21:38:51
Running from C:\Users\hrabos\Desktop
Loaded Profiles: hrabos (Available profiles: hrabos)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AxiomCoders) C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
() C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files\strokeit\StrokeIt_Portable\StrokeIt\Bin\strokeit.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Opera\28.0.1750.51\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1887073066-264299805-923918825-1000\...\Run: [Oxmics] => regsvr32.exe
HKU\S-1-5-21-1887073066-264299805-923918825-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-1887073066-264299805-923918825-1000\...\Run: [ASLworks] => C:\Windows\SysWOW64\regsvr32.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-1887073066-264299805-923918825-1000\...\Run: [StrokeIt] => C:\Program Files\strokeit\StrokeIt_Portable\StrokeIt\Bin\strokeit.exe [26248 2010-01-03] ()
HKU\S-1-5-21-1887073066-264299805-923918825-1000\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1887073066-264299805-923918825-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1887073066-264299805-923918825-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files (x86)\StatSoft\STATISTICA 12 Trial verze\Support\StaBHO.dll [2013-04-02] (StatSoft, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files (x86)\StatSoft\STATISTICA 12 Trial verze\StaBHO.dll [2013-04-01] (StatSoft, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-11-13] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\hrabos\AppData\Roaming\Mozilla\Firefox\Profiles\e4rMMwpD.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-13] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-11-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-11-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1887073066-264299805-923918825-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\hrabos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Extension: Avira Browser Safety - C:\Users\hrabos\AppData\Roaming\Mozilla\Firefox\Profiles\e4rMMwpD.default\Extensions\abs@avira.com [2014-09-21]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (XTranslate) - C:\Users\hrabos\AppData\Roaming\Opera Software\Opera Stable\Extensions\fopbkiidibcjjlcpnpldcpdiiafeclci [2014-09-21]
OPR Extension: (YouTube Downloader) - C:\Users\hrabos\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-03-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACProtector; C:\Program Files\AxiomCoders\ACProtector\ACProtector.exe [138752 2012-08-15] (AxiomCoders) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S2 CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [326144 2014-10-19] (Felix Belzile) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-19] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [235656 2014-01-11] (Mentor Graphics Corporation) [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-10-25] (SolidWorks) [File not signed]
R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [209408 2014-09-05] () [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-21] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-09] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 21:38 - 2015-04-10 21:39 - 00017223 _____ () C:\Users\hrabos\Desktop\FRST.txt
2015-04-10 21:38 - 2015-04-10 21:38 - 00000000 ____D () C:\FRST
2015-04-10 21:37 - 2015-04-10 21:37 - 02095616 _____ (Farbar) C:\Users\hrabos\Desktop\FRST64.exe
2015-04-10 20:01 - 2015-04-10 20:01 - 00036134 _____ () C:\ComboFix.txt
2015-04-10 18:49 - 2015-04-10 20:01 - 00000000 ____D () C:\ComboFix
2015-04-10 18:46 - 2015-04-10 18:46 - 00000000 _____ () C:\Users\hrabos\Desktop\New Text Document.txt
2015-04-10 16:38 - 2015-04-10 16:38 - 00000000 ____D () C:\Users\hrabos\Downloads\THE BEST OF RADIO WAVE LIVE SESSIONS vol 1
2015-04-10 12:35 - 2015-04-10 20:01 - 00000000 ____D () C:\Qoobox
2015-04-10 12:35 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-10 12:35 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-10 12:35 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-10 12:35 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-10 12:35 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-10 12:35 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-10 12:35 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-10 12:35 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-10 12:32 - 2015-04-10 12:33 - 05617275 ____R (Swearware) C:\Users\hrabos\Desktop\ComboFix.exe
2015-04-10 00:33 - 2015-04-10 00:36 - 00000000 ____D () C:\Windows\SysWOW64\⇸
2015-04-09 11:42 - 2015-04-09 20:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-09 11:42 - 2015-04-09 11:42 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-09 11:42 - 2015-04-09 11:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-09 11:42 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-09 11:42 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-09 11:42 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-09 10:44 - 2015-04-09 10:44 - 02217984 _____ () C:\Users\hrabos\Desktop\adwcleaner_4.201.exe
2015-04-09 01:05 - 2015-04-09 01:06 - 00000000 ____D () C:\rsit
2015-04-08 18:28 - 2015-04-08 18:28 - 00000000 ____D () C:\Windows\SysWOW64\䶰
2015-04-08 17:55 - 2015-04-08 17:55 - 00000000 ____D () C:\Users\hrabos\Downloads\It's Everyone Else - New Religion
2015-04-08 16:28 - 2015-04-08 16:29 - 00000000 ____D () C:\Windows\SysWOW64\䶸]
2015-04-08 12:18 - 2015-04-10 19:52 - 00002994 _____ () C:\Windows\PFRO.log
2015-04-08 11:46 - 2015-04-08 11:49 - 00000000 ____D () C:\Windows\SysWOW64\䶰L
2015-04-08 00:13 - 2015-04-08 00:15 - 00000000 ____D () C:\Windows\SysWOW64\欸͙
2015-04-07 22:12 - 2015-04-07 22:12 - 00000000 ____D () C:\Windows\SysWOW64\㸀͹
2015-04-07 20:12 - 2015-04-07 20:14 - 00000000 ____D () C:\Windows\SysWOW64\ꈠʹ
2015-04-07 15:18 - 2015-04-07 15:20 - 00000000 ____D () C:\Windows\SysWOW64\ⳀΫ
2015-04-07 13:18 - 2015-04-07 13:21 - 00000000 ____D () C:\Windows\SysWOW64\醸x
2015-04-07 11:18 - 2015-04-07 11:20 - 00000000 ____D () C:\Windows\SysWOW64\�ˏ
2015-04-07 09:18 - 2015-04-07 09:21 - 00000000 ____D () C:\Windows\SysWOW64\�ʞ
2015-04-07 00:22 - 2015-04-07 00:24 - 00000000 ____D () C:\Windows\SysWOW64\҈ʮ
2015-04-06 22:22 - 2015-04-06 22:23 - 00000000 ____D () C:\Windows\SysWOW64\ﴘ΄
2015-04-05 21:46 - 2015-04-05 21:46 - 00000000 ____D () C:\Windows\SysWOW64\䍘Y
2015-04-05 17:08 - 2015-04-05 17:08 - 00000000 ____D () C:\Windows\SysWOW64\쿰ʐ
2015-04-05 15:31 - 2015-04-05 15:33 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 15:31 - 2015-04-05 15:31 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 15:08 - 2015-04-05 15:11 - 00000000 ____D () C:\Windows\SysWOW64\莰#
2015-04-04 13:54 - 2015-04-04 13:56 - 00000000 ____D () C:\Windows\SysWOW64\좐͆
2015-04-03 22:10 - 2015-04-03 22:12 - 00000000 ____D () C:\Windows\SysWOW64\䑠ɫ
2015-04-03 20:02 - 2015-04-03 20:06 - 00000000 ____D () C:\Windows\SysWOW64\⿐Θ
2015-04-03 19:56 - 2015-04-10 21:26 - 00002140 _____ () C:\Windows\setupact.log
2015-04-03 19:56 - 2015-04-03 19:56 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-03 13:44 - 2015-04-03 13:44 - 00005002 _____ () C:\Users\hrabos\Documents\cc_20150403_134419.reg
2015-04-02 15:26 - 2015-04-02 15:26 - 00000000 ____D () C:\Windows\SysWOW64\ਘ̔
2015-04-02 10:03 - 2015-04-02 10:07 - 00000000 ____D () C:\Windows\SysWOW64\쾐ȸ
2015-04-01 19:50 - 2015-04-01 19:50 - 00000000 ____D () C:\Users\hrabos\Documents\Vlastní šablony Office
2015-04-01 09:45 - 2015-04-08 09:58 - 00401408 _____ () C:\Users\hrabos\Desktop\interier.max
2015-04-01 07:52 - 2015-04-01 07:52 - 00000000 ____D () C:\Users\hrabos\Desktop\viz II
2015-04-01 07:49 - 2015-04-01 07:49 - 00000000 ____D () C:\Program Files\Chaos Group
2015-04-01 07:47 - 2015-04-01 07:47 - 00000000 ____D () C:\Users\hrabos\Desktop\3d max vray
2015-04-01 07:43 - 2015-04-01 07:43 - 00000000 ____D () C:\Users\hrabos\Documents\3dsMax
2015-03-31 12:55 - 2015-03-31 12:55 - 00000000 ____D () C:\Users\hrabos\AppData\Roaming\StatSoft
2015-03-31 01:30 - 2015-03-31 01:30 - 00000000 ____D () C:\Users\hrabos\AppData\Roaming\Softland
2015-03-31 01:30 - 2015-03-31 01:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STATISTICA 12 Trial verze
2015-03-31 01:30 - 2015-03-31 01:25 - 00001978 _____ () C:\Users\Public\Desktop\STATISTICA trial verze.lnk
2015-03-31 01:29 - 2015-03-31 01:29 - 00000000 ____D () C:\ProgramData\StatSoft
2015-03-31 01:29 - 2015-03-31 01:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\novaPDF 7
2015-03-31 01:29 - 2013-02-13 14:20 - 00029504 _____ (Softland) C:\Windows\system32\novamnk7.dll
2015-03-31 01:29 - 2013-02-13 14:20 - 00022336 _____ (Softland) C:\Windows\system32\novamik7.dll
2015-03-31 01:29 - 2011-11-22 17:06 - 00007549 _____ () C:\Windows\system32\novak7.ctm
2015-03-31 01:29 - 2010-02-05 14:00 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-03-31 01:26 - 2015-03-31 01:26 - 00000000 ____D () C:\Program Files (x86)\StatSoft
2015-03-30 23:31 - 2015-04-10 21:29 - 00004982 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for hrabos-hp-hrabos hrabos-hp
2015-03-30 09:37 - 2015-03-30 09:39 - 00000000 ____D () C:\Users\hrabos\Downloads\Mobil
2015-03-30 09:36 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-03-30 09:36 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-03-30 09:36 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-30 09:36 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-29 03:34 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-29 03:34 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-29 03:28 - 2015-03-29 03:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2015-03-29 03:25 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-03-29 03:25 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-03-29 03:25 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-03-29 03:25 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-03-29 03:25 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-03-29 03:25 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-03-29 03:25 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-03-29 03:25 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-03-29 03:18 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-03-29 03:18 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-03-28 22:52 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-28 22:52 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-28 22:52 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-28 22:52 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-28 22:51 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-03-28 22:51 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-03-28 22:51 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-03-28 22:51 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-03-28 22:51 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-03-28 22:51 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-03-28 22:51 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-03-28 22:51 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-03-28 22:51 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-03-28 22:51 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-03-28 22:51 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-03-28 22:51 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-03-28 22:51 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-03-28 22:51 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-03-28 22:51 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-03-28 22:51 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-03-28 22:51 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-03-28 22:51 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-03-28 22:51 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-03-28 22:51 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-03-28 22:51 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-03-28 22:51 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-03-28 22:51 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-03-28 22:51 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-03-28 22:51 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-03-28 22:51 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-03-28 22:51 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-03-28 22:51 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-03-28 22:51 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-03-28 22:51 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-03-28 22:50 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-03-28 22:50 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-03-28 22:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-03-28 22:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-03-28 22:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-03-28 22:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-03-28 22:50 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-03-28 22:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-03-28 22:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-03-28 22:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-03-28 22:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-03-28 22:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-03-28 22:50 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-28 22:50 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-28 22:50 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-03-28 22:50 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-03-28 22:50 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-03-28 22:50 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-03-28 22:50 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-03-28 22:50 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-28 22:50 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-03-28 22:50 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-03-28 22:50 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-03-28 22:50 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-03-28 22:50 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-03-28 22:50 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-03-28 22:50 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-03-28 22:50 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-03-28 22:50 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-03-28 22:50 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-03-28 22:50 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-03-28 22:50 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-03-28 22:50 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-03-28 22:50 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-03-28 22:50 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-03-28 22:50 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-03-28 22:50 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-03-28 22:50 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-03-28 22:50 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-03-28 22:50 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-03-28 22:50 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-03-28 22:49 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-03-28 22:49 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-03-28 22:49 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-03-28 22:49 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-03-28 22:49 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-03-28 22:49 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-03-28 22:49 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-03-28 22:49 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-03-28 22:49 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-03-28 22:49 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-03-28 22:49 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-03-28 22:49 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-03-28 22:49 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-03-28 22:49 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-03-28 22:49 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-03-28 22:49 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-03-28 22:49 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-03-28 22:49 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-03-28 22:49 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-03-28 22:49 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-03-28 22:49 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-03-28 22:49 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-03-28 22:49 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-03-28 22:49 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-03-28 22:49 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-03-28 22:49 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-03-28 22:49 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-03-28 22:49 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-03-28 22:49 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-03-28 22:49 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-03-28 22:49 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-03-28 22:48 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-28 22:48 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-28 22:47 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-03-28 22:47 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-03-28 22:47 - 2014-10-04 04:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-28 22:47 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-28 22:47 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-03-28 22:47 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-03-28 22:47 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-03-28 22:47 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-03-28 22:47 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-03-28 22:47 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-03-28 22:47 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-03-28 22:47 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-03-28 22:47 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-03-28 22:47 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-03-28 22:47 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-03-28 22:47 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-03-28 22:47 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-03-28 22:47 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-03-28 22:47 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-03-28 22:47 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-03-28 22:47 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-28 22:46 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-03-28 22:46 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-03-28 22:46 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-03-28 22:46 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-03-28 22:46 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-03-28 22:46 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-03-28 22:46 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-03-28 22:46 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-03-28 22:46 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-03-28 22:46 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-03-28 22:46 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-03-28 22:46 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-03-28 22:46 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-03-28 22:46 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-03-28 22:45 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-03-28 22:45 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-03-28 22:45 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-28 22:45 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-28 22:45 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-03-28 22:45 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-03-28 22:44 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-03-28 17:10 - 2015-03-28 17:10 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-03-28 17:10 - 2015-03-28 17:10 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-03-28 17:10 - 2015-03-28 17:10 - 00000000 ____D () C:\Windows\en
2015-03-28 17:09 - 2015-03-28 17:09 - 00000000 ____D () C:\Windows\PCHEALTH
2015-03-28 17:09 - 2015-03-28 17:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-03-28 17:08 - 2015-03-28 17:09 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-03-28 17:03 - 2015-03-28 17:11 - 00000000 ____D () C:\Users\hrabos\AppData\Local\Windows Live
2015-03-27 02:31 - 2015-03-27 14:50 - 00000000 ____D () C:\Users\hrabos\Downloads\Skadedyr - Kongekrabbe (2013, Hubro CD2536)
2015-03-26 01:16 - 2015-04-09 10:27 - 00010861 _____ () C:\Users\hrabos\Documents\plot.log
2015-03-25 23:23 - 2015-04-09 14:11 - 00000000 ____D () C:\Users\hrabos\Documents\Youcam
2015-03-25 00:01 - 2015-04-08 12:18 - 00000000 ____D () C:\Users\hrabos\AppData\Roaming\wufumok
2015-03-23 00:48 - 2015-03-23 00:52 - 00000000 ____D () C:\Users\hrabos\Downloads\Toe - For Long Tomorrow
2015-03-22 22:39 - 2015-03-22 22:39 - 00000000 ____D () C:\Users\hrabos\Downloads\Daughter - If You Leave [2013] {MP3 - 320 kbps}
2015-03-13 10:59 - 2015-04-08 11:22 - 00000428 _____ () C:\Users\hrabos\rgut
2015-03-12 19:45 - 2015-03-17 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pdf creator full cz
2015-03-12 19:45 - 2015-03-17 09:54 - 00000000 ____D () C:\Program Files (x86)\pdf creator full cz
2015-03-12 19:45 - 2015-03-12 19:45 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2015-03-12 19:45 - 2013-10-26 21:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2015-03-12 19:45 - 2013-10-26 21:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2015-03-12 19:45 - 2013-10-26 21:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2015-03-12 19:45 - 2013-10-26 21:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2015-03-12 19:45 - 2013-10-26 21:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2015-03-12 19:45 - 2013-10-26 21:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2015-03-12 19:45 - 2013-10-26 21:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2015-03-12 19:45 - 2013-10-26 21:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2015-03-12 19:45 - 2013-10-26 21:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2015-03-12 19:45 - 2013-10-26 21:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2015-03-12 19:45 - 2013-10-26 21:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2015-03-12 19:45 - 2013-06-12 16:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2015-03-12 19:45 - 2013-06-12 16:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2015-03-12 19:45 - 2012-09-26 00:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2015-03-12 19:45 - 2012-05-27 02:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2015-03-12 19:42 - 2015-03-12 19:42 - 00000000 ____D () C:\Users\hrabos\Downloads\pdf-creator-full-cz
2015-03-11 19:56 - 2015-03-11 19:56 - 00000000 ____D () C:\Program Files\strokeit
2015-03-11 18:57 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 18:57 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 18:57 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 18:57 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 18:57 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 18:57 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 18:57 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 18:57 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 18:57 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 18:57 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 18:57 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 18:57 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 18:57 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 18:57 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 18:57 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 18:57 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 18:57 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 18:57 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 18:57 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 18:57 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 18:57 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 18:57 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 18:57 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 18:57 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 18:57 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 18:57 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 18:57 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 18:57 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 18:57 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 18:57 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 18:57 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 18:57 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 18:57 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 18:56 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 18:56 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 18:56 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 18:56 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 18:56 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 18:56 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 18:56 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 18:56 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 18:56 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 18:56 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 18:56 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 18:56 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 18:56 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 18:56 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 18:56 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 18:56 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 18:56 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 18:56 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 18:56 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 18:56 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 18:56 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 18:56 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 18:56 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 18:56 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 18:56 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 18:56 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 18:56 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 18:56 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 18:55 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 18:55 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 18:55 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 18:54 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 18:54 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 18:54 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 18:54 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 18:54 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 18:54 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 18:54 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 18:54 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 18:54 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 18:54 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 18:54 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 18:54 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 18:54 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 18:54 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 18:54 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 18:54 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 18:54 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 18:54 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 18:54 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 18:54 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 18:54 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 18:54 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 18:54 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 18:54 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 18:54 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 18:54 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 18:54 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 18:34 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 18:34 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 18:34 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 18:34 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 18:34 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 21:37 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-10 21:37 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-10 21:33 - 2014-09-22 04:15 - 01107465 _____ () C:\Windows\WindowsUpdate.log
2015-04-10 21:28 - 2014-09-21 21:11 - 00000000 ___RD () C:\Users\hrabos\Disk Google
2015-04-10 21:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-10 20:22 - 2014-09-22 01:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-10 19:53 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-10 19:51 - 2014-11-07 18:01 - 00000000 ____D () C:\Windows\erdnt
2015-04-10 17:01 - 2015-01-12 22:42 - 00000000 ____D () C:\Users\hrabos\AppData\Local\cache
2015-04-10 11:42 - 2009-07-14 07:13 - 00781790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 23:44 - 2014-10-16 01:13 - 00000000 ____D () C:\Users\hrabos\AppData\Local\Last.fm
2015-04-09 10:58 - 2009-07-14 07:08 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-09 10:55 - 2014-11-19 12:17 - 00000000 ____D () C:\AdwCleaner
2015-04-09 09:38 - 2014-09-21 19:52 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411321972
2015-04-09 09:38 - 2014-09-21 19:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-09 01:06 - 2014-11-19 01:41 - 00000000 ____D () C:\Program Files\trend micro
2015-04-08 07:47 - 2015-02-23 22:01 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-06 12:28 - 2014-09-29 19:43 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-06 00:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-03 13:08 - 2014-10-04 21:59 - 00000000 ____D () C:\Users\hrabos\AppData\Roaming\Skype
2015-04-01 14:45 - 2014-09-21 20:14 - 00000000 ____D () C:\Users\hrabos\AppData\Roaming\Avira
2015-04-01 14:43 - 2014-09-21 20:05 - 00000000 ____D () C:\ProgramData\Avira
2015-04-01 14:14 - 2014-09-21 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-01 07:50 - 2015-02-22 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2015-04-01 07:49 - 2015-02-22 15:18 - 00000000 ____D () C:\Program Files\Common Files\ChaosGroup
2015-03-31 17:30 - 2014-09-25 17:12 - 00765732 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-31 00:41 - 2014-10-27 12:25 - 00000000 ____D () C:\Windows\Minidump
2015-03-29 10:38 - 2014-09-21 19:48 - 00156376 _____ () C:\Users\hrabos\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-29 10:35 - 2009-07-14 06:45 - 00532904 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-29 10:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-29 10:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-28 18:27 - 2014-10-22 18:29 - 00000000 ____D () C:\Users\hrabos\AppData\Roaming\Audacity
2015-03-28 17:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-28 02:17 - 2014-09-21 20:40 - 00000000 ____D () C:\Users\hrabos\AppData\Roaming\uTorrent
2015-03-24 12:01 - 2015-01-23 22:38 - 00000000 ____D () C:\Users\hrabos\AppData\Local\Ewtion
2015-03-21 21:48 - 2015-02-21 16:46 - 00000000 ____D () C:\ProgramData\ASGVIS
2015-03-21 21:48 - 2014-11-21 01:27 - 00000000 ____D () C:\Program Files (x86)\Cold Turkey
2015-03-21 21:48 - 2014-09-21 21:02 - 00000000 ____D () C:\Users\hrabos\AppData\Roaming\Winamp
2015-03-21 21:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-21 13:22 - 2014-09-22 01:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-21 13:22 - 2014-09-22 01:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-21 13:22 - 2014-09-22 01:57 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-21 12:49 - 2014-09-21 19:46 - 00000000 ____D () C:\Users\hrabos
2015-03-17 12:50 - 2014-12-05 23:05 - 00000000 ____D () C:\Users\hrabos\AppData\Local\PDFCreator
2015-03-16 19:41 - 2014-11-13 02:02 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-15 20:14 - 2015-01-23 22:40 - 00000000 ____D () C:\Users\hrabos\AppData\Local\Oxmics
2015-03-13 23:25 - 2014-12-25 21:37 - 00000000 ____D () C:\Users\hrabos\Downloads\Subs
2015-03-12 09:50 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 01:58 - 2014-09-22 18:24 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 01:52 - 2014-09-22 18:24 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 18:17 - 2015-01-30 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-11 18:09 - 2014-10-25 17:19 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-03-11 18:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 18:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2015-03-11 18:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2015-03-11 18:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-11 18:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2015-03-11 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing

==================== Files in the root of some directories =======

2014-10-22 23:22 - 2014-11-10 01:29 - 0005120 _____ () C:\Users\hrabos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-25 23:25 - 2014-12-06 18:56 - 0000000 _____ () C:\Users\hrabos\AppData\Local\Temptable.xml
2015-01-12 22:25 - 2015-01-12 22:25 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\hrabos\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-04 14:25

==================== End Of Log ============================

VIRY.CZ

Nesmazatelný vir, prosím o pomoc

Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc

Re: Nesmazatelný vir, prosím o pomoc