Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu Logu potreboval bych pomoct

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Prosim o kontrolu Logu potreboval bych pomoct

#1 Příspěvek od sasa.cz »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sasa at 2015-04-17 01:25:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 374 GB (78%) free of 477 GB
Total RAM: 3895 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:25:56, on 17.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files (x86)\XTab\cmdshell.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\XTab\HPNotify.exe
C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Program Files\trend micro\Sasa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... NL102NL102
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... NL102NL102
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... NL102NL102
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll
O2 - BHO: UniDeals - {164cb150-8482-4f6c-8f66-8e13a2cee79c} - C:\Program Files (x86)\UniDeals\36vWpJhjS2QbJj.dll
O2 - BHO: FindBEsttDDeal - {1daf7c72-8f6e-4962-b651-1c806a8513c9} - C:\Program Files (x86)\FindBEsttDDeal\52Cx76fV04Cz7S.dll
O2 - BHO: Browser Extensions - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Sasa\AppData\Roaming\Slick Savings\Coupons.dll
O2 - BHO: GreatSave4uU - {376ea6c4-ac4f-44c9-9ca5-ec3aea6d76f0} - C:\Program Files (x86)\GreatSave4uU\Zb8Esi0NJptLXK.dll
O2 - BHO: youtubeadblocker - {4dd1ad88-10d3-439a-8cce-2afc5044f271} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RioboOSaaVer - {b706106f-6359-4871-8bcd-2b7c20d4a232} - C:\Program Files (x86)\RioboOSaaVer\Qao02ZpmrU6IpX.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: AlullSaver - {e0f13fd9-b399-4b4a-9b1e-5c9c6ebe0751} - C:\Program Files (x86)\AlullSaver\vcDUp0E48odFhh.dll
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Slick Savings] "C:\Users\Sasa\AppData\Roaming\Slick Savings\CouponsHelper.exe"
O4 - HKCU\..\Run: [Browser Extensions] "C:\Users\Sasa\AppData\Roaming\Slick Savings\CouponsHelper.exe"
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Counter Strike Source Full Non Steam With All Updates.lnk = C:\ProgramData\{a9daa4ac-b17f-c4d2-a9da-aa4acb1792b2}\Counter Strike Source Full Non Steam With All Updates.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE19F97E-CFA9-4BF5-A475-29804ACBC7AA}: NameServer = 213.46.172.36 213.46.172.37
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12243 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\UpgradeLeader\UpgradeLeader.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\UpgradeLeader\UpgradeLeader.dll",serv
"C:\Program Files (x86)\XTab\ProtectService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {BC09F0A5-6297-478C-A90B-D667A34CE1C4}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"
"C:\Program Files (x86)\XTab\cmdshell.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HPNotify.exe -run
"C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe" HOOK -Dwthx183.dll -IE"DefaultScope" -GC"C:\Users\Sasa\AppData\Local\Google\Chrome\User Data\Default\Web Data" -FF"C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Prefs.js"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe" /starttips
"C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe" updateandrun lol_launcher LoLLauncher.exe
LoLLauncher.exe
"C:/Riot Games/League of Legends/RADS/projects/lol_patcher/releases/0.0.0.27/deploy/LoLPatcher.exe"
"C:/Riot Games/League of Legends/RADS/projects/lol_air_client/releases/0.0.1.140/deploy//LolClient.exe" -runtime .\ -nodebug META-INF\AIR\application.xml .\ -- 8393
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe" /widget_scan
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.mystartsearch.com/?type=sc&t ... NL102NL102
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3108.236aa890.1360104158 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 8A9158DB3763B7C8 3108 "\\.\pipe\gecko-crash-server-pipe.3108" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe" --proxy-stub-channel=Flash4456.6141BE28.10352 --host-broker-channel=Flash4456.6141BE28.7219 --host-pid=4456 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe" --channel=3472.001BF740.1281265526 --proxy-stub-channel=Flash4456.6141BE28.10352 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll" --host-npapi-version=28 --type=renderer
C:\Windows\system32\svchost.exe -k defragsvc
"C:\Windows\system32\dfrgui.exe" /defrag \\?\Volume{2e691cd6-d9fe-11e3-b5b4-806e6f6e6963}\
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Sasa\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000Core.job - C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000UA.job - C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\extensions\
adremoveext@adremoveext.net
ascsurfingprotection@iobit.com
iobitascsurfingprotection@iobit.com
istart_ffnt@gmail.com
N9d@j.edu
nTb@u2cf.org
RcEbG@SVPTK.org
searchengine@gmail.com
v1@DrFGFh2.net

C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\searchplugins\
bingp.xml
mystartsearch.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-05-28 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{164cb150-8482-4f6c-8f66-8e13a2cee79c}]
UniDeals - C:\Program Files (x86)\UniDeals\36vWpJhjS2QbJj.x64.dll [2015-03-12 660480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1daf7c72-8f6e-4962-b651-1c806a8513c9}]
FindBEsttDDeal - C:\Program Files (x86)\FindBEsttDDeal\52Cx76fV04Cz7S.x64.dll [2015-04-08 912384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}]
Browser Extensions - C:\Users\Sasa\AppData\Roaming\Slick Savings\Coupons64.dll [2015-04-09 271656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{376ea6c4-ac4f-44c9-9ca5-ec3aea6d76f0}]
GreatSave4uU - C:\Program Files (x86)\GreatSave4uU\Zb8Esi0NJptLXK.x64.dll [2015-03-19 660480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4dd1ad88-10d3-439a-8cce-2afc5044f271}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b706106f-6359-4871-8bcd-2b7c20d4a232}]
RioboOSaaVer - C:\Program Files (x86)\RioboOSaaVer\Qao02ZpmrU6IpX.x64.dll [2015-03-19 660480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0f13fd9-b399-4b4a-9b1e-5c9c6ebe0751}]
AlullSaver - C:\Program Files (x86)\AlullSaver\vcDUp0E48odFhh.x64.dll [2015-04-08 912384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll [2014-05-26 1398592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{164cb150-8482-4f6c-8f66-8e13a2cee79c}]
UniDeals - C:\Program Files (x86)\UniDeals\36vWpJhjS2QbJj.dll [2015-03-12 587264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1daf7c72-8f6e-4962-b651-1c806a8513c9}]
FindBEsttDDeal - C:\Program Files (x86)\FindBEsttDDeal\52Cx76fV04Cz7S.dll [2015-04-08 841216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}]
Browser Extensions - C:\Users\Sasa\AppData\Roaming\Slick Savings\Coupons.dll [2015-04-09 248104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{376ea6c4-ac4f-44c9-9ca5-ec3aea6d76f0}]
GreatSave4uU - C:\Program Files (x86)\GreatSave4uU\Zb8Esi0NJptLXK.dll [2015-03-19 587264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4dd1ad88-10d3-439a-8cce-2afc5044f271}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-12 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b706106f-6359-4871-8bcd-2b7c20d4a232}]
RioboOSaaVer - C:\Program Files (x86)\RioboOSaaVer\Qao02ZpmrU6IpX.dll [2015-03-19 587264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-10-17 669984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0f13fd9-b399-4b4a-9b1e-5c9c6ebe0751}]
AlullSaver - C:\Program Files (x86)\AlullSaver\vcDUp0E48odFhh.dll [2015-04-08 841216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE64.dll [2014-05-26 1997120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll [2014-05-26 1398592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-07-01 168944]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-07-01 394224]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-07-01 418800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-04-21 2295584]
"Slick Savings"=C:\Users\Sasa\AppData\Roaming\Slick Savings\CouponsHelper.exe [2015-04-09 539944]
"Browser Extensions"=C:\Users\Sasa\AppData\Roaming\Slick Savings\CouponsHelper.exe [2015-04-09 539944]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2014-11-09 1092296]
"Facebook Update"=C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-29 138096]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2014-05-26 1404736]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-02-02 5768992]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2013-10-23 337432]

C:\Users\Sasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Counter Strike Source Full Non Steam With All Updates.lnk - C:\ProgramData\{a9daa4ac-b17f-c4d2-a9da-aa4acb1792b2}\Counter Strike Source Full Non Steam With All Updates.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-07-01 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-17 01:25:48 ----D---- C:\rsit
2015-04-17 01:25:48 ----D---- C:\Program Files\trend micro
2015-04-14 23:53:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-04-14 23:19:04 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-14 23:19:04 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-14 23:19:04 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-14 23:19:04 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-14 23:19:04 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-14 23:19:04 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-14 23:19:04 ----A---- C:\Windows\system32\wuapp.exe
2015-04-14 23:19:03 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-14 23:19:03 ----A---- C:\Windows\system32\wups2.dll
2015-04-14 23:19:03 ----A---- C:\Windows\system32\wups.dll
2015-04-14 23:19:03 ----A---- C:\Windows\system32\wudriver.dll
2015-04-14 23:19:03 ----A---- C:\Windows\system32\wucltux.dll
2015-04-14 23:19:03 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-14 23:19:03 ----A---- C:\Windows\system32\wuapi.dll
2015-04-14 23:19:03 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:19:03 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:18:50 ----A---- C:\Windows\system32\appraiser.dll
2015-04-14 23:18:50 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 23:18:49 ----A---- C:\Windows\system32\invagent.dll
2015-04-14 23:18:49 ----A---- C:\Windows\system32\generaltel.dll
2015-04-14 23:18:49 ----A---- C:\Windows\system32\devinv.dll
2015-04-14 23:18:49 ----A---- C:\Windows\system32\aepic.dll
2015-04-14 23:18:49 ----A---- C:\Windows\system32\aeinv.dll
2015-04-14 23:18:48 ----A---- C:\Windows\system32\aepdu.dll
2015-04-14 23:18:47 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-14 23:18:47 ----A---- C:\Windows\system32\gdi32.dll
2015-04-14 23:18:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-14 23:18:45 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-14 23:18:45 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-14 23:18:45 ----A---- C:\Windows\system32\msxml3.dll
2015-04-14 23:18:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-14 23:18:36 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-14 23:18:36 ----A---- C:\Windows\system32\ntdll.dll
2015-04-14 23:18:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-14 23:18:35 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-14 23:18:35 ----A---- C:\Windows\system32\kernel32.dll
2015-04-14 23:18:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 23:18:33 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-14 23:18:33 ----A---- C:\Windows\system32\wow64win.dll
2015-04-14 23:18:33 ----A---- C:\Windows\system32\schannel.dll
2015-04-14 23:18:33 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-14 23:18:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-14 23:18:32 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-14 23:18:32 ----A---- C:\Windows\system32\wow64.dll
2015-04-14 23:18:32 ----A---- C:\Windows\system32\winsrv.dll
2015-04-14 23:18:32 ----A---- C:\Windows\system32\srcore.dll
2015-04-14 23:18:32 ----A---- C:\Windows\system32\conhost.exe
2015-04-14 23:18:31 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-14 23:18:31 ----A---- C:\Windows\system32\wdigest.dll
2015-04-14 23:18:31 ----A---- C:\Windows\system32\rstrui.exe
2015-04-14 23:18:31 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-14 23:18:31 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-14 23:18:31 ----A---- C:\Windows\system32\kerberos.dll
2015-04-14 23:18:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-14 23:18:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-14 23:18:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-14 23:18:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-14 23:18:30 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-14 23:18:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-14 23:18:30 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-14 23:18:30 ----A---- C:\Windows\system32\sspicli.dll
2015-04-14 23:18:30 ----A---- C:\Windows\system32\smss.exe
2015-04-14 23:18:30 ----A---- C:\Windows\system32\lsass.exe
2015-04-14 23:18:29 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-14 23:18:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-14 23:18:29 ----A---- C:\Windows\system32\srclient.dll
2015-04-14 23:18:29 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-14 23:18:29 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-14 23:18:29 ----A---- C:\Windows\system32\auditpol.exe
2015-04-14 23:18:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:18:28 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:18:28 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-14 23:18:28 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-14 23:18:28 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-14 23:18:28 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-14 23:18:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-14 23:18:28 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-14 23:18:28 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-14 23:18:28 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-14 23:18:28 ----A---- C:\Windows\system32\secur32.dll
2015-04-14 23:18:28 ----A---- C:\Windows\system32\credssp.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:18:27 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:18:26 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:18:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:18:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:18:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:18:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:18:24 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:18:24 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:18:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-14 23:18:23 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-14 23:18:23 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-14 23:18:23 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-14 23:18:22 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-14 23:18:22 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-14 23:18:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-14 23:18:22 ----A---- C:\Windows\system32\msobjs.dll
2015-04-14 23:18:22 ----A---- C:\Windows\system32\msaudite.dll
2015-04-14 23:18:22 ----A---- C:\Windows\system32\adtschema.dll
2015-04-14 23:17:40 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-14 23:17:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-14 23:17:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-14 23:17:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:17:36 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:17:36 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:17:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:17:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-14 23:17:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:17:34 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:17:34 ----A---- C:\Windows\system32\iernonce.dll
2015-04-14 23:17:34 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-14 23:17:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-14 23:17:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-14 23:17:33 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-14 23:17:33 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:17:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-14 23:17:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:17:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-14 23:17:30 ----A---- C:\Windows\system32\urlmon.dll
2015-04-14 23:17:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:17:30 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-14 23:17:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-14 23:17:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:17:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:17:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:17:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-14 23:17:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-14 23:17:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:17:28 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-14 23:17:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-14 23:17:27 ----A---- C:\Windows\system32\iesetup.dll
2015-04-14 23:17:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-14 23:17:26 ----A---- C:\Windows\system32\iertutil.dll
2015-04-14 23:17:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:17:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-14 23:17:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-14 23:17:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-14 23:17:24 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-14 23:17:24 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-14 23:17:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-14 23:17:22 ----A---- C:\Windows\system32\ieui.dll
2015-04-14 23:17:22 ----A---- C:\Windows\system32\ieframe.dll
2015-04-14 23:17:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-14 23:17:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:17:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-14 23:17:21 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-14 23:17:20 ----A---- C:\Windows\system32\vbscript.dll
2015-04-14 23:17:20 ----A---- C:\Windows\system32\jscript9.dll
2015-04-14 23:17:19 ----A---- C:\Windows\system32\wininet.dll
2015-04-14 23:17:18 ----A---- C:\Windows\system32\msrating.dll
2015-04-14 23:17:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:17:13 ----A---- C:\Windows\system32\mshtml.dll
2015-04-14 23:16:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-14 23:16:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-14 23:16:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-08 02:42:43 ----D---- C:\Program Files (x86)\FindBEsttDDeal
2015-04-08 02:42:13 ----D---- C:\Program Files (x86)\AlullSaver
2015-04-08 02:42:03 ----D---- C:\Program Files (x86)\MMinimummPriCee
2015-04-08 02:41:52 ----D---- C:\Program Files (x86)\AdviceAnimals Meme Strip
2015-04-04 22:16:57 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 22:16:56 ----SD---- C:\Windows\system32\GWX
2015-03-22 06:40:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-19 09:45:49 ----D---- C:\Program Files (x86)\Hao123 Speed Dial
2015-03-19 09:45:14 ----D---- C:\Program Files (x86)\RioboOSaaVer
2015-03-19 09:44:54 ----D---- C:\Program Files (x86)\GreatSave4uU
2015-03-19 09:44:44 ----D---- C:\Program Files (x86)\BiTSaver

======List of files/folders modified in the last 1 month======

2015-04-17 01:25:48 ----RD---- C:\Program Files
2015-04-17 01:23:44 ----D---- C:\Users\Sasa\AppData\Roaming\Skype
2015-04-17 01:19:09 ----D---- C:\Windows\Temp
2015-04-17 01:18:58 ----D---- C:\Program Files (x86)\Google
2015-04-17 01:12:08 ----D---- C:\Windows\Microsoft.NET
2015-04-17 01:04:41 ----SHD---- C:\Windows\Installer
2015-04-17 01:03:34 ----D---- C:\Windows\SysWOW64
2015-04-17 01:03:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-17 01:03:19 ----D---- C:\Windows\inf
2015-04-17 01:03:15 ----D---- C:\Windows\System32
2015-04-17 01:03:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-17 01:01:32 ----D---- C:\Windows\system32\catroot2
2015-04-17 01:01:29 ----HD---- C:\Windows
2015-04-17 01:01:29 ----D---- C:\Windows\SoftwareDistribution
2015-04-17 01:01:29 ----D---- C:\Windows\debug
2015-04-16 23:28:46 ----D---- C:\Windows\system32\config
2015-04-16 23:10:05 ----D---- C:\Windows\AppCompat
2015-04-16 23:03:01 ----D---- C:\ProgramData\ProductData
2015-04-16 23:02:02 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-15 03:51:13 ----RSD---- C:\Windows\assembly
2015-04-15 03:43:16 ----D---- C:\Windows\winsxs
2015-04-15 03:40:04 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 03:40:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 03:40:04 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 03:40:04 ----D---- C:\Windows\system32\appraiser
2015-04-15 03:40:04 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 03:40:03 ----D---- C:\Windows\AppPatch
2015-04-15 03:40:00 ----HD---- C:\Program Files\Internet Explorer
2015-04-15 03:40:00 ----D---- C:\Windows\system32\drivers
2015-04-15 03:39:59 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 03:39:59 ----D---- C:\Windows\system32\en-US
2015-04-15 03:39:58 ----HD---- C:\Program Files (x86)\Internet Explorer
2015-04-15 03:23:34 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 03:18:25 ----D---- C:\Windows\system32\MRT
2015-04-15 03:06:47 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 03:01:01 ----SHD---- C:\System Volume Information
2015-04-15 00:53:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-12 21:41:42 ----SD---- C:\Users\Sasa\AppData\Roaming\Microsoft
2015-04-11 08:43:29 ----D---- C:\Users\Sasa\AppData\Roaming\Slick Savings
2015-04-09 20:42:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-08 02:43:02 ----D---- C:\ProgramData\11248772395530619816
2015-04-08 02:42:43 ----RD---- C:\Program Files (x86)
2015-04-04 22:17:10 ----D---- C:\Windows\Logs
2015-03-29 10:41:31 ----RHD---- C:\Program Files (x86)\Skype
2015-03-29 10:40:50 ----D---- C:\ProgramData\Skype
2015-03-28 11:01:50 ----D---- C:\Windows\system32\NDF
2015-03-25 04:17:16 ----D---- C:\Windows\system32\wbem

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2014-07-01 31040]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-11-15 274696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-02-27 26528]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-10-23 129944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 124560]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2014-07-01 43840]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-11-10 23048]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-07-01 12312928]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2014-07-01 158976]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2014-11-10 34848]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2014-07-01 359128]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-07-01 939224]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2014-11-10 23016]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-07-01 4749008]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-11-12 232480]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-05-26 807800]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2014-07-01 31040]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-01-16 158896]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-01-27 344864]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 268824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512]
S2 fdfcd97f;UpgradeLeader; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-08 107848]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-01-16 2724128]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-08 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-08 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-12 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Re: Prosim o kontrolu Logu potreboval bych pomoct

#2 Příspěvek od sasa.cz »

info.txt logfile of random's system information tool 1.10 2015-04-17 01:26:02

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A228F766300008020210007DF130C000800000020030000DF140C07FEFFFF002803000030353A000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

7-Zip 9.25 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0925-000001000000}
Adobe Flash Player 17 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe -maintain activex
Adobe Flash Player 17 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.10) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001802114130}
Advanced SystemCare 7-->"C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe"
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
ClickNType-->"C:\Petit\ClickNType\unins000.exe"
Driver Booster 2.1-->"C:\Program Files (x86)\IObit\Driver Booster\unins000.exe"
Extreme Blocker-->"C:\ProgramData\Extreme Blocker\Extreme Blocker.exe" /progname=Extreme Blocker /progver=3.4.2 /progpub=Extreme Blocker /proguninstallurl=asdahjka.com /deleteappfolder=0 /deletefile2="C:\Program Files (x86)\Google\Chrome\Applicationupdate.dll" /deletefile3="C:\Program Files (x86)\Google\Chrome\Applicationchrome.dll" /VERYSILENT
Facebook Video Calling 3.1.0.521-->MsiExec.exe /X{2091F234-EB58-4B80-8C96-8EB78C808CF7}
Google Earth-->MsiExec.exe /X{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Turbo Boost Technology Driver-->C:\Program Files (x86)\Intel\Intel(R) Turbo Boost Technology Driver\Uninstall\setup.exe -uninstall -iips
IObit Apps Toolbar v9.3-->MsiExec.exe /X{70D6C4BA-DCBE-41C9-BDFA-DA9819E3501C}
IObit Malware Fighter 3-->"C:\Program Files (x86)\IObit\IObit Malware Fighter\unins001.exe"
IObit Uninstaller-->"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe" uninstall_start
Java 7 Update 67-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217067FF}
K-Lite Mega Codec Pack 9.9.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
League of Legends-->msiexec.exe /x {6B84E528-9705-4D36-9C97-97B8E23DAB75}
League of Legends-->MsiExec.exe /X{6B84E528-9705-4D36-9C97-97B8E23DAB75}
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{50813B8C-FCBB-3C61-8039-EAAA93029066}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /X{996D32B6-F629-4764-894B-CB24D9C19051}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Mozilla Firefox 37.0.1 (x86 cs)-->"c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MyPC Backup -->C:\Program Files (x86)\MyPC Backup\uninst.exe
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
Realtek USB2.0&PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -l0x0005 -removeonly
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {F7CBA1C7-E5B5-39E9-9631-459E1FE08C45}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {599EC629-2679-30CE-B28B-7432EF5FC126}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6}
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042}
Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {99A495FF-BC65-375D-B3C9-934E1DE4F558}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A4A50F66-DD0F-4150-A19F-0F35531D6E21}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7DFD2B8-0CD1-4A51-AC71-A0582FE796C2}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {56BB0BAB-7C3C-40C1-8F70-1AAE6A5FE45F}
Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {655A1E6F-9591-485A-A29D-CB9BCFD38B82}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6C1A25BE-E3D5-4A5A-B677-8833E5996C20}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BBB81235-8EE6-411F-903E-F83DB17B7B34}
Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A1AB4C88-5F23-43DF-B461-32E5CBA84F7B}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C069DBBB-0547-4405-B9C8-38123FCD9CE0}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {732E7378-7132-4C0F-B30E-C00A0F8AC1EB}
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F88656FB-92A1-484E-911E-D259B15CF420}
Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {39D5B9E5-1C4E-4FBD-9B42-98E89B04AF38}
SeekerGeneration-->"C:\Windows\system32\RUNDLL32.EXE" "C:\PROGRA~2\UPGRAD~1\UPGRAD~1.DLL",_uninstall /un
Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
Skype™ 7.2-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Slick Savings-->"C:\Users\Sasa\AppData\Roaming\Slick Savings\uninstall.exe"
Smart Defrag 3-->"C:\Program Files (x86)\IObit\Smart Defrag 3\unins000.exe"
SoundCloud-->"C:\Program Files (x86)\SoundCloud\SoundCloud.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Surfing Protection-->"C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe"
TeamSpeak 3 Client-->"C:\Program Files (x86)\TeamSpeak 3 Client\uninstall.exe"
UniDeals-->"C:\Program Files (x86)\UniDeals\36vWpJhjS2QbJj.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BB006B39-9FD7-4DD5-942E-CDF1BBD718DB}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2965207) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8A41C250-4D2E-4D77-84E3-5854162C4D44}
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}

======System event log======

Computer Name: Sasa-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 16026196
Source Name: cdrom
Time Written: 20150106174704.810196-000
Event Type: Upozornění
User:

Computer Name: Sasa-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 16026195
Source Name: cdrom
Time Written: 20150106174704.798195-000
Event Type: Upozornění
User:

Computer Name: Sasa-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 16026194
Source Name: cdrom
Time Written: 20150106174704.786195-000
Event Type: Upozornění
User:

Computer Name: Sasa-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 16026193
Source Name: cdrom
Time Written: 20150106174704.775194-000
Event Type: Upozornění
User:

Computer Name: Sasa-PC
Event Code: 51
Message: Na zařízení \Device\CdRom0 byla při operaci stránkování rozpoznána chyba.
Record Number: 16026192
Source Name: cdrom
Time Written: 20150106174704.763193-000
Event Type: Upozornění
User:

=====Application event log=====

Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20140512175313.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20140512175310.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20140512175308.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20140512175307.340871-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247F27-25
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.


Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Sasa-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-6T1TI14NPK1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\wdi\perftrack\Microsoft-Windows-IE-HTMLRendering.ptxml
ID popisovače: 0x18

Informace o procesu:
ID procesu: 0x688
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1325
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140513012216.948353-000
Event Type: Úspěšný audit
User:

Computer Name: Sasa-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-6T1TI14NPK1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\spp\tokens\ppdlic\Microsoft-Windows-IE-InternetExplorer-ppdlic.xrm-ms
ID popisovače: 0x18

Informace o procesu:
ID procesu: 0x688
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1324
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140513012216.932753-000
Event Type: Úspěšný audit
User:

Computer Name: Sasa-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-6T1TI14NPK1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\en-US\urlmon.dll.mui
ID popisovače: 0x18

Informace o procesu:
ID procesu: 0x688
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1323
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140513012216.932753-000
Event Type: Úspěšný audit
User:

Computer Name: Sasa-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-6T1TI14NPK1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\en-US\iedkcs32.dll.mui
ID popisovače: 0x18

Informace o procesu:
ID procesu: 0x688
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1322
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140513012216.932753-000
Event Type: Úspěšný audit
User:

Computer Name: Sasa-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-6T1TI14NPK1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\en-US\icardie.dll.mui
ID popisovače: 0x18

Informace o procesu:
ID procesu: 0x688
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1321
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140513012216.932753-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosim o kontrolu Logu potreboval bych pomoct

#3 Příspěvek od vyosek »

Zdravim :)

:arrow: Odinstalujte Advanced SystemCare a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Re: Prosim o kontrolu Logu potreboval bych pomoct

#4 Příspěvek od sasa.cz »

# AdwCleaner v4.201 - Log vytvořen 17/04/2015 v 20:19:58
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Sasa - SASA-PC
# Spuštěno z : C:\Users\Sasa\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : Application Updater
[#] Služba Smazáno : IHProtect Service
[#] Služba Smazáno : fdfcd97f

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\AVG Security Toolbar
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\Program Files (x86)\Application Updater
Složka Smazáno : C:\Program Files (x86)\IObit Apps Toolbar
Složka Smazáno : C:\Program Files (x86)\MyPC Backup
Složka Smazáno : C:\Program Files (x86)\XTab
Složka Smazáno : C:\Program Files (x86)\AlullSaver
Složka Smazáno : C:\Program Files (x86)\BiTSaver
Složka Smazáno : C:\Program Files (x86)\FindBEsttDDeal
Složka Smazáno : C:\Program Files (x86)\GreatSave4uU
Složka Smazáno : C:\Program Files (x86)\MMinimummPriCee
Složka Smazáno : C:\Program Files (x86)\RioboOSaaVer
Složka Smazáno : C:\Program Files (x86)\UniDeals
Složka Smazáno : C:\Program Files (x86)\UniDeealSSa
Složka Smazáno : C:\Program Files (x86)\Common Files\Spigot
Složka Smazáno : C:\Users\Sasa\AppData\Local\Slick Savings
Složka Smazáno : C:\Users\Sasa\AppData\LocalLow\Search Settings
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\EZDownloader
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Slick Savings
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[!] Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\adremoveext@adremoveext.net
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\searchengine@gmail.com
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\istart_ffnt@gmail.com
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\N9d@j.edu
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\nTb@u2cf.org
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\RcEbG@SVPTK.org
Složka Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\v1@DrFGFh2.net
Soubor Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
Soubor Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\searchplugins\bingp.xml
Soubor Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\searchplugins\mystartsearch.xml
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
Soubor Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\searchplugins\yahoo_ff.xml
Soubor Smazáno : C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\user.js

***** [ Naplánované úlohy ] *****

Úloha Smazáno : LaunchSignup

***** [ Zástupci ] *****

Zástupce Vyléčeno : C:\Users\Sasa\Desktop\Internet – kopie.lnk
Zástupce Vyléčeno : C:\Users\Sasa\Desktop\Internet.lnk
Zástupce Vyléčeno : C:\Users\Sasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
Zástupce Vyléčeno : C:\Users\Sasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Zástupce Vyléčeno : C:\Users\Sasa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupce Vyléčeno : C:\Users\Sasa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Zástupce Vyléčeno : C:\Users\Sasa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk

***** [ Registry ] *****

Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchengine@gmail.com]
Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [istart_ffnt@gmail.com]
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Slick Savings]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Extensions]
Klíč Smazáno : HKCU\Software\Mozilla\Extends
Klíč Smazáno : HKLM\SOFTWARE\Classes\P164cb150_8482_4f6c_8f66_8e13a2cee79c_.P164cb150_8482_4f6c_8f66_8e13a2cee79c_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P164cb150_8482_4f6c_8f66_8e13a2cee79c_.P164cb150_8482_4f6c_8f66_8e13a2cee79c_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P1daf7c72_8f6e_4962_b651_1c806a8513c9_.P1daf7c72_8f6e_4962_b651_1c806a8513c9_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P1daf7c72_8f6e_4962_b651_1c806a8513c9_.P1daf7c72_8f6e_4962_b651_1c806a8513c9_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\P376ea6c4_ac4f_44c9_9ca5_ec3aea6d76f0_.P376ea6c4_ac4f_44c9_9ca5_ec3aea6d76f0_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P376ea6c4_ac4f_44c9_9ca5_ec3aea6d76f0_.P376ea6c4_ac4f_44c9_9ca5_ec3aea6d76f0_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\Pb706106f_6359_4871_8bcd_2b7c20d4a232_.Pb706106f_6359_4871_8bcd_2b7c20d4a232_
Klíč Smazáno : HKLM\SOFTWARE\Classes\Pb706106f_6359_4871_8bcd_2b7c20d4a232_.Pb706106f_6359_4871_8bcd_2b7c20d4a232_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\Pe0f13fd9_b399_4b4a_9b1e_5c9c6ebe0751_.Pe0f13fd9_b399_4b4a_9b1e_5c9c6ebe0751_
Klíč Smazáno : HKLM\SOFTWARE\Classes\Pe0f13fd9_b399_4b4a_9b1e_5c9c6ebe0751_.Pe0f13fd9_b399_4b4a_9b1e_5c9c6ebe0751_.9
Klíč Smazáno : HKLM\SOFTWARE\092717e9-badc-0acb-7be9-f04a19bc2dfc
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fdfcd97f}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{164cb150-8482-4f6c-8f66-8e13a2cee79c}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1daf7c72-8f6e-4962-b651-1c806a8513c9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{376ea6c4-ac4f-44c9-9ca5-ec3aea6d76f0}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{b706106f-6359-4871-8bcd-2b7c20d4a232}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{e0f13fd9-b399-4b4a-9b1e-5c9c6ebe0751}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C3510196-382C-41D1-8E63-6E84DB3709C9}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{164cb150-8482-4f6c-8f66-8e13a2cee79c}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1daf7c72-8f6e-4962-b651-1c806a8513c9}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{376ea6c4-ac4f-44c9-9ca5-ec3aea6d76f0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4dd1ad88-10d3-439a-8cce-2afc5044f271}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b706106f-6359-4871-8bcd-2b7c20d4a232}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0f13fd9-b399-4b4a-9b1e-5c9c6ebe0751}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{164cb150-8482-4f6c-8f66-8e13a2cee79c}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1daf7c72-8f6e-4962-b651-1c806a8513c9}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{164cb150-8482-4f6c-8f66-8e13a2cee79c}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1daf7c72-8f6e-4962-b651-1c806a8513c9}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{164cb150-8482-4f6c-8f66-8e13a2cee79c}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1daf7c72-8f6e-4962-b651-1c806a8513c9}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{376ea6c4-ac4f-44c9-9ca5-ec3aea6d76f0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4dd1ad88-10d3-439a-8cce-2afc5044f271}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b706106f-6359-4871-8bcd-2b7c20d4a232}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e0f13fd9-b399-4b4a-9b1e-5c9c6ebe0751}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{164cb150-8482-4f6c-8f66-8e13a2cee79c}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{1daf7c72-8f6e-4962-b651-1c806a8513c9}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{376ea6c4-ac4f-44c9-9ca5-ec3aea6d76f0}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{b706106f-6359-4871-8bcd-2b7c20d4a232}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{e0f13fd9-b399-4b4a-9b1e-5c9c6ebe0751}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{164cb150-8482-4f6c-8f66-8e13a2cee79c}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1daf7c72-8f6e-4962-b651-1c806a8513c9}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{376ea6c4-ac4f-44c9-9ca5-ec3aea6d76f0}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4dd1ad88-10d3-439a-8cce-2afc5044f271}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b706106f-6359-4871-8bcd-2b7c20d4a232}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0f13fd9-b399-4b4a-9b1e-5c9c6ebe0751}
Hodnota Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\Search Settings
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\IObit Apps
Klíč Smazáno : HKCU\Software\WajIntEnhance
Klíč Smazáno : HKCU\Software\SearchProtectWS
Klíč Smazáno : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Search Settings
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Browser Extensions
Klíč Smazáno : HKCU\Software\AppDataLow\Software\IObit Apps
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\Application Updater
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\Driver-Soft
Klíč Smazáno : HKLM\SOFTWARE\Iminent
Klíč Smazáno : HKLM\SOFTWARE\Search Settings
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\IObit Apps
Klíč Smazáno : HKLM\SOFTWARE\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\SpeedBit
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11F6D5AB-263F-388E-74DE-E3DECD390E3F}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v37.0.1 (x86 cs)

[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.defaultenginename", "mystartsearch");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.hiddenOneOffs", "mystartsearch");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.alias", "mystartsearch");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.name", "mystartsearch");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.selectedEngine", "mystartsearch");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=14261 ... NL102NL102");
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("extensions.quick_start.enable_search1", false);
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[n9rhwlkq.default\prefs.js] - Řádek Smazáno : user_pref("extensions.xpiState", "{\"app-profile\":{\"adremoveext@adremoveext.net\":{\"d\":\"C:\\\\Users\\\\Sasa\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\n9rhwlkq.default\\\\extensio[...]

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [20927 bytů] - [17/04/2015 20:18:14]
AdwCleaner[S0].txt - [18865 bytů] - [17/04/2015 20:19:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18924 bytů] ##########
Nahoru
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Hotovo

#5 Příspěvek od sasa.cz »

Zoek.exe v5.0.0.0 Updated 08-April-2015
Tool run by Sasa on p  17.04.2015 at 21:09:12,14.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Sasa\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.4.2015 21:10:33 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully
C:\Users\Sasa\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Sasa\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B8491C64-7656-48AB-A068-F9E4BD1CF2C6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\prefs.js:
user_pref("keyword.URL", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default

user.js not found
---- Lines extensions.39GxyfpotPGMWX1x removed from prefs.js ----
user_pref("extensions.39GxyfpotPGMWX1x.epoch", "1429304896");
user_pref("extensions.39GxyfpotPGMWX1x.url", "http://starrnice.eu/sync2/?q=hfZ9ofhMWd ... zqUojw8rdr
---- Lines extensions.3Gs7SGxs3OmJIfMu removed from prefs.js ----
user_pref("extensions.3Gs7SGxs3OmJIfMu.epoch", "1429304897");
user_pref("extensions.3Gs7SGxs3OmJIfMu.url", "http://film-racer.com/sync2/?q=hfZ9oeV8 ... 7tMFHhd9Fq
---- Lines extensions.LGxSuPGOYuBUirsn removed from prefs.js ----
user_pref("extensions.LGxSuPGOYuBUirsn.epoch", "1429304896");
user_pref("extensions.LGxSuPGOYuBUirsn.url", "http://veterant.info/sync2/?q=hfZ9oe4Mh ... qjaMBzqUoj
---- Lines extensions.igC2NqYmuk9xhbyS removed from prefs.js ----
user_pref("extensions.igC2NqYmuk9xhbyS.epoch", "1429304894");
user_pref("extensions.igC2NqYmuk9xhbyS.url", "http://toolkitfun.in/sync2/?q=hfZ9ofV9C ... C7n0rjkErH
---- FireFox user.js and prefs.js backups ----

prefs_17.04.2015_2123_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found
"C:\Windows\Installer\562b8.msi" not found
C:\PROGRA~2\AVG Web TuneUp deleted
C:\PROGRA~2\UpgradeLeader deleted
C:\PROGRA~2\AdviceAnimals Meme Strip deleted
C:\PROGRA~2\Hao123 Speed Dial deleted
C:\PROGRA~2\SoundCloud deleted
C:\PROGRA~3\fmgbodilofkibbcodpmkddonjmoohnpd deleted
C:\PROGRA~3\{a9daa4ac-b17f-c4d2-a9da-aa4acb1792b2} deleted
C:\Users\Sasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\Counter Strike Source Full Non Steam With All Updates.lnk deleted
C:\PROGRA~3\11248772395530619816 deleted
C:\PROGRA~2\Driver-Soft deleted
C:\Users\Sasa\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Sasa\AppData\Roaming\ProductData deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\DriverGenius deleted
C:\Users\Sasa\AppData\LocalLow\IObit Apps deleted
C:\Users\Sasa\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default
- AdPunisher - %ProfilePath%\extensions\xjmfptjqszqypowedi@ubwozmargbgp_gy.edu
- Slick Savings - %ProfilePath%\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Sasa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin


==== Deleted Firefox Extensions ======================

C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}.xpi deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Sasa\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB4C6D07EBCD9C14DBAFAD89913E05C1 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70D6C4BA-DCBE-41C9-BDFA-DA9819E3501C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\AB4C6D07EBCD9C14DBAFAD89913E05C1 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sasa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sasa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Sasa\AppData\Local\Mozilla\Firefox\Profiles\n9rhwlkq.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=46 folders=27 6862359 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sasa\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Sasa\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on p  17.04.2015 at 21:28:40,06 ======================



Ale furt mi nemizej Reklamy na mozzile treba na seznamu 4 a kdyz se mi zapne pocitac vyskoci Lupa
Nahoru
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Re: Prosim o kontrolu Logu potreboval bych pomoct

#6 Příspěvek od sasa.cz »

Dobry den nechci nejak otravovat dal ale udelal jsem vsechno spravne a po pripade co mam jeste udelat ?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosim o kontrolu Logu potreboval bych pomoct

#7 Příspěvek od vyosek »

Omlouvam se, nejak mi to zapadlo :oops: :oops:

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Re: Prosim o kontrolu Logu potreboval bych pomoct

#8 Příspěvek od sasa.cz »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2015
Ran by Sasa at 2015-04-23 21:58:39
Running from C:\Users\Sasa\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4035661636-132775526-3404240085-500 - Administrator - Disabled)
Guest (S-1-5-21-4035661636-132775526-3404240085-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4035661636-132775526-3404240085-1003 - Limited - Enabled)
Sasa (S-1-5-21-4035661636-132775526-3404240085-1000 - Administrator - Enabled) => C:\Users\Sasa

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.25 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0925-000001000000}) (Version: 9.25.00.0 - Igor Pavlov)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AVG 2015 (Version: 15.0.4331 - AVG Technologies CZ, s.r.o.) Hidden
ClickNType (HKLM-x32\...\ClickNType_is1) (Version: - )
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
K-Lite Mega Codec Pack 9.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MK LOL) (Version: - )
Mozilla Firefox 37.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 cs)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Realtek USB2.0&PCIE Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 2009.11.09 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
World of Tanks (HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

17-04-2015 21:10:10 zoek.exe restore point
17-04-2015 21:49:12 Installed AVG 2015
17-04-2015 21:49:49 Installed AVG 2015
19-04-2015 20:40:12 Windows Update
23-04-2015 08:44:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-17 21:11 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0266EBE6-2E73-4F63-AC53-008E74F67FBE} - System32\Tasks\Driver Booster SkipUAC (Sasa) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {0581BC26-774C-42C5-B24E-0F9BC9CC41EE} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit)
Task: {07163FF8-68CD-43EF-A3EF-35CCE800BDC7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {0B7EB2D6-150D-49CA-9BF4-3F1709AAD399} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3431F54C-EE40-4F66-99B8-56B951BA08B9} - System32\Tasks\{02567E9C-CEEC-4AC7-880F-D690BFBC5980} => Firefox.exe http://ui.skype.com/ui/0/6.21.59.104/cs ... age=tsBing
Task: {378A0FC4-A337-4095-A5AF-466558C57AAA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3E1FCF3A-DA18-427E-8EE9-064F8B24707A} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {56937966-9EE0-4D64-A95A-9BAF13CC5EFC} - System32\Tasks\{09EE6AEA-EB96-4571-AD21-798D024B98AA} => Firefox.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... age=tsMain
Task: {5C48819F-FC91-4144-B62E-D40DC512B569} - System32\Tasks\{3CA639CC-B5EF-45B4-8E4A-369A119DEEA4} => Firefox.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... age=tsMain
Task: {677E0E51-4FCE-45C4-ADC5-271D0047A797} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000Core => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-29] (Facebook Inc.)
Task: {70AA6DFA-E5D5-4E60-8310-2168B22A9935} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {75ED369D-98E3-43CD-ACC7-4EC307239E5A} - System32\Tasks\{CC67DBEF-13C4-436F-86FD-271E4B1B8AF3} => Firefox.exe http://ui.skype.com/ui/0/7.2.0.103/cs/a ... age=tsMain
Task: {7E59601A-7245-44D5-AD89-1B5410A85C91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-08] (Google Inc.)
Task: {8B590727-00F1-407B-B90E-81C096B2369C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A74080CE-3E80-44D1-806F-03DB7B9400A8} - System32\Tasks\{8F0E24D1-4BB5-4C99-85F9-7196BFC2C692} => Firefox.exe http://ui.skype.com/ui/0/6.22.0.107/cs/ ... age=tsMain
Task: {BA04540F-C4E4-471C-8FFC-44C59EEC9855} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {CD4B24AF-FC71-4293-9C70-7EEECD682C44} - System32\Tasks\{2D27435A-A11E-4D30-B497-D7AC2A245FB6} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/cs/ ... Error=1618
Task: {D5A382AA-9BBC-414D-81A5-77593E23BBC4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000UA => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-29] (Facebook Inc.)
Task: {D6CBAB9B-0E24-41FE-8D07-00C99177BE82} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {D7A0C692-22DC-4340-A608-1312E994811E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-08] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000Core.job => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000UA.job => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-17 13:44 - 2014-05-14 16:13 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-04-08 23:17 - 2015-04-08 23:17 - 02324472 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
2015-04-08 23:18 - 2015-04-08 23:18 - 03800568 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
2015-03-12 22:23 - 2015-03-12 22:23 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
2014-05-14 16:45 - 2015-04-08 23:53 - 18275832 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.85\deploy\League of Legends.exe
2015-04-15 00:53 - 2015-04-15 00:53 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
2015-04-08 23:18 - 2015-04-08 23:18 - 01672184 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\RiotLauncher.dll
2015-03-12 22:16 - 2014-05-14 16:17 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-05-14 16:45 - 2015-04-08 23:53 - 01708024 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.85\deploy\RiotLauncher.dll
2014-05-14 16:45 - 2015-04-08 23:18 - 01760760 _____ () C:\Riot Games\League of Legends\RADS\RiotRadsIO.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4035661636-132775526-3404240085-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Broadcom 43225 802.11b/g/n
Description: Broadcom 43225 802.11b/g/n
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2015 05:42:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2015 08:34:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2015 07:05:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2015 09:26:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2015 00:20:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2015 09:14:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 10:14:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 08:31:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 08:16:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 08:06:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/23/2015 05:40:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (16:01:47, ‎23.‎4.‎2015) bylo neočekávané.

Error: (04/22/2015 10:00:07 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/21/2015 09:35:09 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureCommand s touto chybou:
%%5

Error: (04/21/2015 09:35:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou:
%%5

Error: (04/20/2015 09:26:30 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/19/2015 08:54:44 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2015 08:54:44 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2015 08:54:44 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2015 08:29:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:25:27, ‎19.‎4.‎2015) bylo neočekávané.

Error: (04/19/2015 08:20:42 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 77%
Total physical RAM: 3894.79 MB
Available physical RAM: 867.33 MB
Total Pagefile: 7787.76 MB
Available Pagefile: 3963.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:371 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 63768F22)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Nahoru
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Re: Prosim o kontrolu Logu potreboval bych pomoct

#9 Příspěvek od sasa.cz »

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-04-2015
Ran by Sasa (administrator) on SASA-PC on 23-04-2015 21:57:16
Running from C:\Users\Sasa\Desktop
Loaded Profiles: Sasa (Available profiles: Sasa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
() C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.85\deploy\League of Legends.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-10-23] (Power Software Ltd)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-09] ()
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\Run: [Facebook Update] => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-29] (Facebook Inc.)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: {decd8347-6c2d-11e4-9738-705ab6972c94} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4035661636-132775526-3404240085-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-12] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-12] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FE19F97E-CFA9-4BF5-A475-29804ACBC7AA}: [NameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF ProfilePath: C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default
FF SearchEngineOrder.3: Bing
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-05-12] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-05-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4035661636-132775526-3404240085-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sasa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Extension: AdPunisher - C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\xjmfptjqszqypowedi@ubwozmargbgp_gy.edu [2015-04-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-27] (REALiX(tm))
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 RTSTOR; system32\drivers\RTSTOR.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 21:57 - 2015-04-23 21:57 - 00010931 _____ () C:\Users\Sasa\Desktop\FRST.txt
2015-04-23 21:57 - 2015-04-23 21:57 - 00000000 ____D () C:\FRST
2015-04-23 21:55 - 2015-04-23 21:56 - 02099712 _____ (Farbar) C:\Users\Sasa\Desktop\FRST64.exe
2015-04-23 21:53 - 2015-04-23 21:53 - 00768512 _____ (Reimage®) C:\Users\Sasa\Desktop\ReimageRepair.exe
2015-04-17 21:52 - 2015-04-17 21:52 - 00000000 ____D () C:\Users\Sasa\AppData\Roaming\AVG2015
2015-04-17 21:50 - 2015-04-18 10:01 - 00000000 ____D () C:\ProgramData\AVG2015
2015-04-17 21:50 - 2015-04-17 21:50 - 00000000 ___HD () C:\$AVG
2015-04-17 21:49 - 2015-04-17 21:49 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-04-17 21:34 - 2015-04-17 21:52 - 00000000 ____D () C:\Users\Sasa\AppData\Local\Avg2015
2015-04-17 21:33 - 2015-04-17 21:34 - 166267560 _____ (AVG Technologies) C:\Users\Sasa\Desktop\avg_free_x64_all_2015_5315a8160.exe
2015-04-17 21:32 - 2015-04-17 21:32 - 00678528 _____ (PS Media s.r.o.) C:\Users\Sasa\Desktop\Avg - 026.exe
2015-04-17 21:30 - 2015-04-17 21:30 - 00000000 ____D () C:\ProgramData\ProductData
2015-04-17 21:28 - 2015-04-17 21:28 - 00000000 ____D () C:\Users\Sasa\AppData\Local\VirtualStore
2015-04-17 21:26 - 2015-04-17 21:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-17 21:10 - 2015-04-17 21:28 - 00013237 _____ () C:\zoek-results.log
2015-04-17 21:09 - 2015-04-17 21:27 - 00000000 ____D () C:\zoek_backup
2015-04-17 21:08 - 2015-04-17 21:08 - 01305600 _____ () C:\Users\Sasa\Desktop\zoek.exe
2015-04-17 20:17 - 2015-04-17 20:20 - 00000000 ____D () C:\AdwCleaner
2015-04-17 20:17 - 2015-04-17 20:17 - 02217984 _____ () C:\Users\Sasa\Desktop\adwcleaner_4.201.exe
2015-04-17 02:17 - 2015-04-17 02:17 - 00000079 _____ () C:\Program Files (x86)\prefs.js
2015-04-17 01:36 - 2015-04-23 17:40 - 00001686 _____ () C:\Windows\setupact.log
2015-04-17 01:36 - 2015-04-17 21:27 - 00002566 _____ () C:\Windows\PFRO.log
2015-04-17 01:36 - 2015-04-17 01:36 - 337963612 _____ () C:\Windows\MEMORY.DMP
2015-04-17 01:36 - 2015-04-17 01:36 - 00262144 _____ () C:\Windows\Minidump\041715-37362-01.dmp
2015-04-17 01:36 - 2015-04-17 01:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-17 01:25 - 2015-04-17 01:26 - 00000000 ____D () C:\rsit
2015-04-17 01:25 - 2015-04-17 01:25 - 01222144 _____ () C:\Users\Sasa\Desktop\RSITx64.exe
2015-04-17 01:25 - 2015-04-17 01:25 - 00000000 ____D () C:\Program Files\trend micro
2015-04-14 23:53 - 2015-04-15 00:53 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 23:19 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 23:19 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 23:19 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 23:19 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 23:19 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 23:19 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 23:19 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 23:19 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 23:19 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 23:19 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 23:19 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 23:19 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 23:19 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 23:19 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 23:19 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 23:19 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 23:18 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 23:18 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 23:18 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 23:18 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 23:18 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 23:18 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 23:18 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 23:18 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 23:18 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 23:18 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 23:18 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 23:18 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 23:18 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 23:18 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 23:18 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 23:18 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 23:18 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 23:18 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 23:18 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 23:18 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 23:18 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 23:18 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 23:18 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 23:18 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 23:18 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 23:18 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 23:18 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 23:18 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 23:18 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 23:18 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 23:18 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 23:18 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 23:18 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 23:18 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 23:18 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 23:18 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 23:18 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:18 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:18 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 23:18 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 23:18 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 23:18 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 23:18 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 23:18 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 23:17 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 23:17 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 23:17 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 23:17 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 23:17 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 23:17 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 23:17 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 23:17 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 23:17 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 23:17 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 23:17 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 23:17 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 23:17 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 23:17 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 23:17 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 23:17 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 23:17 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 23:17 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 23:17 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:17 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 23:17 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 23:17 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 23:17 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:17 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 23:17 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 23:17 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 23:17 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 23:17 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 23:17 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 23:17 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 23:17 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 23:17 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 23:17 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 23:17 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 23:17 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 23:17 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 23:17 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 23:17 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 23:17 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 23:17 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 23:17 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 23:17 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 23:17 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:17 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 23:17 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 23:17 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 23:17 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 23:17 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 23:17 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 23:17 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 23:17 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 23:17 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 23:17 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 23:17 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 23:17 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 23:17 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 23:17 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 23:17 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 23:17 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 23:16 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 23:16 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 23:16 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-04 22:16 - 2015-04-04 22:17 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 22:16 - 2015-04-04 22:16 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-03-29 13:41 - 2015-03-29 13:41 - 00000000 ____D () C:\Users\Sasa\Tracing

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 21:53 - 2014-05-13 07:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-23 21:46 - 2014-05-13 07:43 - 00000000 ____D () C:\Users\Sasa\AppData\Roaming\Skype
2015-04-23 21:31 - 2014-10-07 17:10 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000UA.job
2015-04-23 21:27 - 2015-03-08 20:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-23 19:27 - 2015-03-08 20:22 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-23 17:47 - 2009-07-14 06:45 - 00025872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-23 17:47 - 2009-07-14 06:45 - 00025872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-23 17:41 - 2014-05-28 20:27 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Sasa)
2015-04-23 17:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-23 15:48 - 2014-05-12 20:00 - 01974466 _____ () C:\Windows\WindowsUpdate.log
2015-04-23 08:32 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-22 07:04 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-21 22:17 - 2010-11-21 11:27 - 00672046 _____ () C:\Windows\system32\perfh005.dat
2015-04-21 22:17 - 2010-11-21 11:27 - 00142610 _____ () C:\Windows\system32\perfc005.dat
2015-04-21 22:17 - 2009-07-14 07:13 - 01591814 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 03:31 - 2014-10-07 17:10 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000Core.job
2015-04-19 20:07 - 2014-05-13 07:38 - 00000000 ____D () C:\ProgramData\Skype
2015-04-18 10:01 - 2014-12-03 15:50 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-18 10:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-18 09:03 - 2014-05-12 20:02 - 00000000 ____D () C:\Users\Sasa
2015-04-17 21:24 - 2014-11-28 22:14 - 00000000 ____D () C:\Users\Sasa\AppData\Local\Google
2015-04-17 20:20 - 2014-11-28 22:16 - 00001049 _____ () C:\Users\Sasa\Desktop\Internet – kopie.lnk
2015-04-17 20:20 - 2014-06-10 20:09 - 00001049 _____ () C:\Users\Sasa\Desktop\Internet.lnk
2015-04-17 20:20 - 2014-05-12 20:02 - 00000000 ___RD () C:\Users\Sasa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-17 02:17 - 2015-03-22 06:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 01:36 - 2014-12-04 02:26 - 00000000 ____D () C:\Windows\Minidump
2015-04-17 01:18 - 2015-03-08 20:22 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-17 01:03 - 2014-05-12 21:35 - 01566736 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 23:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 03:40 - 2015-02-27 22:54 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 03:40 - 2014-05-13 03:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 03:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 03:23 - 2014-05-13 07:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 03:18 - 2014-05-12 20:43 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 03:06 - 2014-05-12 20:43 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 00:53 - 2014-05-13 07:07 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 00:53 - 2014-05-13 07:07 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 00:53 - 2014-05-13 07:07 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-09 20:42 - 2014-06-10 21:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-29 10:41 - 2014-05-13 07:43 - 00000000 __RHD () C:\Program Files (x86)\Skype
2015-03-28 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-04-17 02:17 - 2015-04-17 02:17 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2014-05-13 14:26 - 2014-05-13 14:26 - 0000017 _____ () C:\Users\Sasa\AppData\Local\resmon.resmoncfg

Some content of TEMP:
====================
C:\Users\Sasa\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-29 10:35

==================== End Of Log ============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosim o kontrolu Logu potreboval bych pomoct

#10 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-10-23] (Power Software Ltd)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\Run: [Facebook Update] => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-29] (Facebook Inc.)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: {decd8347-6c2d-11e4-9738-705ab6972c94} - F:\HTC_Sync_Manager_PC.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4035661636-132775526-3404240085-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Extension: AdPunisher - C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\xjmfptjqszqypowedi@ubwozmargbgp_gy.edu [2015-04-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

2015-04-23 21:57 - 2015-04-23 21:57 - 00010931 _____ () C:\Users\Sasa\Desktop\FRST.txt
C:\Program Files (x86)\Skype\Toolbars
2015-04-17 21:26 - 2015-04-17 21:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-17 21:10 - 2015-04-17 21:28 - 00013237 _____ () C:\zoek-results.log
2015-04-17 21:09 - 2015-04-17 21:27 - 00000000 ____D () C:\zoek_backup
2015-04-17 21:08 - 2015-04-17 21:08 - 01305600 _____ () C:\Users\Sasa\Desktop\zoek.exe
2015-04-17 20:17 - 2015-04-17 20:20 - 00000000 ____D () C:\AdwCleaner
2015-04-17 20:17 - 2015-04-17 20:17 - 02217984 _____ () C:\Users\Sasa\Desktop\adwcleaner_4.201.exe
2015-04-17 01:25 - 2015-04-17 01:26 - 00000000 ____D () C:\rsit
2015-04-17 01:25 - 2015-04-17 01:25 - 01222144 _____ () C:\Users\Sasa\Desktop\RSITx64.exe
2015-04-17 01:25 - 2015-04-17 01:25 - 00000000 ____D () C:\Program Files\trend micro

Task: {3431F54C-EE40-4F66-99B8-56B951BA08B9} - System32\Tasks\{02567E9C-CEEC-4AC7-880F-D690BFBC5980} => Firefox.exe http://ui.skype.com/ui/0/6.21.59.104/cs ... age=tsBing
Task: {3E1FCF3A-DA18-427E-8EE9-064F8B24707A} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {56937966-9EE0-4D64-A95A-9BAF13CC5EFC} - System32\Tasks\{09EE6AEA-EB96-4571-AD21-798D024B98AA} => Firefox.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... age=tsMain
Task: {5C48819F-FC91-4144-B62E-D40DC512B569} - System32\Tasks\{3CA639CC-B5EF-45B4-8E4A-369A119DEEA4} => Firefox.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... age=tsMain
Task: {75ED369D-98E3-43CD-ACC7-4EC307239E5A} - System32\Tasks\{CC67DBEF-13C4-436F-86FD-271E4B1B8AF3} => Firefox.exe http://ui.skype.com/ui/0/7.2.0.103/cs/a ... age=tsMain
Task: {A74080CE-3E80-44D1-806F-03DB7B9400A8} - System32\Tasks\{8F0E24D1-4BB5-4C99-85F9-7196BFC2C692} => Firefox.exe http://ui.skype.com/ui/0/6.22.0.107/cs/ ... age=tsMain
Task: {BA04540F-C4E4-471C-8FFC-44C59EEC9855} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {CD4B24AF-FC71-4293-9C70-7EEECD682C44} - System32\Tasks\{2D27435A-A11E-4D30-B497-D7AC2A245FB6} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/cs/ ... Error=1618
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000Core.job => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000UA.job => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Re: Prosim o kontrolu Logu potreboval bych pomoct

#11 Příspěvek od sasa.cz »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2015 01
Ran by Sasa at 2015-05-07 23:30:36 Run:1
Running from C:\Users\Sasa\Desktop
Loaded Profiles: Sasa (Available profiles: Sasa)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-10-23] (Power Software Ltd)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\Run: [Facebook Update] => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-29] (Facebook Inc.)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\...\MountPoints2: {decd8347-6c2d-11e4-9738-705ab6972c94} - F:\HTC_Sync_Manager_PC.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4035661636-132775526-3404240085-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Extension: AdPunisher - C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\xjmfptjqszqypowedi@ubwozmargbgp_gy.edu [2015-04-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

2015-04-23 21:57 - 2015-04-23 21:57 - 00010931 _____ () C:\Users\Sasa\Desktop\FRST.txt
C:\Program Files (x86)\Skype\Toolbars
2015-04-17 21:26 - 2015-04-17 21:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-17 21:10 - 2015-04-17 21:28 - 00013237 _____ () C:\zoek-results.log
2015-04-17 21:09 - 2015-04-17 21:27 - 00000000 ____D () C:\zoek_backup
2015-04-17 21:08 - 2015-04-17 21:08 - 01305600 _____ () C:\Users\Sasa\Desktop\zoek.exe
2015-04-17 20:17 - 2015-04-17 20:20 - 00000000 ____D () C:\AdwCleaner
2015-04-17 20:17 - 2015-04-17 20:17 - 02217984 _____ () C:\Users\Sasa\Desktop\adwcleaner_4.201.exe
2015-04-17 01:25 - 2015-04-17 01:26 - 00000000 ____D () C:\rsit
2015-04-17 01:25 - 2015-04-17 01:25 - 01222144 _____ () C:\Users\Sasa\Desktop\RSITx64.exe
2015-04-17 01:25 - 2015-04-17 01:25 - 00000000 ____D () C:\Program Files\trend micro

Task: {3431F54C-EE40-4F66-99B8-56B951BA08B9} - System32\Tasks\{02567E9C-CEEC-4AC7-880F-D690BFBC5980} => Firefox.exe http://ui.skype.com/ui/0/6.21.59.104/cs ... age=tsBing
Task: {3E1FCF3A-DA18-427E-8EE9-064F8B24707A} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {56937966-9EE0-4D64-A95A-9BAF13CC5EFC} - System32\Tasks\{09EE6AEA-EB96-4571-AD21-798D024B98AA} => Firefox.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... age=tsMain
Task: {5C48819F-FC91-4144-B62E-D40DC512B569} - System32\Tasks\{3CA639CC-B5EF-45B4-8E4A-369A119DEEA4} => Firefox.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... age=tsMain
Task: {75ED369D-98E3-43CD-ACC7-4EC307239E5A} - System32\Tasks\{CC67DBEF-13C4-436F-86FD-271E4B1B8AF3} => Firefox.exe http://ui.skype.com/ui/0/7.2.0.103/cs/a ... age=tsMain
Task: {A74080CE-3E80-44D1-806F-03DB7B9400A8} - System32\Tasks\{8F0E24D1-4BB5-4C99-85F9-7196BFC2C692} => Firefox.exe http://ui.skype.com/ui/0/6.22.0.107/cs/ ... age=tsMain
Task: {BA04540F-C4E4-471C-8FFC-44C59EEC9855} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {CD4B24AF-FC71-4293-9C70-7EEECD682C44} - System32\Tasks\{2D27435A-A11E-4D30-B497-D7AC2A245FB6} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/cs/ ... Error=1618
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000Core.job => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000UA.job => C:\Users\Sasa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PWRISOVM.EXE => value deleted successfully.
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
HKU\S-1-5-21-4035661636-132775526-3404240085-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
"HKU\S-1-5-21-4035661636-132775526-3404240085-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => Key deleted successfully.
"HKU\S-1-5-21-4035661636-132775526-3404240085-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => Key deleted successfully.
"HKU\S-1-5-21-4035661636-132775526-3404240085-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{decd8347-6c2d-11e4-9738-705ab6972c94}" => Key deleted successfully.
HKCR\CLSID\{decd8347-6c2d-11e4-9738-705ab6972c94} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4035661636-132775526-3404240085-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
C:\Users\Sasa\AppData\Roaming\Mozilla\Firefox\Profiles\n9rhwlkq.default\Extensions\xjmfptjqszqypowedi@ubwozmargbgp_gy.edu => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
C:\Users\Sasa\Desktop\FRST.txt => Moved successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Sasa\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Sasa\Desktop\adwcleaner_4.201.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Sasa\Desktop\RSITx64.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3431F54C-EE40-4F66-99B8-56B951BA08B9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3431F54C-EE40-4F66-99B8-56B951BA08B9}" => Key deleted successfully.
C:\Windows\System32\Tasks\{02567E9C-CEEC-4AC7-880F-D690BFBC5980} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{02567E9C-CEEC-4AC7-880F-D690BFBC5980}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E1FCF3A-DA18-427E-8EE9-064F8B24707A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E1FCF3A-DA18-427E-8EE9-064F8B24707A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56937966-9EE0-4D64-A95A-9BAF13CC5EFC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56937966-9EE0-4D64-A95A-9BAF13CC5EFC}" => Key deleted successfully.
C:\Windows\System32\Tasks\{09EE6AEA-EB96-4571-AD21-798D024B98AA} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{09EE6AEA-EB96-4571-AD21-798D024B98AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C48819F-FC91-4144-B62E-D40DC512B569}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C48819F-FC91-4144-B62E-D40DC512B569}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3CA639CC-B5EF-45B4-8E4A-369A119DEEA4} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3CA639CC-B5EF-45B4-8E4A-369A119DEEA4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75ED369D-98E3-43CD-ACC7-4EC307239E5A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75ED369D-98E3-43CD-ACC7-4EC307239E5A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{CC67DBEF-13C4-436F-86FD-271E4B1B8AF3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CC67DBEF-13C4-436F-86FD-271E4B1B8AF3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A74080CE-3E80-44D1-806F-03DB7B9400A8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A74080CE-3E80-44D1-806F-03DB7B9400A8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{8F0E24D1-4BB5-4C99-85F9-7196BFC2C692} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8F0E24D1-4BB5-4C99-85F9-7196BFC2C692}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BA04540F-C4E4-471C-8FFC-44C59EEC9855}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA04540F-C4E4-471C-8FFC-44C59EEC9855}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster Update => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD4B24AF-FC71-4293-9C70-7EEECD682C44}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD4B24AF-FC71-4293-9C70-7EEECD682C44}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2D27435A-A11E-4D30-B497-D7AC2A245FB6} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D27435A-A11E-4D30-B497-D7AC2A245FB6}" => Key deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4035661636-132775526-3404240085-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 935.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog 23:32:37 ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosim o kontrolu Logu potreboval bych pomoct

#12 Příspěvek od vyosek »

Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
sasa.cz
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 bře 2012 09:29

Re: Prosim o kontrolu Logu potreboval bych pomoct

#13 Příspěvek od sasa.cz »

jeste vice reklam m furt vyskakuje a je to uz silene :-( :roll:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosim o kontrolu Logu potreboval bych pomoct

#14 Příspěvek od vyosek »

Dejte novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“