Zdar, asi tak půl roku nazpátek jsem se rozhodl si přeinstalovat windows, že by to mohlo po pár letech trochu urychlit compa, no moc to nepomohlo.
Dva měsíce na to už jsem řešil, že se mi všechny prohlížeče přenastavili na nějaký vyhledávač, smazat to normálně nešlo, řešil jsem to přes nějaký prográmky.
Dále jsem pak odstraňoval i nějaké bary a další blbost. Měsíc nazpátek jsem opět měl ten samý problem, přenastavené prohlížeče, bary, blbosti nainstalované. Vše se mi vesele nainstalovalo samo uprostřed hraní, aniž bych 14 dní před tim něco instaloval.
Vždycky jsem se toho nějak zbavil.
Dneska opět se mi nainstalovali nějaké blbosti a já prostě nevim kde se mi to tam furt bere. Nejsem včerejší. Neklikám slepě na next. Všechno si čtu, dávám vlastní instalace, abych viděl co se mi dostane do počítače.
Něco jsem odstranil. Youtube accelerator všechny pokyny k odinstalaci ignoruje a shopper-pro mi hlásí, že nemůže se odinstalovat, když probíhá jiná instalace.
Nejradši bych to přeinstaloval jenže se mi to teďka zrovna vůbec nehodí, proto bych poprosil o pomoc.
Log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Mermeoth at 2015-06-12 00:46:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 75 GB (21%) free of 365 GB
Total RAM: 3957 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:46:38, on 12.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1965\jsdrv.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Users\Mermeoth\AppData\Local\Temp\nsw94F0.tmp\setup.exe
C:\Program Files (x86)\ShopperPro\updater.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Mermeoth.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1965\jsdrv.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoobzoYouTubeAccelerator] "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1965\jsdrv.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\youtube accelerator\ytalsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KoopPdfService - Unknown owner - C:\Program Files (x86)\Kooperativa\Services\KoopPDFServer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: ShopperPro Update (SPBIUpd) - ShopperPro - C:\Program Files\Common Files\ShopperPro\spbiu.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Util Swift Record - Unknown owner - C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: YouTubeAcceleratorService - GOOBZO - C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe
--
End of file - 8271 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Kooperativa\Services\KoopPDFServer.exe"
"C:\Program Files\Common Files\ShopperPro\spbiu.exe" /service
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm
"taskhost.exe"
taskeng.exe {626819D3-AB80-4CF8-B384-31145E4790F4}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
ngservice.exe pipeserver
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1965\jsdrv.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Program Files\AVAST Software\Avast\ng\ngtool.exe" avast repair
\??\C:\Windows\system32\conhost.exe "-518931390-1177102250-651924012-1757689672-2082849027664912724-1449884936-1938282888
C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Users\Mermeoth\AppData\Local\Temp\nsw94F0.tmp\setup.exe" /S
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\ShopperPro\updater.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6108.0.764109764\2100661441" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x1002 --gpu-device-id=0x68c1 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_90/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6108 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6108.5.1757905457\187332437" /prefetch:673131151
taskmgr.exe /2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6108.9.1591068396\1164688792" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe" --comment NgBase --startvm 7202992b-3e36-40e4-abbf-ccacaa107c01
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey A30145A3-FCA9-601F-98F8-E8065732A6E4 -Reinvoke
"D:\CD\Pro čištění compa\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
=========Mozilla firefox=========
ProfilePath - C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\extensions\
{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\searchplugins\
google-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-22 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll [2015-06-09 529840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-22 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll [2015-06-09 444336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"GoobzoYouTubeAccelerator"=C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2015-06-12 2226120]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1965\jsdrv.exe [2015-06-09 3225088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mermeoth^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk]
C:\PROGRA~1\KOOPER~1\KoopPxBN\KOOPPD~1.EXE [2015-06-04 1608192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mermeoth^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk]
C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll [2012-10-02 5699176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1965\jsdrv.exe [2015-06-09 3225088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-12 00:46:32 ----D---- C:\Program Files\trend micro
2015-06-12 00:46:31 ----D---- C:\rsit
2015-06-12 00:17:43 ----D---- C:\Program Files\Common Files\ShopperPro
2015-06-12 00:16:36 ----D---- C:\ProgramData\ShopperPro
2015-06-12 00:16:02 ----D---- C:\Program Files (x86)\ShopperPro
2015-06-12 00:14:28 ----D---- C:\Program Files (x86)\Swift Record
2015-06-12 00:11:18 ----D---- C:\Program Files (x86)\YouTube Accelerator
2015-06-12 00:09:45 ----D---- C:\Program Files (x86)\Seznam.cz
2015-06-12 00:09:04 ----D---- C:\Users\Mermeoth\AppData\Roaming\Seznam.cz
2015-06-11 23:20:10 ----D---- C:\ProgramData\Package Cache
2015-06-11 21:43:05 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-06-11 21:43:05 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-06-11 21:43:05 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-06-11 21:43:05 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-06-11 21:43:03 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-06-11 21:43:03 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-06-11 21:43:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-06-11 21:43:02 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-06-11 21:43:01 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-06-11 21:43:01 ----A---- C:\Windows\system32\d3dx11_43.dll
2015-06-11 21:43:01 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-06-11 21:43:00 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2015-06-11 21:43:00 ----A---- C:\Windows\system32\d3dx10_43.dll
2015-06-11 21:42:59 ----A---- C:\Windows\system32\D3DX9_43.dll
2015-06-11 21:42:58 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-06-11 21:42:58 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-06-11 21:42:58 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-06-11 21:42:58 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-06-11 21:42:55 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-06-11 21:42:55 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-06-11 21:42:54 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-06-11 21:42:04 ----HD---- C:\Windows\msdownld.tmp
2015-06-11 21:41:58 ----D---- C:\Windows\SYSWOW64\directx
2015-06-11 21:40:48 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2015-06-11 21:40:48 ----A---- C:\Windows\SYSWOW64\mss32.dll
2015-06-11 21:40:48 ----A---- C:\Windows\SYSWOW64\IEShims.dll
2015-06-11 21:40:48 ----A---- C:\Windows\SYSWOW64\binkw32.dll
2015-06-11 21:01:09 ----D---- C:\Windows\system32\MRT
2015-06-11 21:01:01 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 10:10:59 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 10:10:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 10:10:57 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 10:10:57 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 10:10:57 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 10:10:57 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 10:10:57 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 10:10:56 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 10:10:45 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 10:10:44 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 10:10:43 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 10:10:43 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 10:10:41 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 10:10:41 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 10:10:40 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 10:10:40 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 10:10:40 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 10:10:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 10:10:38 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 10:10:38 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 10:10:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 10:10:38 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 10:10:37 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 10:10:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 10:10:37 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 10:10:37 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 10:10:37 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 10:10:37 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 10:10:36 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 10:10:36 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 10:10:36 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\smss.exe
2015-06-10 10:10:36 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\relog.exe
2015-06-10 10:10:36 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 10:10:36 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 10:10:36 ----A---- C:\Windows\system32\logman.exe
2015-06-10 10:10:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 10:10:36 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 10:10:35 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 10:10:35 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 10:10:35 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 10:10:35 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 10:10:35 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 10:10:35 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 10:10:35 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 10:10:35 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 10:10:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:10:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:10:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:10:34 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:10:34 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:10:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:10:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:10:34 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 10:10:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 10:10:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 10:10:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 10:10:34 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 10:10:34 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 10:10:34 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 10:10:34 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:10:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:10:32 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 10:10:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 10:10:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 10:10:32 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 10:10:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 10:10:31 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 10:10:30 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 10:10:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 10:10:30 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 10:10:30 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 10:10:30 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 10:10:11 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 10:10:10 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 10:10:10 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 10:10:09 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 10:06:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 10:06:06 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 10:06:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 10:06:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 10:06:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 10:06:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 10:06:06 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 10:06:05 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 10:06:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 10:06:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 10:06:05 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 10:06:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 10:06:05 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 10:06:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 10:06:05 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 10:06:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 10:06:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 10:06:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 10:06:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 10:06:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 10:06:03 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 10:06:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 10:06:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 10:06:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 10:06:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 10:06:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 10:06:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 10:06:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 10:06:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 10:06:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 10:06:02 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 10:06:02 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 10:06:01 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 10:06:00 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 10:06:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 10:05:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 10:05:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 10:05:59 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 10:05:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 10:05:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 10:05:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 10:05:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 10:05:58 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 10:05:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 10:05:57 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 10:05:57 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 10:05:56 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 10:05:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 10:05:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 10:05:56 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 10:05:56 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 10:05:55 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 10:05:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 10:05:54 ----A---- C:\Windows\system32\mshtml.dll
2015-06-05 09:03:44 ----A---- C:\Windows\system32\invagent.dll
2015-06-05 09:03:44 ----A---- C:\Windows\system32\generaltel.dll
2015-06-05 09:03:44 ----A---- C:\Windows\system32\devinv.dll
2015-06-05 09:03:44 ----A---- C:\Windows\system32\appraiser.dll
2015-06-05 09:03:44 ----A---- C:\Windows\system32\aepic.dll
2015-06-05 09:03:44 ----A---- C:\Windows\system32\aepdu.dll
2015-06-05 09:03:44 ----A---- C:\Windows\system32\aeinv.dll
2015-06-05 09:03:44 ----A---- C:\Windows\system32\acmigration.dll
2015-06-03 10:19:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-26 09:16:37 ----SHD---- C:\found.000
2015-05-22 17:36:44 ----D---- C:\Program Files\HP
2015-05-22 17:17:04 ----D---- C:\Program Files\CCleaner
2015-05-21 02:34:39 ----D---- C:\Windows\Migration
2015-05-20 20:20:14 ----D---- C:\AdwCleaner
2015-05-20 16:45:31 ----D---- C:\Program Files (x86)\Enigma Software Group
2015-05-20 16:44:26 ----D---- C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-05-20 15:05:59 ----A---- C:\autoexec.bat
2015-05-13 18:26:17 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:26:17 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:52:13 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 12:52:13 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 12:51:28 ----A---- C:\Windows\system32\services.exe
2015-05-13 12:49:57 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 12:49:57 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 12:49:57 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 12:49:29 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 12:49:29 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 12:49:27 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 12:49:19 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 12:49:18 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 12:49:11 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 12:49:11 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 12:49:05 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 12:49:05 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 12:49:05 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 12:49:05 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 12:49:05 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-13 12:49:04 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-13 12:49:04 ----A---- C:\Windows\system32\shimeng.dll
======List of files/folders modified in the last 1 month======
2015-06-12 00:46:33 ----D---- C:\Windows\Temp
2015-06-12 00:46:32 ----RD---- C:\Program Files
2015-06-12 00:43:58 ----D---- C:\Windows\System32
2015-06-12 00:37:14 ----AD---- C:\ProgramData\TEMP
2015-06-12 00:35:56 ----D---- C:\Windows\system32\config
2015-06-12 00:34:32 ----SHD---- C:\System Volume Information
2015-06-12 00:30:35 ----D---- C:\Windows\system32\drivers
2015-06-12 00:29:00 ----HD---- C:\ProgramData
2015-06-12 00:20:27 ----D---- C:\Windows\system32\Tasks
2015-06-12 00:17:43 ----D---- C:\Program Files\Common Files
2015-06-12 00:16:02 ----RD---- C:\Program Files (x86)
2015-06-12 00:11:25 ----D---- C:\Windows\SysWOW64
2015-06-12 00:01:22 ----D---- C:\Program Files (x86)\torrent
2015-06-11 23:30:14 ----SHD---- C:\Windows\Installer
2015-06-11 21:42:04 ----D---- C:\Windows
2015-06-11 21:22:20 ----D---- C:\Windows\Microsoft.NET
2015-06-11 21:16:17 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-06-11 21:16:04 ----D---- C:\Windows\inf
2015-06-11 21:15:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-11 21:11:51 ----SD---- C:\ProgramData\Microsoft
2015-06-11 21:08:57 ----D---- C:\Windows\system32\DriverStore
2015-06-11 21:01:09 ----D---- C:\Windows\debug
2015-06-11 20:54:23 ----D---- C:\Kamil Záloha
2015-06-11 20:53:46 ----D---- C:\Windows\Logs
2015-06-11 15:35:26 ----D---- C:\Games
2015-06-10 19:39:13 ----D---- C:\Windows\rescache
2015-06-10 14:50:34 ----D---- C:\Windows\winsxs
2015-06-10 14:47:58 ----D---- C:\Program Files\Windows Media Player
2015-06-10 14:47:58 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-10 14:47:56 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-10 14:47:54 ----D---- C:\Windows\system32\en-US
2015-06-10 14:47:53 ----D---- C:\Windows\AppPatch
2015-06-10 14:47:50 ----D---- C:\Program Files\Internet Explorer
2015-06-10 14:47:49 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 14:47:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-10 10:08:13 ----D---- C:\Windows\system32\catroot2
2015-06-09 13:16:09 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-06-08 01:37:57 ----D---- C:\Users\Mermeoth\AppData\Roaming\TS3Client
2015-06-07 20:35:15 ----D---- C:\Program Files (x86)\Battle.net
2015-06-05 11:08:50 ----SD---- C:\Windows\system32\CompatTel
2015-06-05 11:08:50 ----D---- C:\Windows\system32\appraiser
2015-06-05 08:47:20 ----D---- C:\Windows\system32\wdi
2015-06-04 10:10:36 ----D---- C:\Windows\Prefetch
2015-06-03 20:14:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-26 19:49:21 ----D---- C:\Users\Mermeoth\AppData\Roaming\DAEMON Tools Lite
2015-05-22 17:21:07 ----D---- C:\Windows\system32\catroot
2015-05-22 17:18:44 ----D---- C:\Windows\Panther
2015-05-22 17:10:10 ----RSD---- C:\Windows\assembly
2015-05-22 16:48:02 ----RSD---- C:\Windows\Fonts
2015-05-22 16:48:01 ----D---- C:\Program Files (x86)\HP
2015-05-21 09:29:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-21 02:34:39 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-21 02:34:39 ----SD---- C:\Windows\system32\GWX
2015-05-20 20:33:34 ----D---- C:\Windows\Tasks
2015-05-20 20:30:53 ----SD---- C:\Users\Mermeoth\AppData\Roaming\Microsoft
2015-05-20 20:30:27 ----D---- C:\Windows\SYSWOW64\drivers
2015-05-20 16:44:21 ----D---- C:\Program Files (x86)\Common Files
2015-05-20 15:05:59 ----D---- C:\Windows\system32\drivers\etc
2015-05-13 20:28:01 ----D---- C:\Program Files\Windows Journal
2015-05-13 20:27:57 ----D---- C:\Windows\system32\AdvancedInstallers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-22 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-22 267632]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-22 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-22 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-22 436624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-21 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-22 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-22 87912]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-22 116728]
R2 SPDRIVER_1.42.1.1965;SPDRIVER_1.42.1.1965; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1965\jsdrv.sys [2015-06-09 52384]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-22 271752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4273880]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-09 425000]
R3 SPBIUpdd;ShopperPro UpdateD; \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys [2015-06-09 41624]
S3 cpuz137;cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [2014-02-17 26856]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2015-06-12 16152]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-22 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 KoopPdfService;KoopPdfService; C:\Program Files (x86)\Kooperativa\Services\KoopPDFServer.exe [2015-02-03 2454016]
R2 SPBIUpd;ShopperPro Update; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2015-06-09 2346416]
R2 YouTubeAcceleratorService;YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe [2015-06-12 1509320]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-22 4012248]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21 107912]
S2 Util Swift Record;Util Swift Record; C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe []
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-03 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-23 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Neustále objevující se malware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Neustále objevující se malware
Krasny den Vam preju 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Neustále objevující se malware
# AdwCleaner v4.206 - Logfile created 12/06/2015 at 09:36:26
# Updated 01/06/2015 by Xplode
# Database : 2015-06-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Mermeoth - MERMEOTH-PC
# Running from : D:\CD\Pro čištění compa\adwcleaner_4.206.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : SPBIUpd
Service Deleted : SPBIUpdd
[#] Service Deleted : YouTubeAcceleratorService
[#] Service Deleted : swdumon
Service Deleted : SPDRIVER_1.42.1.1965
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\Swift Record
Folder Deleted : C:\Users\Mermeoth\AppData\Local\Temp\Swift Record
Folder Deleted : C:\Program Files\Common Files\ShopperPro
Folder Deleted : C:\Users\Mermeoth\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
File Deleted : C:\Windows\System32\drivers\swdumon.sys
File Deleted : C:\Users\Mermeoth\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\user.js
***** [ Scheduled tasks ] *****
Task Deleted : Inst_Rep
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SPDriver
Task Deleted : YTAUpdate_logon
Task Deleted : YTAUpdate
Task Deleted : SPBIW_UpdateTask_Time_3134343536383136352d3437415a556c2a3223346c41
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKU\.DEFAULT\Software\Goobzo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v38.0.5 (x86 cs)
-\\ Google Chrome v43.0.2357.124
*************************
AdwCleaner[R0].txt - [4030 bytes] - [20/05/2015 20:20:18]
AdwCleaner[R1].txt - [2992 bytes] - [20/05/2015 20:32:03]
AdwCleaner[R2].txt - [4396 bytes] - [12/06/2015 09:33:52]
AdwCleaner[S0].txt - [1488 bytes] - [20/05/2015 20:22:19]
AdwCleaner[S1].txt - [2344 bytes] - [20/05/2015 20:33:33]
AdwCleaner[S2].txt - [4340 bytes] - [12/06/2015 09:36:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4399 bytes] ##########
# Updated 01/06/2015 by Xplode
# Database : 2015-06-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Mermeoth - MERMEOTH-PC
# Running from : D:\CD\Pro čištění compa\adwcleaner_4.206.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : SPBIUpd
Service Deleted : SPBIUpdd
[#] Service Deleted : YouTubeAcceleratorService
[#] Service Deleted : swdumon
Service Deleted : SPDRIVER_1.42.1.1965
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\Swift Record
Folder Deleted : C:\Users\Mermeoth\AppData\Local\Temp\Swift Record
Folder Deleted : C:\Program Files\Common Files\ShopperPro
Folder Deleted : C:\Users\Mermeoth\AppData\LocalLow\Goobzo
Folder Deleted : C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
File Deleted : C:\Windows\System32\drivers\swdumon.sys
File Deleted : C:\Users\Mermeoth\Desktop\YouTube Accelerator.lnk
File Deleted : C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\user.js
***** [ Scheduled tasks ] *****
Task Deleted : Inst_Rep
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SPDriver
Task Deleted : YTAUpdate_logon
Task Deleted : YTAUpdate
Task Deleted : SPBIW_UpdateTask_Time_3134343536383136352d3437415a556c2a3223346c41
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKU\.DEFAULT\Software\Goobzo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v38.0.5 (x86 cs)
-\\ Google Chrome v43.0.2357.124
*************************
AdwCleaner[R0].txt - [4030 bytes] - [20/05/2015 20:20:18]
AdwCleaner[R1].txt - [2992 bytes] - [20/05/2015 20:32:03]
AdwCleaner[R2].txt - [4396 bytes] - [12/06/2015 09:33:52]
AdwCleaner[S0].txt - [1488 bytes] - [20/05/2015 20:22:19]
AdwCleaner[S1].txt - [2344 bytes] - [20/05/2015 20:33:33]
AdwCleaner[S2].txt - [4340 bytes] - [12/06/2015 09:36:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4399 bytes] ##########
Re: Neustále objevující se malware
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Neustále objevující se malware
Jsem byl pár dnů pryč, hnedka to tu bude.
Naposledy upravil(a) Windi dne 15 čer 2015 13:50, celkem upraveno 1 x.
Re: Neustále objevující se malware
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Mermeoth (administrator) on MERMEOTH-PC on 15-06-2015 14:19:25
Running from D:\CD\Pro čištění compa
Loaded Profiles: Mermeoth (Available Profiles: Mermeoth)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
() C:\Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.247\deploy\LoLLauncher.exe
() C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcher.exe
() C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcherUx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcherUx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-01-22] (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-22] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-22] (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF ProfilePath: C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2017746565-3527076051-863224216-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mermeoth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\searchplugins\google-avast.xml [2015-01-22]
FF Extension: Password Exporter - C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2015-01-22]
FF Extension: Adblock Plus - C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-22]
Chrome:
=======
CHR Profile: C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-21]
CHR Extension: (Google Docs) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-21]
CHR Extension: (Google Drive) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-21]
CHR Extension: (YouTube) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-21]
CHR Extension: (Adblock Plus) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-12]
CHR Extension: (Google Search) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-21]
CHR Extension: (Google Sheets) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-21]
CHR Extension: (Avast Online Security) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-22]
CHR Extension: (Google Wallet) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-21]
CHR Extension: (Gmail) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-22] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-22] (Avast Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Util Swift Record; "C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-22] ()
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-21] (Disc Soft Ltd)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-06-15] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-22] (Avast Software)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 09:28 - 2015-06-15 09:28 - 00000197 _____ C:\Windows\system32\2015-06-15-07-28-23.089-AvastVBoxSVC.exe-1192.log
2015-06-14 19:38 - 2015-06-14 19:38 - 00000197 _____ C:\Windows\system32\2015-06-14-17-38-47.058-AvastVBoxSVC.exe-3044.log
2015-06-13 09:35 - 2015-06-13 09:35 - 00000197 _____ C:\Windows\system32\2015-06-13-07-35-04.057-AvastVBoxSVC.exe-3708.log
2015-06-12 16:36 - 2015-06-15 14:19 - 00000000 ____D C:\FRST
2015-06-12 09:40 - 2015-06-12 09:40 - 00000197 _____ C:\Windows\system32\2015-06-12-07-40-32.047-AvastVBoxSVC.exe-2732.log
2015-06-12 09:24 - 2015-06-12 09:24 - 00000197 _____ C:\Windows\system32\2015-06-12-07-24-47.017-AvastVBoxSVC.exe-2504.log
2015-06-12 00:51 - 2015-06-12 00:51 - 00000247 _____ C:\Windows\system32\2015-06-11-22-51-19.076-aswFe.exe-5180.log
2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\rsit
2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\Program Files\trend micro
2015-06-12 00:43 - 2015-06-12 00:51 - 00000247 _____ C:\Windows\system32\2015-06-11-22-43-58.055-aswFe.exe-4488.log
2015-06-12 00:43 - 2015-06-12 00:43 - 00000197 _____ C:\Windows\system32\2015-06-11-22-43-54.023-AvastVBoxSVC.exe-1708.log
2015-06-12 00:11 - 2015-06-12 00:11 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2015-06-12 00:10 - 2015-06-12 00:11 - 00004382 _____ C:\Windows\System32\Tasks\Installer_iwebar
2015-06-12 00:10 - 2015-06-12 00:10 - 00002255 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2015-06-12 00:10 - 2015-06-12 00:10 - 00002255 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\Seznam.cz
2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-12 00:09 - 2015-06-12 00:09 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\CrashRpt
2015-06-11 23:20 - 2015-06-11 23:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-11 23:11 - 2015-06-11 23:11 - 00000197 _____ C:\Windows\system32\2015-06-11-21-11-54.045-AvastVBoxSVC.exe-2864.log
2015-06-11 22:00 - 2015-06-11 22:00 - 00003282 _____ C:\Windows\System32\Tasks\{B832EDD4-F47A-4FAC-9796-97F93E430E7A}
2015-06-11 21:43 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-11 21:42 - 2015-06-11 21:42 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-06-11 21:42 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-06-11 21:41 - 2015-06-11 21:43 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-11 21:40 - 2014-06-15 15:18 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2015-06-11 21:40 - 2014-06-15 15:18 - 00450560 _____ (RAD Game Tools, Inc.) C:\Windows\SysWOW64\mss32.dll
2015-06-11 21:40 - 2014-06-15 15:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEShims.dll
2015-06-11 21:40 - 2014-06-15 15:10 - 00176128 _____ (RAD Game Tools, Inc.) C:\Windows\SysWOW64\binkw32.dll
2015-06-11 21:34 - 2015-06-11 21:34 - 00000197 _____ C:\Windows\system32\2015-06-11-19-34-16.071-AvastVBoxSVC.exe-2380.log
2015-06-11 21:01 - 2015-06-11 21:08 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 21:01 - 2015-05-27 00:04 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-11 20:53 - 2015-06-11 20:53 - 00000762 _____ C:\Windows\DirectX.log
2015-06-11 19:10 - 2015-06-11 19:10 - 00000197 _____ C:\Windows\system32\2015-06-11-17-10-46.074-AvastVBoxSVC.exe-2316.log
2015-06-11 11:26 - 2015-06-11 11:26 - 00000197 _____ C:\Windows\system32\2015-06-11-09-26-21.018-AvastVBoxSVC.exe-2764.log
2015-06-10 14:52 - 2015-06-10 14:52 - 00000197 _____ C:\Windows\system32\2015-06-10-12-52-55.005-AvastVBoxSVC.exe-2316.log
2015-06-10 10:10 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 10:10 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 10:10 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 10:10 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 10:10 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 10:10 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 10:10 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 10:10 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 10:10 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 10:10 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 10:10 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 10:10 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 10:10 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 10:10 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 10:10 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 10:10 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 10:10 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 10:10 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 10:10 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 10:10 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 10:10 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 10:10 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 10:10 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:10 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 10:10 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 10:10 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 10:10 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 10:10 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 10:10 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 10:10 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 10:10 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 10:10 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 10:10 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 10:10 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 10:10 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 10:10 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 10:06 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 10:06 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 10:06 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 10:06 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 10:06 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 10:06 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 10:06 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 10:06 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 10:06 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 10:06 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 10:06 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 10:06 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 10:06 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 10:06 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 10:06 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 10:06 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 10:06 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 10:06 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 10:06 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 10:06 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 10:06 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 10:06 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 10:06 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 10:06 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 10:06 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 10:06 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 10:06 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 10:06 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 10:06 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 10:06 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 10:06 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 10:06 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 10:06 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 10:06 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 10:06 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 10:06 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 10:06 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 10:06 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 10:06 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 10:05 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 10:05 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 10:05 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 10:05 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 10:05 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 10:05 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 10:05 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 10:05 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 10:05 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 10:05 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 10:05 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 10:05 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 10:05 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 10:05 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 10:05 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 10:05 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 10:05 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 10:05 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 10:05 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 10:05 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 10:05 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:55 - 2015-06-10 09:55 - 00000197 _____ C:\Windows\system32\2015-06-10-07-55-14.020-AvastVBoxSVC.exe-2344.log
2015-06-09 19:30 - 2015-06-09 19:30 - 00000197 _____ C:\Windows\system32\2015-06-09-17-30-22.033-AvastVBoxSVC.exe-2364.log
2015-06-09 10:24 - 2015-06-09 10:24 - 00000197 _____ C:\Windows\system32\2015-06-09-08-24-01.038-AvastVBoxSVC.exe-2348.log
2015-06-08 10:03 - 2015-06-08 10:03 - 00000197 _____ C:\Windows\system32\2015-06-08-08-03-34.042-AvastVBoxSVC.exe-2504.log
2015-06-07 10:37 - 2015-06-07 10:37 - 00000197 _____ C:\Windows\system32\2015-06-07-08-37-30.034-AvastVBoxSVC.exe-2256.log
2015-06-06 11:25 - 2015-06-06 11:25 - 00001615 _____ C:\Users\Mermeoth\Desktop\Darkest - Shortcut.lnk
2015-06-06 10:41 - 2015-06-06 11:27 - 00000000 ____D C:\Users\Mermeoth\Documents\Darkest
2015-06-06 09:03 - 2015-06-06 09:03 - 00000197 _____ C:\Windows\system32\2015-06-06-07-03-24.065-AvastVBoxSVC.exe-3028.log
2015-06-05 22:03 - 2015-06-05 22:03 - 00000197 _____ C:\Windows\system32\2015-06-05-20-03-58.043-AvastVBoxSVC.exe-2872.log
2015-06-05 11:11 - 2015-06-05 11:11 - 00000197 _____ C:\Windows\system32\2015-06-05-09-11-36.077-AvastVBoxSVC.exe-2272.log
2015-06-05 09:13 - 2015-06-05 09:13 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\CSC
2015-06-05 09:03 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 09:03 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 09:03 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 20:59 - 2015-06-04 20:59 - 00000197 _____ C:\Windows\system32\2015-06-04-18-59-36.020-AvastVBoxSVC.exe-2388.log
2015-06-04 10:42 - 2015-06-04 10:42 - 00000247 _____ C:\Windows\system32\2015-06-04-08-42-22.082-aswFe.exe-5100.log
2015-06-04 10:35 - 2015-06-04 10:42 - 00000247 _____ C:\Windows\system32\2015-06-04-08-35-45.064-aswFe.exe-3488.log
2015-06-04 10:35 - 2015-06-04 10:35 - 00000197 _____ C:\Windows\system32\2015-06-04-08-35-39.048-AvastVBoxSVC.exe-2428.log
2015-06-04 09:46 - 2015-06-04 09:46 - 00000247 _____ C:\Windows\system32\2015-06-04-07-46-10.056-aswFe.exe-3220.log
2015-06-04 09:39 - 2015-06-04 09:46 - 00000247 _____ C:\Windows\system32\2015-06-04-07-39-15.091-aswFe.exe-2972.log
2015-06-04 09:39 - 2015-06-04 09:39 - 00000197 _____ C:\Windows\system32\2015-06-04-07-39-10.014-AvastVBoxSVC.exe-3276.log
2015-06-03 20:17 - 2015-06-03 20:17 - 00000197 _____ C:\Windows\system32\2015-06-03-18-17-32.049-AvastVBoxSVC.exe-2660.log
2015-06-03 20:14 - 2015-06-03 20:14 - 00000368 _____ C:\Windows\PFRO.log
2015-06-03 19:43 - 2015-06-03 19:50 - 00006525 _____ C:\Users\Mermeoth\Desktop\pcwdbg.log
2015-06-03 18:01 - 2015-06-03 18:01 - 00000197 _____ C:\Windows\system32\2015-06-03-16-01-03.019-AvastVBoxSVC.exe-3048.log
2015-06-03 10:19 - 2015-06-03 20:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-03 09:48 - 2015-06-03 09:48 - 00000197 _____ C:\Windows\system32\2015-06-03-07-48-13.016-AvastVBoxSVC.exe-2376.log
2015-06-02 19:36 - 2015-06-02 19:36 - 00000197 _____ C:\Windows\system32\2015-06-02-17-36-52.083-AvastVBoxSVC.exe-2488.log
2015-06-02 18:10 - 2015-06-02 18:10 - 00000197 _____ C:\Windows\system32\2015-06-02-16-10-27.014-AvastVBoxSVC.exe-2484.log
2015-06-01 10:10 - 2015-06-01 10:10 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\GWX
2015-06-01 10:00 - 2015-06-01 10:00 - 00000197 _____ C:\Windows\system32\2015-06-01-08-00-38.022-AvastVBoxSVC.exe-2748.log
2015-05-31 14:07 - 2015-05-31 14:07 - 00000247 _____ C:\Windows\system32\2015-05-31-12-07-24.072-aswFe.exe-4484.log
2015-05-31 14:00 - 2015-05-31 14:07 - 00000247 _____ C:\Windows\system32\2015-05-31-12-00-07.074-aswFe.exe-5556.log
2015-05-31 13:59 - 2015-05-31 13:59 - 00000197 _____ C:\Windows\system32\2015-05-31-11-59-46.000-AvastVBoxSVC.exe-4660.log
2015-05-30 10:45 - 2015-05-30 10:45 - 00000197 _____ C:\Windows\system32\2015-05-30-08-45-42.025-AvastVBoxSVC.exe-2748.log
2015-05-29 09:29 - 2015-05-29 09:29 - 00000197 _____ C:\Windows\system32\2015-05-29-07-29-02.093-AvastVBoxSVC.exe-2884.log
2015-05-28 10:22 - 2015-05-28 10:22 - 00000197 _____ C:\Windows\system32\2015-05-28-08-22-15.010-AvastVBoxSVC.exe-2260.log
2015-05-27 19:24 - 2015-05-27 19:24 - 00000197 _____ C:\Windows\system32\2015-05-27-17-24-57.043-AvastVBoxSVC.exe-2408.log
2015-05-27 12:52 - 2015-05-27 12:52 - 00000197 _____ C:\Windows\system32\2015-05-27-10-52-44.034-AvastVBoxSVC.exe-2180.log
2015-05-27 10:06 - 2015-05-27 10:06 - 00000197 _____ C:\Windows\system32\2015-05-27-08-06-05.052-AvastVBoxSVC.exe-2936.log
2015-05-26 19:53 - 2015-05-28 00:59 - 00000000 ____D C:\Users\Mermeoth\Documents\majesty2
2015-05-26 19:53 - 2015-05-26 19:53 - 00000796 _____ C:\Users\Public\Desktop\Majesty 2 Collection.lnk
2015-05-26 09:51 - 2015-05-26 09:51 - 00000247 _____ C:\Windows\system32\2015-05-26-07-51-24.013-aswFe.exe-3388.log
2015-05-26 09:43 - 2015-05-26 09:51 - 00000247 _____ C:\Windows\system32\2015-05-26-07-43-15.011-aswFe.exe-5228.log
2015-05-26 09:43 - 2015-05-26 09:43 - 00000197 _____ C:\Windows\system32\2015-05-26-07-43-09.015-AvastVBoxSVC.exe-2568.log
2015-05-26 09:16 - 2015-05-26 09:16 - 00000000 __SHD C:\found.000
2015-05-25 10:22 - 2015-05-25 10:22 - 00000197 _____ C:\Windows\system32\2015-05-25-08-22-21.001-AvastVBoxSVC.exe-2592.log
2015-05-24 22:31 - 2015-05-24 22:31 - 00000197 _____ C:\Windows\system32\2015-05-24-20-31-44.024-AvastVBoxSVC.exe-4324.log
2015-05-24 10:12 - 2015-05-24 10:12 - 00000197 _____ C:\Windows\system32\2015-05-24-08-12-12.047-AvastVBoxSVC.exe-2052.log
2015-05-23 10:16 - 2015-05-23 10:16 - 00000197 _____ C:\Windows\system32\2015-05-23-08-16-12.013-AvastVBoxSVC.exe-2948.log
2015-05-22 20:10 - 2015-05-22 20:10 - 00000197 _____ C:\Windows\system32\2015-05-22-18-10-45.091-AvastVBoxSVC.exe-2320.log
2015-05-22 17:45 - 2015-05-22 17:45 - 00000197 _____ C:\Windows\system32\2015-05-22-15-45-06.033-AvastVBoxSVC.exe-2404.log
2015-05-22 17:37 - 2015-05-22 17:37 - 00003640 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series
2015-05-22 17:37 - 2015-05-22 17:37 - 00002272 _____ C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
2015-05-22 17:37 - 2015-05-22 17:37 - 00001194 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1050 J410 series.lnk
2015-05-22 17:37 - 2015-05-22 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-05-22 17:36 - 2015-05-22 17:36 - 00000000 ____D C:\Program Files\HP
2015-05-22 17:24 - 2015-05-22 17:24 - 00000197 _____ C:\Windows\system32\2015-05-22-15-24-43.093-AvastVBoxSVC.exe-2092.log
2015-05-22 17:22 - 2015-06-15 09:24 - 00004144 _____ C:\Windows\setupact.log
2015-05-22 17:22 - 2015-05-22 17:22 - 00000000 _____ C:\Windows\setuperr.log
2015-05-22 17:17 - 2015-05-22 17:17 - 00002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-22 17:17 - 2015-05-22 17:17 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-22 17:17 - 2015-05-22 17:17 - 00000000 ____D C:\Program Files\CCleaner
2015-05-22 17:03 - 2015-05-22 17:03 - 00000197 _____ C:\Windows\system32\2015-05-22-15-03-30.012-AvastVBoxSVC.exe-2356.log
2015-05-22 16:57 - 2015-05-22 16:57 - 00003500 _____ C:\Windows\System32\Tasks\HP Deskjet 1050 J410 series.exe_{FEF80654-ECBD-44BF-A88A-30C61EF52575}
2015-05-22 16:29 - 2015-05-22 16:29 - 00000197 _____ C:\Windows\system32\2015-05-22-14-29-19.062-AvastVBoxSVC.exe-2300.log
2015-05-22 10:48 - 2015-05-22 10:48 - 00000197 _____ C:\Windows\system32\2015-05-22-08-48-19.066-AvastVBoxSVC.exe-2972.log
2015-05-21 17:17 - 2015-05-21 17:17 - 00000197 _____ C:\Windows\system32\2015-05-21-15-17-46.086-AvastVBoxSVC.exe-2432.log
2015-05-21 09:23 - 2015-05-21 09:23 - 00000197 _____ C:\Windows\system32\2015-05-21-07-23-24.012-AvastVBoxSVC.exe-2436.log
2015-05-20 22:08 - 2015-05-20 22:08 - 00089016 _____ C:\spyhunter.log
2015-05-20 20:45 - 2015-06-04 10:38 - 00000556 _____ C:\Users\Mermeoth\Desktop\RKreport[0]_D_05202015_204509.txt
2015-05-20 20:43 - 2015-05-20 20:43 - 00001717 _____ C:\Users\Mermeoth\Desktop\RKreport[0]_S_05202015_204324.txt
2015-05-20 20:41 - 2015-05-20 20:45 - 00000000 ____D C:\Users\Mermeoth\Desktop\RK_Quarantine
2015-05-20 20:37 - 2015-05-20 20:37 - 00000197 _____ C:\Windows\system32\2015-05-20-18-37-17.027-AvastVBoxSVC.exe-2196.log
2015-05-20 20:27 - 2015-05-20 20:27 - 00000197 _____ C:\Windows\system32\2015-05-20-18-27-20.047-AvastVBoxSVC.exe-2896.log
2015-05-20 20:20 - 2015-06-12 09:36 - 00000000 ____D C:\AdwCleaner
2015-05-20 20:12 - 2015-05-20 20:12 - 00000197 _____ C:\Windows\system32\2015-05-20-18-12-28.057-AvastVBoxSVC.exe-2248.log
2015-05-20 20:09 - 2015-05-20 20:10 - 00031313 _____ C:\sh4_service.log
2015-05-20 19:55 - 2013-10-18 15:01 - 00285747 _____ C:\shldr
2015-05-20 19:55 - 2013-10-18 15:01 - 00008192 _____ C:\shldr.mbr
2015-05-20 16:45 - 2015-05-20 16:45 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-05-20 16:44 - 2015-05-20 20:30 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-05-20 15:05 - 2015-05-20 15:05 - 00000000 _____ C:\autoexec.bat
2015-05-20 10:05 - 2015-05-20 10:05 - 00000247 _____ C:\Windows\system32\2015-05-20-08-05-10.028-aswFe.exe-1528.log
2015-05-20 09:59 - 2015-05-20 10:05 - 00000247 _____ C:\Windows\system32\2015-05-20-07-59-05.021-aswFe.exe-2892.log
2015-05-20 09:58 - 2015-05-20 09:59 - 00000197 _____ C:\Windows\system32\2015-05-20-07-58-59.074-AvastVBoxSVC.exe-4204.log
2015-05-19 09:14 - 2015-05-19 09:14 - 00000197 _____ C:\Windows\system32\2015-05-19-07-14-33.095-AvastVBoxSVC.exe-2528.log
2015-05-18 14:01 - 2015-05-18 14:01 - 00000247 _____ C:\Windows\system32\2015-05-18-12-01-21.080-aswFe.exe-4644.log
2015-05-18 13:54 - 2015-05-18 14:01 - 00000247 _____ C:\Windows\system32\2015-05-18-11-54-54.047-aswFe.exe-5072.log
2015-05-18 13:54 - 2015-05-18 13:54 - 00000197 _____ C:\Windows\system32\2015-05-18-11-54-49.043-AvastVBoxSVC.exe-3440.log
2015-05-18 09:33 - 2015-05-18 09:33 - 00000197 _____ C:\Windows\system32\2015-05-18-07-33-11.028-AvastVBoxSVC.exe-2288.log
2015-05-17 17:31 - 2015-05-17 17:31 - 00000197 _____ C:\Windows\system32\2015-05-17-15-31-55.075-AvastVBoxSVC.exe-1800.log
2015-05-16 09:37 - 2015-05-16 09:37 - 00000197 _____ C:\Windows\system32\2015-05-16-07-37-10.073-AvastVBoxSVC.exe-2364.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 14:17 - 2015-01-21 23:00 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-15 13:45 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-15 13:45 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-15 13:41 - 2015-01-21 22:18 - 02013067 _____ C:\Windows\WindowsUpdate.log
2015-06-15 13:02 - 2015-01-28 21:14 - 00000000 ____D C:\Program Files (x86)\torrent
2015-06-15 10:17 - 2015-01-21 23:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-15 09:27 - 2015-01-21 22:14 - 00002848 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2015-06-15 09:27 - 2015-01-21 22:14 - 00000416 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2015-06-15 09:26 - 2015-01-21 22:14 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2015-06-15 09:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-14 19:38 - 2015-01-22 01:22 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-12 13:11 - 2015-01-21 23:43 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\Battle.net
2015-06-12 11:17 - 2015-01-21 23:44 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-06-12 09:23 - 2015-02-07 18:15 - 00000000 ____D C:\ProgramData\TEMP
2015-06-12 00:41 - 2015-02-14 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2015-06-12 00:29 - 2009-07-14 07:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-11 21:16 - 2015-01-21 22:30 - 00766100 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-11 21:15 - 2009-07-14 07:13 - 00766100 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 20:54 - 2015-01-21 21:28 - 00000000 ____D C:\Kamil Záloha
2015-06-11 20:42 - 2015-01-22 01:16 - 00000000 ____D C:\Users\Mermeoth\Documents\Paradox Interactive
2015-06-11 15:35 - 2015-01-22 12:35 - 00000000 ____D C:\Games
2015-06-10 19:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 14:49 - 2009-07-14 06:45 - 00416288 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 14:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-08 01:37 - 2015-03-05 22:59 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\TS3Client
2015-06-07 20:35 - 2015-01-21 23:43 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-05 11:16 - 2015-01-21 23:00 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\Deployment
2015-06-05 11:08 - 2015-01-23 13:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-05 11:08 - 2015-01-23 13:05 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-03 20:14 - 2015-01-22 02:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-26 19:49 - 2015-01-21 23:15 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\DAEMON Tools Lite
2015-05-22 17:18 - 2015-01-22 06:06 - 00000000 ____D C:\Windows\Panther
2015-05-22 16:55 - 2015-01-21 22:42 - 00110424 _____ C:\Users\Mermeoth\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-22 16:48 - 2015-01-28 14:11 - 00000000 ____D C:\Program Files (x86)\HP
2015-05-21 09:29 - 2015-01-22 02:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 09:29 - 2015-01-22 02:39 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-21 09:26 - 2015-01-22 02:37 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\Adobe
2015-05-21 02:34 - 2015-04-05 02:04 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-21 02:34 - 2015-04-05 02:04 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 20:14 - 2015-01-22 02:22 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-20 20:14 - 2015-01-21 21:25 - 00001413 _____ C:\Users\Mermeoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-18 09:45 - 2015-01-28 21:28 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
==================== Files in the root of some directories =======
2015-01-28 14:11 - 2015-01-28 14:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-01 14:44 - 2015-02-01 14:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Mermeoth\AppData\Local\Temp\bitool.dll
C:\Users\Mermeoth\AppData\Local\Temp\cabex.dll
C:\Users\Mermeoth\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Mermeoth\AppData\Local\Temp\Quarantine.exe
C:\Users\Mermeoth\AppData\Local\Temp\sqlite3.dll
C:\Users\Mermeoth\AppData\Local\Temp\unelevate.exe
C:\Users\Mermeoth\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe
C:\Users\Mermeoth\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-10 19:23
==================== End of log ============================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Mermeoth at 2015-06-15 14:23:21
Running from D:\CD\Pro čištění compa
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2017746565-3527076051-863224216-500 - Administrator - Disabled)
Guest (S-1-5-21-2017746565-3527076051-863224216-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2017746565-3527076051-863224216-1002 - Limited - Enabled)
Mermeoth (S-1-5-21-2017746565-3527076051-863224216-1000 - Administrator - Enabled) => C:\Users\Mermeoth
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco Packet Tracer 6.1.1 Student (HKLM-x32\...\Cisco Packet Tracer 6.1.1 Student_is1) (Version: - Cisco Systems, Inc.)
Crusader Kings II Way of Life (HKLM-x32\...\Crusader Kings II Way of Life_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Five Nights at Freddy's 2 v1.0 (HKLM-x32\...\Five Nights at Freddy's 2 v1.0_is1) (Version: - )
Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
K-Lite Codec Pack 10.9.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Majesty 2 Collection (HKLM-x32\...\Majesty 2 Collection_is1) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\MK LOL) (Version: - )
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7388 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Worms Clan Wars (HKLM-x32\...\Worms Clan Wars_is1) (Version: - Team17 Digital Ltd)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
05-04-2015 02:04:09 Windows Update
10-04-2015 10:48:46 Windows Update
14-04-2015 10:26:14 Windows Update
15-04-2015 19:44:45 Windows Update
21-04-2015 11:21:10 Windows Update
22-04-2015 17:32:07 DLL-Files Fixer Wed, Apr 22, 15 17:32
28-04-2015 11:05:21 Windows Update
01-05-2015 11:14:50 Windows Update
05-05-2015 09:32:50 Windows Update
08-05-2015 13:10:28 Windows Update
12-05-2015 15:12:29 Windows Update
13-05-2015 18:24:44 Windows Update
19-05-2015 09:17:43 Windows Update
20-05-2015 16:44:42 Installed SpyHunter
20-05-2015 20:28:42 Removed SpyHunter
20-05-2015 20:29:57 Removed SpyHunter
21-05-2015 02:33:56 Windows Update
22-05-2015 16:36:45 Removed HP Deskjet 1050 J410 series Basic Device Software
22-05-2015 16:47:02 Installed HP Support Solutions Framework
22-05-2015 17:07:34 Removed HP Deskjet 1050 J410 series Product Improvement Study
22-05-2015 17:09:27 Removed HP Support Solutions Framework
22-05-2015 17:10:23 Removed HP Deskjet 1050 J410 series Basic Device Software
22-05-2015 17:33:33 Installed HP Support Solutions Framework
26-05-2015 09:27:10 Windows Update
29-05-2015 09:33:07 Windows Update
02-06-2015 18:16:11 Windows Update
05-06-2015 10:10:29 Windows Update
09-06-2015 10:26:59 Windows Update
10-06-2015 13:18:16 Windows Update
11-06-2015 21:00:26 Windows Update
11-06-2015 21:42:21 Installed DirectX
11-06-2015 21:57:59 Removed Microsoft Visual C++ 2005 Redistributable
11-06-2015 22:00:08 Removed Microsoft Visual C++ 2005 Redistributable (x64)
11-06-2015 22:03:11 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
11-06-2015 22:06:14 Removed Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
11-06-2015 22:07:25 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
11-06-2015 22:08:06 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
11-06-2015 23:19:46 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
11-06-2015 23:22:23 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
11-06-2015 23:26:30 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
11-06-2015 23:29:40 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-05-20 15:05 - 2015-05-20 15:05 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D337C76-8DFE-4869-BB72-466A8BC5DB57} - System32\Tasks\{B832EDD4-F47A-4FAC-9796-97F93E430E7A} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall ENTERPRISE /dll OSETUP.DLL
Task: {133C4F66-4C5E-475C-A49B-FC9EB68CC25B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {1E35CC3C-94B6-4B75-B8B1-C1AE2A568F79} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {2CD64E9E-FF36-4F28-9403-CE453A6B9A59} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-01-13] ()
Task: {43B713BF-991A-4AE0-91CF-3CA2A11597B5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {4A79DC8E-1135-4DF2-B7C9-8BE7E26F5E09} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-22] (AVAST Software)
Task: {508BB51E-AF7D-45FF-BC56-422EB1F4E437} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {5D0BCD0F-2AAF-4914-81F3-8EF6BA54AABF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {636E99A1-0795-4C9E-8E8C-052AED8CF5C6} - System32\Tasks\Installer_iwebar => C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe [2015-06-12] () <==== ATTENTION
Task: {63DA29E4-5B84-46D8-ADFA-346CDA221F7F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-23] (Microsoft Corporation)
Task: {78712161-4BCE-45E5-AFD2-45C59D4C8FCE} - System32\Tasks\HP Deskjet 1050 J410 series.exe_{FEF80654-ECBD-44BF-A88A-30C61EF52575} => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {852EEF2C-ECA8-465D-A105-5FFEFADD8676} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {951AA9CE-D1F3-4EFB-95AA-6A036103812A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {A5E1E090-B5BA-4E85-B3B2-00B30A267ACA} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {ABEEF00E-6C00-48AB-B105-2B123737B1F7} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {D64957BE-A8D6-4471-B1C2-65B660676A27} - System32\Tasks\avastBCLRestartS-1-5-21-2017746565-3527076051-863224216-1000 => Chrome.exe
Task: {D910A1BE-3EE9-4B32-8C65-A83B2519DE58} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {E302498E-2C68-47A4-9FA1-8D3701F4DD9A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (Whitelisted) ==============
2015-01-22 01:21 - 2015-01-22 01:21 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-22 01:21 - 2015-01-22 01:21 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-01-21 17:54 - 2015-01-22 12:42 - 01294336 _____ () C:\Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-01-22 12:42 - 2015-06-15 14:18 - 02360312 _____ () C:\Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.247\deploy\LoLLauncher.exe
2015-01-31 23:20 - 2015-06-15 14:18 - 03924472 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcher.exe
2015-01-31 23:20 - 2015-06-15 14:18 - 03111416 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcherUx.exe
2015-06-14 19:37 - 2015-06-14 19:37 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061401\algo.dll
2015-01-22 01:21 - 2015-01-22 01:21 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-06-15 13:34 - 2015-06-15 13:34 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061500\algo.dll
2015-03-14 21:06 - 2015-03-14 21:06 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 01672696 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\RiotLauncher.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 34850296 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\libcef.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 01383416 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\icui18n.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 01142264 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\icuuc.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 04382200 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\v8.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 01755128 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\RiotRadsIO.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 00953336 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\ffmpegsumo.dll
2015-06-09 22:18 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 22:18 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-09 22:18 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.46.172.37 - 213.46.172.36
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Mermeoth^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3823C375-1E8B-48FE-BE86-4B05410DF30B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{328EFC6C-8F2F-4DE2-9337-41A9D181BF35}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9CA26339-DF8D-45BE-BE67-76F6C4851780}] => (Allow) C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{98549C21-9357-4BC6-BAD2-E72B0ABE31C0}] => (Allow) C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3631DC64-C781-412E-9126-23D177955914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{932023D8-E113-42B4-B5F4-9F1FC56ACA61}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E6BDBBA-6E05-4BB6-85F6-410B1CCA273F}] => (Allow) C:\Program Files (x86)\torrent\utorrent.exe
FirewallRules: [{8DF4872A-8148-4D5D-8DE9-4B6413118B01}] => (Allow) C:\Program Files (x86)\torrent\utorrent.exe
FirewallRules: [{93F5FD70-571D-4C66-9F78-285B802CD744}] => (Allow) %ProgramFiles% (x86)\torrent\utorrent.exe
FirewallRules: [{47A758B0-0C1C-4020-B79B-F4DEDEB84CE4}] => (Allow) LPort=56999
FirewallRules: [{566A5CDA-70FB-4B5E-A489-DB62EDF60C36}] => (Allow) LPort=56999
FirewallRules: [{76EAF538-9612-4E7C-A6B5-BCEEBE36E2E9}] => (Allow) %ProgramFiles% (x86)\torrent\utorrent.exe
FirewallRules: [TCP Query User{D4543E12-D229-4037-9142-42C3F5942F3E}C:\program files (x86)\cisco packet tracer 6.1.1sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1.1sv\bin\packettracer6.exe
FirewallRules: [UDP Query User{F058B505-B0D6-4970-89F3-1CF0654B9E74}C:\program files (x86)\cisco packet tracer 6.1.1sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1.1sv\bin\packettracer6.exe
FirewallRules: [TCP Query User{294F08BD-A5A7-4926-8094-9FE0ADEB4B96}C:\games\worms clan wars\wormsclanwars.exe] => (Block) C:\games\worms clan wars\wormsclanwars.exe
FirewallRules: [UDP Query User{3F303DCD-F11F-4F89-B2E4-99F1B6548C06}C:\games\worms clan wars\wormsclanwars.exe] => (Block) C:\games\worms clan wars\wormsclanwars.exe
FirewallRules: [TCP Query User{94435FD5-416A-477C-BD77-34D1D6C86A35}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7BE25199-D0CB-41B2-994B-2F9BEFA350F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FBA86133-7872-46F6-AF92-030143BC59D1}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{1932BB41-7F12-4E55-91F9-A9650EAAB129}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B5DD7DE6-CCE2-462F-A90B-F3B123E742C7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{7FE16059-9185-4E44-BD47-4CE3E853CD32}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{98496F9C-60DD-49AE-9AA7-AEB2B546536F}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{73EB5756-A7C4-45B8-817D-43A253AAAFF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BA766C53-59B1-48C2-B163-64E95489734C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9BBCC3DA-0ED8-4129-ACAA-5FC45430174A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/15/2015 09:26:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/14/2015 07:37:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/13/2015 09:32:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2015 04:45:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/12/2015 09:38:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2015 09:22:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2015 00:30:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2015 00:03:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/11/2015 11:22:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/11/2015 11:09:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/15/2015 09:25:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Swift Record service failed to start due to the following error:
%%2
Error: (06/14/2015 07:36:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Swift Record service failed to start due to the following error:
%%2
Error: (06/13/2015 06:42:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (06/13/2015 09:31:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Swift Record service failed to start due to the following error:
%%2
Error: (06/12/2015 09:38:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Swift Record service failed to start due to the following error:
%%2
Error: (06/12/2015 09:37:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Print Spooler service failed to start due to the following error:
%%1069
Error: (06/12/2015 09:37:25 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The Spooler service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (06/12/2015 09:37:12 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056
Error: (06/12/2015 09:36:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (06/12/2015 09:36:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Microsoft Office:
=========================
Error: (02/03/2015 09:57:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 36 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 61%
Total physical RAM: 3956.5 MB
Available physical RAM: 1541.04 MB
Total Pagefile: 7911.21 MB
Available Pagefile: 5178.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:356.29 GB) (Free:73.32 GB) NTFS
Drive d: () (Fixed) (Total:97.66 GB) (Free:60.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0C1A0C1A)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=356.3 GB) - (Type=07 NTFS)
==================== End of log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Mermeoth (administrator) on MERMEOTH-PC on 15-06-2015 14:19:25
Running from D:\CD\Pro čištění compa
Loaded Profiles: Mermeoth (Available Profiles: Mermeoth)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
() C:\Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.247\deploy\LoLLauncher.exe
() C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcher.exe
() C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcherUx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcherUx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-01-22] (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-22] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-22] (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF ProfilePath: C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2017746565-3527076051-863224216-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mermeoth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\searchplugins\google-avast.xml [2015-01-22]
FF Extension: Password Exporter - C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2015-01-22]
FF Extension: Adblock Plus - C:\Users\Mermeoth\AppData\Roaming\Mozilla\Firefox\Profiles\m2qgcji3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-22]
Chrome:
=======
CHR Profile: C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-21]
CHR Extension: (Google Docs) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-21]
CHR Extension: (Google Drive) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-21]
CHR Extension: (YouTube) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-21]
CHR Extension: (Adblock Plus) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-12]
CHR Extension: (Google Search) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-21]
CHR Extension: (Google Sheets) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-21]
CHR Extension: (Avast Online Security) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-22]
CHR Extension: (Google Wallet) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-21]
CHR Extension: (Gmail) - C:\Users\Mermeoth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-22] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-22] (Avast Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Util Swift Record; "C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-22] ()
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-21] (Disc Soft Ltd)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-06-15] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-22] (Avast Software)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 09:28 - 2015-06-15 09:28 - 00000197 _____ C:\Windows\system32\2015-06-15-07-28-23.089-AvastVBoxSVC.exe-1192.log
2015-06-14 19:38 - 2015-06-14 19:38 - 00000197 _____ C:\Windows\system32\2015-06-14-17-38-47.058-AvastVBoxSVC.exe-3044.log
2015-06-13 09:35 - 2015-06-13 09:35 - 00000197 _____ C:\Windows\system32\2015-06-13-07-35-04.057-AvastVBoxSVC.exe-3708.log
2015-06-12 16:36 - 2015-06-15 14:19 - 00000000 ____D C:\FRST
2015-06-12 09:40 - 2015-06-12 09:40 - 00000197 _____ C:\Windows\system32\2015-06-12-07-40-32.047-AvastVBoxSVC.exe-2732.log
2015-06-12 09:24 - 2015-06-12 09:24 - 00000197 _____ C:\Windows\system32\2015-06-12-07-24-47.017-AvastVBoxSVC.exe-2504.log
2015-06-12 00:51 - 2015-06-12 00:51 - 00000247 _____ C:\Windows\system32\2015-06-11-22-51-19.076-aswFe.exe-5180.log
2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\rsit
2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\Program Files\trend micro
2015-06-12 00:43 - 2015-06-12 00:51 - 00000247 _____ C:\Windows\system32\2015-06-11-22-43-58.055-aswFe.exe-4488.log
2015-06-12 00:43 - 2015-06-12 00:43 - 00000197 _____ C:\Windows\system32\2015-06-11-22-43-54.023-AvastVBoxSVC.exe-1708.log
2015-06-12 00:11 - 2015-06-12 00:11 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2015-06-12 00:10 - 2015-06-12 00:11 - 00004382 _____ C:\Windows\System32\Tasks\Installer_iwebar
2015-06-12 00:10 - 2015-06-12 00:10 - 00002255 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2015-06-12 00:10 - 2015-06-12 00:10 - 00002255 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\Seznam.cz
2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-12 00:09 - 2015-06-12 00:09 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\CrashRpt
2015-06-11 23:20 - 2015-06-11 23:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-11 23:11 - 2015-06-11 23:11 - 00000197 _____ C:\Windows\system32\2015-06-11-21-11-54.045-AvastVBoxSVC.exe-2864.log
2015-06-11 22:00 - 2015-06-11 22:00 - 00003282 _____ C:\Windows\System32\Tasks\{B832EDD4-F47A-4FAC-9796-97F93E430E7A}
2015-06-11 21:43 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-06-11 21:43 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-06-11 21:43 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-11 21:42 - 2015-06-11 21:42 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-06-11 21:42 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-06-11 21:42 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-06-11 21:41 - 2015-06-11 21:43 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-11 21:40 - 2014-06-15 15:18 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2015-06-11 21:40 - 2014-06-15 15:18 - 00450560 _____ (RAD Game Tools, Inc.) C:\Windows\SysWOW64\mss32.dll
2015-06-11 21:40 - 2014-06-15 15:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEShims.dll
2015-06-11 21:40 - 2014-06-15 15:10 - 00176128 _____ (RAD Game Tools, Inc.) C:\Windows\SysWOW64\binkw32.dll
2015-06-11 21:34 - 2015-06-11 21:34 - 00000197 _____ C:\Windows\system32\2015-06-11-19-34-16.071-AvastVBoxSVC.exe-2380.log
2015-06-11 21:01 - 2015-06-11 21:08 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 21:01 - 2015-05-27 00:04 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-11 20:53 - 2015-06-11 20:53 - 00000762 _____ C:\Windows\DirectX.log
2015-06-11 19:10 - 2015-06-11 19:10 - 00000197 _____ C:\Windows\system32\2015-06-11-17-10-46.074-AvastVBoxSVC.exe-2316.log
2015-06-11 11:26 - 2015-06-11 11:26 - 00000197 _____ C:\Windows\system32\2015-06-11-09-26-21.018-AvastVBoxSVC.exe-2764.log
2015-06-10 14:52 - 2015-06-10 14:52 - 00000197 _____ C:\Windows\system32\2015-06-10-12-52-55.005-AvastVBoxSVC.exe-2316.log
2015-06-10 10:10 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 10:10 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 10:10 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 10:10 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 10:10 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 10:10 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 10:10 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 10:10 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 10:10 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 10:10 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 10:10 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 10:10 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 10:10 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 10:10 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 10:10 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 10:10 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 10:10 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 10:10 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 10:10 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 10:10 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 10:10 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 10:10 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 10:10 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 10:10 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 10:10 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 10:10 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 10:10 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:10 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:10 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 10:10 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 10:10 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 10:10 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 10:10 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 10:10 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 10:10 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 10:10 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 10:10 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 10:10 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 10:10 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 10:10 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 10:10 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 10:06 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 10:06 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 10:06 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 10:06 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 10:06 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 10:06 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 10:06 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 10:06 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 10:06 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 10:06 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 10:06 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 10:06 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 10:06 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 10:06 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 10:06 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 10:06 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 10:06 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 10:06 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 10:06 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 10:06 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 10:06 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 10:06 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 10:06 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 10:06 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 10:06 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 10:06 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 10:06 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 10:06 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 10:06 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 10:06 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 10:06 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 10:06 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 10:06 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 10:06 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 10:06 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 10:06 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 10:06 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 10:06 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 10:06 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 10:05 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 10:05 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 10:05 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 10:05 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 10:05 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 10:05 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 10:05 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 10:05 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 10:05 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 10:05 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 10:05 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 10:05 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 10:05 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 10:05 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 10:05 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 10:05 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 10:05 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 10:05 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 10:05 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 10:05 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 10:05 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:55 - 2015-06-10 09:55 - 00000197 _____ C:\Windows\system32\2015-06-10-07-55-14.020-AvastVBoxSVC.exe-2344.log
2015-06-09 19:30 - 2015-06-09 19:30 - 00000197 _____ C:\Windows\system32\2015-06-09-17-30-22.033-AvastVBoxSVC.exe-2364.log
2015-06-09 10:24 - 2015-06-09 10:24 - 00000197 _____ C:\Windows\system32\2015-06-09-08-24-01.038-AvastVBoxSVC.exe-2348.log
2015-06-08 10:03 - 2015-06-08 10:03 - 00000197 _____ C:\Windows\system32\2015-06-08-08-03-34.042-AvastVBoxSVC.exe-2504.log
2015-06-07 10:37 - 2015-06-07 10:37 - 00000197 _____ C:\Windows\system32\2015-06-07-08-37-30.034-AvastVBoxSVC.exe-2256.log
2015-06-06 11:25 - 2015-06-06 11:25 - 00001615 _____ C:\Users\Mermeoth\Desktop\Darkest - Shortcut.lnk
2015-06-06 10:41 - 2015-06-06 11:27 - 00000000 ____D C:\Users\Mermeoth\Documents\Darkest
2015-06-06 09:03 - 2015-06-06 09:03 - 00000197 _____ C:\Windows\system32\2015-06-06-07-03-24.065-AvastVBoxSVC.exe-3028.log
2015-06-05 22:03 - 2015-06-05 22:03 - 00000197 _____ C:\Windows\system32\2015-06-05-20-03-58.043-AvastVBoxSVC.exe-2872.log
2015-06-05 11:11 - 2015-06-05 11:11 - 00000197 _____ C:\Windows\system32\2015-06-05-09-11-36.077-AvastVBoxSVC.exe-2272.log
2015-06-05 09:13 - 2015-06-05 09:13 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\CSC
2015-06-05 09:03 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 09:03 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 09:03 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 09:03 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 20:59 - 2015-06-04 20:59 - 00000197 _____ C:\Windows\system32\2015-06-04-18-59-36.020-AvastVBoxSVC.exe-2388.log
2015-06-04 10:42 - 2015-06-04 10:42 - 00000247 _____ C:\Windows\system32\2015-06-04-08-42-22.082-aswFe.exe-5100.log
2015-06-04 10:35 - 2015-06-04 10:42 - 00000247 _____ C:\Windows\system32\2015-06-04-08-35-45.064-aswFe.exe-3488.log
2015-06-04 10:35 - 2015-06-04 10:35 - 00000197 _____ C:\Windows\system32\2015-06-04-08-35-39.048-AvastVBoxSVC.exe-2428.log
2015-06-04 09:46 - 2015-06-04 09:46 - 00000247 _____ C:\Windows\system32\2015-06-04-07-46-10.056-aswFe.exe-3220.log
2015-06-04 09:39 - 2015-06-04 09:46 - 00000247 _____ C:\Windows\system32\2015-06-04-07-39-15.091-aswFe.exe-2972.log
2015-06-04 09:39 - 2015-06-04 09:39 - 00000197 _____ C:\Windows\system32\2015-06-04-07-39-10.014-AvastVBoxSVC.exe-3276.log
2015-06-03 20:17 - 2015-06-03 20:17 - 00000197 _____ C:\Windows\system32\2015-06-03-18-17-32.049-AvastVBoxSVC.exe-2660.log
2015-06-03 20:14 - 2015-06-03 20:14 - 00000368 _____ C:\Windows\PFRO.log
2015-06-03 19:43 - 2015-06-03 19:50 - 00006525 _____ C:\Users\Mermeoth\Desktop\pcwdbg.log
2015-06-03 18:01 - 2015-06-03 18:01 - 00000197 _____ C:\Windows\system32\2015-06-03-16-01-03.019-AvastVBoxSVC.exe-3048.log
2015-06-03 10:19 - 2015-06-03 20:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-03 09:48 - 2015-06-03 09:48 - 00000197 _____ C:\Windows\system32\2015-06-03-07-48-13.016-AvastVBoxSVC.exe-2376.log
2015-06-02 19:36 - 2015-06-02 19:36 - 00000197 _____ C:\Windows\system32\2015-06-02-17-36-52.083-AvastVBoxSVC.exe-2488.log
2015-06-02 18:10 - 2015-06-02 18:10 - 00000197 _____ C:\Windows\system32\2015-06-02-16-10-27.014-AvastVBoxSVC.exe-2484.log
2015-06-01 10:10 - 2015-06-01 10:10 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\GWX
2015-06-01 10:00 - 2015-06-01 10:00 - 00000197 _____ C:\Windows\system32\2015-06-01-08-00-38.022-AvastVBoxSVC.exe-2748.log
2015-05-31 14:07 - 2015-05-31 14:07 - 00000247 _____ C:\Windows\system32\2015-05-31-12-07-24.072-aswFe.exe-4484.log
2015-05-31 14:00 - 2015-05-31 14:07 - 00000247 _____ C:\Windows\system32\2015-05-31-12-00-07.074-aswFe.exe-5556.log
2015-05-31 13:59 - 2015-05-31 13:59 - 00000197 _____ C:\Windows\system32\2015-05-31-11-59-46.000-AvastVBoxSVC.exe-4660.log
2015-05-30 10:45 - 2015-05-30 10:45 - 00000197 _____ C:\Windows\system32\2015-05-30-08-45-42.025-AvastVBoxSVC.exe-2748.log
2015-05-29 09:29 - 2015-05-29 09:29 - 00000197 _____ C:\Windows\system32\2015-05-29-07-29-02.093-AvastVBoxSVC.exe-2884.log
2015-05-28 10:22 - 2015-05-28 10:22 - 00000197 _____ C:\Windows\system32\2015-05-28-08-22-15.010-AvastVBoxSVC.exe-2260.log
2015-05-27 19:24 - 2015-05-27 19:24 - 00000197 _____ C:\Windows\system32\2015-05-27-17-24-57.043-AvastVBoxSVC.exe-2408.log
2015-05-27 12:52 - 2015-05-27 12:52 - 00000197 _____ C:\Windows\system32\2015-05-27-10-52-44.034-AvastVBoxSVC.exe-2180.log
2015-05-27 10:06 - 2015-05-27 10:06 - 00000197 _____ C:\Windows\system32\2015-05-27-08-06-05.052-AvastVBoxSVC.exe-2936.log
2015-05-26 19:53 - 2015-05-28 00:59 - 00000000 ____D C:\Users\Mermeoth\Documents\majesty2
2015-05-26 19:53 - 2015-05-26 19:53 - 00000796 _____ C:\Users\Public\Desktop\Majesty 2 Collection.lnk
2015-05-26 09:51 - 2015-05-26 09:51 - 00000247 _____ C:\Windows\system32\2015-05-26-07-51-24.013-aswFe.exe-3388.log
2015-05-26 09:43 - 2015-05-26 09:51 - 00000247 _____ C:\Windows\system32\2015-05-26-07-43-15.011-aswFe.exe-5228.log
2015-05-26 09:43 - 2015-05-26 09:43 - 00000197 _____ C:\Windows\system32\2015-05-26-07-43-09.015-AvastVBoxSVC.exe-2568.log
2015-05-26 09:16 - 2015-05-26 09:16 - 00000000 __SHD C:\found.000
2015-05-25 10:22 - 2015-05-25 10:22 - 00000197 _____ C:\Windows\system32\2015-05-25-08-22-21.001-AvastVBoxSVC.exe-2592.log
2015-05-24 22:31 - 2015-05-24 22:31 - 00000197 _____ C:\Windows\system32\2015-05-24-20-31-44.024-AvastVBoxSVC.exe-4324.log
2015-05-24 10:12 - 2015-05-24 10:12 - 00000197 _____ C:\Windows\system32\2015-05-24-08-12-12.047-AvastVBoxSVC.exe-2052.log
2015-05-23 10:16 - 2015-05-23 10:16 - 00000197 _____ C:\Windows\system32\2015-05-23-08-16-12.013-AvastVBoxSVC.exe-2948.log
2015-05-22 20:10 - 2015-05-22 20:10 - 00000197 _____ C:\Windows\system32\2015-05-22-18-10-45.091-AvastVBoxSVC.exe-2320.log
2015-05-22 17:45 - 2015-05-22 17:45 - 00000197 _____ C:\Windows\system32\2015-05-22-15-45-06.033-AvastVBoxSVC.exe-2404.log
2015-05-22 17:37 - 2015-05-22 17:37 - 00003640 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series
2015-05-22 17:37 - 2015-05-22 17:37 - 00002272 _____ C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
2015-05-22 17:37 - 2015-05-22 17:37 - 00001194 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1050 J410 series.lnk
2015-05-22 17:37 - 2015-05-22 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-05-22 17:36 - 2015-05-22 17:36 - 00000000 ____D C:\Program Files\HP
2015-05-22 17:24 - 2015-05-22 17:24 - 00000197 _____ C:\Windows\system32\2015-05-22-15-24-43.093-AvastVBoxSVC.exe-2092.log
2015-05-22 17:22 - 2015-06-15 09:24 - 00004144 _____ C:\Windows\setupact.log
2015-05-22 17:22 - 2015-05-22 17:22 - 00000000 _____ C:\Windows\setuperr.log
2015-05-22 17:17 - 2015-05-22 17:17 - 00002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-22 17:17 - 2015-05-22 17:17 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-22 17:17 - 2015-05-22 17:17 - 00000000 ____D C:\Program Files\CCleaner
2015-05-22 17:03 - 2015-05-22 17:03 - 00000197 _____ C:\Windows\system32\2015-05-22-15-03-30.012-AvastVBoxSVC.exe-2356.log
2015-05-22 16:57 - 2015-05-22 16:57 - 00003500 _____ C:\Windows\System32\Tasks\HP Deskjet 1050 J410 series.exe_{FEF80654-ECBD-44BF-A88A-30C61EF52575}
2015-05-22 16:29 - 2015-05-22 16:29 - 00000197 _____ C:\Windows\system32\2015-05-22-14-29-19.062-AvastVBoxSVC.exe-2300.log
2015-05-22 10:48 - 2015-05-22 10:48 - 00000197 _____ C:\Windows\system32\2015-05-22-08-48-19.066-AvastVBoxSVC.exe-2972.log
2015-05-21 17:17 - 2015-05-21 17:17 - 00000197 _____ C:\Windows\system32\2015-05-21-15-17-46.086-AvastVBoxSVC.exe-2432.log
2015-05-21 09:23 - 2015-05-21 09:23 - 00000197 _____ C:\Windows\system32\2015-05-21-07-23-24.012-AvastVBoxSVC.exe-2436.log
2015-05-20 22:08 - 2015-05-20 22:08 - 00089016 _____ C:\spyhunter.log
2015-05-20 20:45 - 2015-06-04 10:38 - 00000556 _____ C:\Users\Mermeoth\Desktop\RKreport[0]_D_05202015_204509.txt
2015-05-20 20:43 - 2015-05-20 20:43 - 00001717 _____ C:\Users\Mermeoth\Desktop\RKreport[0]_S_05202015_204324.txt
2015-05-20 20:41 - 2015-05-20 20:45 - 00000000 ____D C:\Users\Mermeoth\Desktop\RK_Quarantine
2015-05-20 20:37 - 2015-05-20 20:37 - 00000197 _____ C:\Windows\system32\2015-05-20-18-37-17.027-AvastVBoxSVC.exe-2196.log
2015-05-20 20:27 - 2015-05-20 20:27 - 00000197 _____ C:\Windows\system32\2015-05-20-18-27-20.047-AvastVBoxSVC.exe-2896.log
2015-05-20 20:20 - 2015-06-12 09:36 - 00000000 ____D C:\AdwCleaner
2015-05-20 20:12 - 2015-05-20 20:12 - 00000197 _____ C:\Windows\system32\2015-05-20-18-12-28.057-AvastVBoxSVC.exe-2248.log
2015-05-20 20:09 - 2015-05-20 20:10 - 00031313 _____ C:\sh4_service.log
2015-05-20 19:55 - 2013-10-18 15:01 - 00285747 _____ C:\shldr
2015-05-20 19:55 - 2013-10-18 15:01 - 00008192 _____ C:\shldr.mbr
2015-05-20 16:45 - 2015-05-20 16:45 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-05-20 16:44 - 2015-05-20 20:30 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-05-20 15:05 - 2015-05-20 15:05 - 00000000 _____ C:\autoexec.bat
2015-05-20 10:05 - 2015-05-20 10:05 - 00000247 _____ C:\Windows\system32\2015-05-20-08-05-10.028-aswFe.exe-1528.log
2015-05-20 09:59 - 2015-05-20 10:05 - 00000247 _____ C:\Windows\system32\2015-05-20-07-59-05.021-aswFe.exe-2892.log
2015-05-20 09:58 - 2015-05-20 09:59 - 00000197 _____ C:\Windows\system32\2015-05-20-07-58-59.074-AvastVBoxSVC.exe-4204.log
2015-05-19 09:14 - 2015-05-19 09:14 - 00000197 _____ C:\Windows\system32\2015-05-19-07-14-33.095-AvastVBoxSVC.exe-2528.log
2015-05-18 14:01 - 2015-05-18 14:01 - 00000247 _____ C:\Windows\system32\2015-05-18-12-01-21.080-aswFe.exe-4644.log
2015-05-18 13:54 - 2015-05-18 14:01 - 00000247 _____ C:\Windows\system32\2015-05-18-11-54-54.047-aswFe.exe-5072.log
2015-05-18 13:54 - 2015-05-18 13:54 - 00000197 _____ C:\Windows\system32\2015-05-18-11-54-49.043-AvastVBoxSVC.exe-3440.log
2015-05-18 09:33 - 2015-05-18 09:33 - 00000197 _____ C:\Windows\system32\2015-05-18-07-33-11.028-AvastVBoxSVC.exe-2288.log
2015-05-17 17:31 - 2015-05-17 17:31 - 00000197 _____ C:\Windows\system32\2015-05-17-15-31-55.075-AvastVBoxSVC.exe-1800.log
2015-05-16 09:37 - 2015-05-16 09:37 - 00000197 _____ C:\Windows\system32\2015-05-16-07-37-10.073-AvastVBoxSVC.exe-2364.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 14:17 - 2015-01-21 23:00 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-15 13:45 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-15 13:45 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-15 13:41 - 2015-01-21 22:18 - 02013067 _____ C:\Windows\WindowsUpdate.log
2015-06-15 13:02 - 2015-01-28 21:14 - 00000000 ____D C:\Program Files (x86)\torrent
2015-06-15 10:17 - 2015-01-21 23:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-15 09:27 - 2015-01-21 22:14 - 00002848 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2015-06-15 09:27 - 2015-01-21 22:14 - 00000416 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2015-06-15 09:26 - 2015-01-21 22:14 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2015-06-15 09:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-14 19:38 - 2015-01-22 01:22 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-12 13:11 - 2015-01-21 23:43 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\Battle.net
2015-06-12 11:17 - 2015-01-21 23:44 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-06-12 09:23 - 2015-02-07 18:15 - 00000000 ____D C:\ProgramData\TEMP
2015-06-12 00:41 - 2015-02-14 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2015-06-12 00:29 - 2009-07-14 07:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-11 21:16 - 2015-01-21 22:30 - 00766100 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-11 21:15 - 2009-07-14 07:13 - 00766100 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 20:54 - 2015-01-21 21:28 - 00000000 ____D C:\Kamil Záloha
2015-06-11 20:42 - 2015-01-22 01:16 - 00000000 ____D C:\Users\Mermeoth\Documents\Paradox Interactive
2015-06-11 15:35 - 2015-01-22 12:35 - 00000000 ____D C:\Games
2015-06-10 19:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 14:49 - 2009-07-14 06:45 - 00416288 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 14:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-08 01:37 - 2015-03-05 22:59 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\TS3Client
2015-06-07 20:35 - 2015-01-21 23:43 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-05 11:16 - 2015-01-21 23:00 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\Deployment
2015-06-05 11:08 - 2015-01-23 13:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-05 11:08 - 2015-01-23 13:05 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-03 20:14 - 2015-01-22 02:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-26 19:49 - 2015-01-21 23:15 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\DAEMON Tools Lite
2015-05-22 17:18 - 2015-01-22 06:06 - 00000000 ____D C:\Windows\Panther
2015-05-22 16:55 - 2015-01-21 22:42 - 00110424 _____ C:\Users\Mermeoth\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-22 16:48 - 2015-01-28 14:11 - 00000000 ____D C:\Program Files (x86)\HP
2015-05-21 09:29 - 2015-01-22 02:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 09:29 - 2015-01-22 02:39 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-21 09:26 - 2015-01-22 02:37 - 00000000 ____D C:\Users\Mermeoth\AppData\Local\Adobe
2015-05-21 02:34 - 2015-04-05 02:04 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-21 02:34 - 2015-04-05 02:04 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 20:14 - 2015-01-22 02:22 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-20 20:14 - 2015-01-21 21:25 - 00001413 _____ C:\Users\Mermeoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-18 09:45 - 2015-01-28 21:28 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
==================== Files in the root of some directories =======
2015-01-28 14:11 - 2015-01-28 14:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-01 14:44 - 2015-02-01 14:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Mermeoth\AppData\Local\Temp\bitool.dll
C:\Users\Mermeoth\AppData\Local\Temp\cabex.dll
C:\Users\Mermeoth\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Mermeoth\AppData\Local\Temp\Quarantine.exe
C:\Users\Mermeoth\AppData\Local\Temp\sqlite3.dll
C:\Users\Mermeoth\AppData\Local\Temp\unelevate.exe
C:\Users\Mermeoth\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe
C:\Users\Mermeoth\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-10 19:23
==================== End of log ============================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Mermeoth at 2015-06-15 14:23:21
Running from D:\CD\Pro čištění compa
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2017746565-3527076051-863224216-500 - Administrator - Disabled)
Guest (S-1-5-21-2017746565-3527076051-863224216-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2017746565-3527076051-863224216-1002 - Limited - Enabled)
Mermeoth (S-1-5-21-2017746565-3527076051-863224216-1000 - Administrator - Enabled) => C:\Users\Mermeoth
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco Packet Tracer 6.1.1 Student (HKLM-x32\...\Cisco Packet Tracer 6.1.1 Student_is1) (Version: - Cisco Systems, Inc.)
Crusader Kings II Way of Life (HKLM-x32\...\Crusader Kings II Way of Life_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Five Nights at Freddy's 2 v1.0 (HKLM-x32\...\Five Nights at Freddy's 2 v1.0_is1) (Version: - )
Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
K-Lite Codec Pack 10.9.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Majesty 2 Collection (HKLM-x32\...\Majesty 2 Collection_is1) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\MK LOL) (Version: - )
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7388 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Worms Clan Wars (HKLM-x32\...\Worms Clan Wars_is1) (Version: - Team17 Digital Ltd)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2017746565-3527076051-863224216-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
05-04-2015 02:04:09 Windows Update
10-04-2015 10:48:46 Windows Update
14-04-2015 10:26:14 Windows Update
15-04-2015 19:44:45 Windows Update
21-04-2015 11:21:10 Windows Update
22-04-2015 17:32:07 DLL-Files Fixer Wed, Apr 22, 15 17:32
28-04-2015 11:05:21 Windows Update
01-05-2015 11:14:50 Windows Update
05-05-2015 09:32:50 Windows Update
08-05-2015 13:10:28 Windows Update
12-05-2015 15:12:29 Windows Update
13-05-2015 18:24:44 Windows Update
19-05-2015 09:17:43 Windows Update
20-05-2015 16:44:42 Installed SpyHunter
20-05-2015 20:28:42 Removed SpyHunter
20-05-2015 20:29:57 Removed SpyHunter
21-05-2015 02:33:56 Windows Update
22-05-2015 16:36:45 Removed HP Deskjet 1050 J410 series Basic Device Software
22-05-2015 16:47:02 Installed HP Support Solutions Framework
22-05-2015 17:07:34 Removed HP Deskjet 1050 J410 series Product Improvement Study
22-05-2015 17:09:27 Removed HP Support Solutions Framework
22-05-2015 17:10:23 Removed HP Deskjet 1050 J410 series Basic Device Software
22-05-2015 17:33:33 Installed HP Support Solutions Framework
26-05-2015 09:27:10 Windows Update
29-05-2015 09:33:07 Windows Update
02-06-2015 18:16:11 Windows Update
05-06-2015 10:10:29 Windows Update
09-06-2015 10:26:59 Windows Update
10-06-2015 13:18:16 Windows Update
11-06-2015 21:00:26 Windows Update
11-06-2015 21:42:21 Installed DirectX
11-06-2015 21:57:59 Removed Microsoft Visual C++ 2005 Redistributable
11-06-2015 22:00:08 Removed Microsoft Visual C++ 2005 Redistributable (x64)
11-06-2015 22:03:11 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
11-06-2015 22:06:14 Removed Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
11-06-2015 22:07:25 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
11-06-2015 22:08:06 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
11-06-2015 23:19:46 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
11-06-2015 23:22:23 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
11-06-2015 23:26:30 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
11-06-2015 23:29:40 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-05-20 15:05 - 2015-05-20 15:05 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D337C76-8DFE-4869-BB72-466A8BC5DB57} - System32\Tasks\{B832EDD4-F47A-4FAC-9796-97F93E430E7A} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall ENTERPRISE /dll OSETUP.DLL
Task: {133C4F66-4C5E-475C-A49B-FC9EB68CC25B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {1E35CC3C-94B6-4B75-B8B1-C1AE2A568F79} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {2CD64E9E-FF36-4F28-9403-CE453A6B9A59} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-01-13] ()
Task: {43B713BF-991A-4AE0-91CF-3CA2A11597B5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {4A79DC8E-1135-4DF2-B7C9-8BE7E26F5E09} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-22] (AVAST Software)
Task: {508BB51E-AF7D-45FF-BC56-422EB1F4E437} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {5D0BCD0F-2AAF-4914-81F3-8EF6BA54AABF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {636E99A1-0795-4C9E-8E8C-052AED8CF5C6} - System32\Tasks\Installer_iwebar => C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe [2015-06-12] () <==== ATTENTION
Task: {63DA29E4-5B84-46D8-ADFA-346CDA221F7F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-23] (Microsoft Corporation)
Task: {78712161-4BCE-45E5-AFD2-45C59D4C8FCE} - System32\Tasks\HP Deskjet 1050 J410 series.exe_{FEF80654-ECBD-44BF-A88A-30C61EF52575} => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {852EEF2C-ECA8-465D-A105-5FFEFADD8676} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {951AA9CE-D1F3-4EFB-95AA-6A036103812A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {A5E1E090-B5BA-4E85-B3B2-00B30A267ACA} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {ABEEF00E-6C00-48AB-B105-2B123737B1F7} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {D64957BE-A8D6-4471-B1C2-65B660676A27} - System32\Tasks\avastBCLRestartS-1-5-21-2017746565-3527076051-863224216-1000 => Chrome.exe
Task: {D910A1BE-3EE9-4B32-8C65-A83B2519DE58} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {E302498E-2C68-47A4-9FA1-8D3701F4DD9A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (Whitelisted) ==============
2015-01-22 01:21 - 2015-01-22 01:21 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-22 01:21 - 2015-01-22 01:21 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-01-21 17:54 - 2015-01-22 12:42 - 01294336 _____ () C:\Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-01-22 12:42 - 2015-06-15 14:18 - 02360312 _____ () C:\Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.247\deploy\LoLLauncher.exe
2015-01-31 23:20 - 2015-06-15 14:18 - 03924472 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcher.exe
2015-01-31 23:20 - 2015-06-15 14:18 - 03111416 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\LoLPatcherUx.exe
2015-06-14 19:37 - 2015-06-14 19:37 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061401\algo.dll
2015-01-22 01:21 - 2015-01-22 01:21 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-06-15 13:34 - 2015-06-15 13:34 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061500\algo.dll
2015-03-14 21:06 - 2015-03-14 21:06 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 01672696 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\RiotLauncher.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 34850296 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\libcef.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 01383416 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\icui18n.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 01142264 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\icuuc.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 04382200 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\v8.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 01755128 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\RiotRadsIO.dll
2015-01-31 23:20 - 2015-06-15 14:18 - 00953336 _____ () C:\Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.31\deploy\ffmpegsumo.dll
2015-06-09 22:18 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 22:18 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-09 22:18 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.46.172.37 - 213.46.172.36
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Mermeoth^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3823C375-1E8B-48FE-BE86-4B05410DF30B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{328EFC6C-8F2F-4DE2-9337-41A9D181BF35}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9CA26339-DF8D-45BE-BE67-76F6C4851780}] => (Allow) C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{98549C21-9357-4BC6-BAD2-E72B0ABE31C0}] => (Allow) C:\Users\Mermeoth\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3631DC64-C781-412E-9126-23D177955914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{932023D8-E113-42B4-B5F4-9F1FC56ACA61}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E6BDBBA-6E05-4BB6-85F6-410B1CCA273F}] => (Allow) C:\Program Files (x86)\torrent\utorrent.exe
FirewallRules: [{8DF4872A-8148-4D5D-8DE9-4B6413118B01}] => (Allow) C:\Program Files (x86)\torrent\utorrent.exe
FirewallRules: [{93F5FD70-571D-4C66-9F78-285B802CD744}] => (Allow) %ProgramFiles% (x86)\torrent\utorrent.exe
FirewallRules: [{47A758B0-0C1C-4020-B79B-F4DEDEB84CE4}] => (Allow) LPort=56999
FirewallRules: [{566A5CDA-70FB-4B5E-A489-DB62EDF60C36}] => (Allow) LPort=56999
FirewallRules: [{76EAF538-9612-4E7C-A6B5-BCEEBE36E2E9}] => (Allow) %ProgramFiles% (x86)\torrent\utorrent.exe
FirewallRules: [TCP Query User{D4543E12-D229-4037-9142-42C3F5942F3E}C:\program files (x86)\cisco packet tracer 6.1.1sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1.1sv\bin\packettracer6.exe
FirewallRules: [UDP Query User{F058B505-B0D6-4970-89F3-1CF0654B9E74}C:\program files (x86)\cisco packet tracer 6.1.1sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1.1sv\bin\packettracer6.exe
FirewallRules: [TCP Query User{294F08BD-A5A7-4926-8094-9FE0ADEB4B96}C:\games\worms clan wars\wormsclanwars.exe] => (Block) C:\games\worms clan wars\wormsclanwars.exe
FirewallRules: [UDP Query User{3F303DCD-F11F-4F89-B2E4-99F1B6548C06}C:\games\worms clan wars\wormsclanwars.exe] => (Block) C:\games\worms clan wars\wormsclanwars.exe
FirewallRules: [TCP Query User{94435FD5-416A-477C-BD77-34D1D6C86A35}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7BE25199-D0CB-41B2-994B-2F9BEFA350F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FBA86133-7872-46F6-AF92-030143BC59D1}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{1932BB41-7F12-4E55-91F9-A9650EAAB129}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B5DD7DE6-CCE2-462F-A90B-F3B123E742C7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{7FE16059-9185-4E44-BD47-4CE3E853CD32}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{98496F9C-60DD-49AE-9AA7-AEB2B546536F}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{73EB5756-A7C4-45B8-817D-43A253AAAFF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BA766C53-59B1-48C2-B163-64E95489734C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9BBCC3DA-0ED8-4129-ACAA-5FC45430174A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/15/2015 09:26:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/14/2015 07:37:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/13/2015 09:32:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2015 04:45:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/12/2015 09:38:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2015 09:22:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2015 00:30:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2015 00:03:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/11/2015 11:22:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/11/2015 11:09:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/15/2015 09:25:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Swift Record service failed to start due to the following error:
%%2
Error: (06/14/2015 07:36:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Swift Record service failed to start due to the following error:
%%2
Error: (06/13/2015 06:42:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (06/13/2015 09:31:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Swift Record service failed to start due to the following error:
%%2
Error: (06/12/2015 09:38:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Swift Record service failed to start due to the following error:
%%2
Error: (06/12/2015 09:37:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Print Spooler service failed to start due to the following error:
%%1069
Error: (06/12/2015 09:37:25 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The Spooler service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (06/12/2015 09:37:12 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056
Error: (06/12/2015 09:36:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (06/12/2015 09:36:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Microsoft Office:
=========================
Error: (02/03/2015 09:57:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 36 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 61%
Total physical RAM: 3956.5 MB
Available physical RAM: 1541.04 MB
Total Pagefile: 7911.21 MB
Available Pagefile: 5178.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:356.29 GB) (Free:73.32 GB) NTFS
Drive d: () (Fixed) (Total:97.66 GB) (Free:60.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0C1A0C1A)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=356.3 GB) - (Type=07 NTFS)
==================== End of log ============================
Re: Neustále objevující se malware
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File S2 Util Swift Record; "C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe" [X] C:\Program Files (x86)\Swift Record S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X] C:\Program Files (x86)\Enigma Software Group 2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\rsit 2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\Program Files\trend micro 2015-05-20 22:08 - 2015-05-20 22:08 - 00089016 _____ C:\spyhunter.log 2015-05-20 20:20 - 2015-06-12 09:36 - 00000000 ____D C:\AdwCleaner 2015-05-20 20:09 - 2015-05-20 20:10 - 00031313 _____ C:\sh4_service.log 2015-05-20 19:55 - 2013-10-18 15:01 - 00285747 _____ C:\shldr 2015-05-20 19:55 - 2013-10-18 15:01 - 00008192 _____ C:\shldr.mbr 2015-05-20 16:45 - 2015-05-20 16:45 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group 2015-05-20 16:44 - 2015-05-20 20:30 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP 2015-02-01 14:44 - 2015-02-01 14:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\Seznam.cz 2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Program Files (x86)\Seznam.cz Task: {636E99A1-0795-4C9E-8E8C-052AED8CF5C6} - System32\Tasks\Installer_iwebar => C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe [2015-06-12] () <==== ATTENTION C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Neustále objevující se malware
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Mermeoth at 2015-06-15 16:44:10 Run:1
Running from D:\CD\Pro čištění compa
Loaded Profiles: Mermeoth (Available Profiles: Mermeoth)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
S2 Util Swift Record; "C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe" [X]
C:\Program Files (x86)\Swift Record
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files (x86)\Enigma Software Group
2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\rsit
2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\Program Files\trend micro
2015-05-20 22:08 - 2015-05-20 22:08 - 00089016 _____ C:\spyhunter.log
2015-05-20 20:20 - 2015-06-12 09:36 - 00000000 ____D C:\AdwCleaner
2015-05-20 20:09 - 2015-05-20 20:10 - 00031313 _____ C:\sh4_service.log
2015-05-20 19:55 - 2013-10-18 15:01 - 00285747 _____ C:\shldr
2015-05-20 19:55 - 2013-10-18 15:01 - 00008192 _____ C:\shldr.mbr
2015-05-20 16:45 - 2015-05-20 16:45 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-05-20 16:44 - 2015-05-20 20:30 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-02-01 14:44 - 2015-02-01 14:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\Seznam.cz
2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
Task: {636E99A1-0795-4C9E-8E8C-052AED8CF5C6} - System32\Tasks\Installer_iwebar => C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe [2015-06-12] () <==== ATTENTION
C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Util Swift Record => Service removed successfully
"C:\Program Files (x86)\Swift Record" => File/Folder not found.
esgiguard => Service removed successfully
C:\Program Files (x86)\Enigma Software Group => moved successfully.
C:\rsit => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\spyhunter.log => moved successfully.
C:\AdwCleaner => moved successfully.
C:\sh4_service.log => moved successfully.
C:\shldr => moved successfully.
C:\shldr.mbr => moved successfully.
"C:\Program Files (x86)\Enigma Software Group" => File/Folder not found.
C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
C:\Users\Mermeoth\AppData\Roaming\Seznam.cz => moved successfully.
C:\Program Files (x86)\Seznam.cz => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{636E99A1-0795-4C9E-8E8C-052AED8CF5C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{636E99A1-0795-4C9E-8E8C-052AED8CF5C6}" => key removed successfully
C:\Windows\System32\Tasks\Installer_iwebar => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_iwebar" => key removed successfully
C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\SlimDrivers Startup.job => moved successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 2.4 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 16:44:37 ====
Ran by Mermeoth at 2015-06-15 16:44:10 Run:1
Running from D:\CD\Pro čištění compa
Loaded Profiles: Mermeoth (Available Profiles: Mermeoth)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
S2 Util Swift Record; "C:\Program Files (x86)\Swift Record\bin\utilSwiftRecord.exe" [X]
C:\Program Files (x86)\Swift Record
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files (x86)\Enigma Software Group
2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\rsit
2015-06-12 00:46 - 2015-06-12 00:46 - 00000000 ____D C:\Program Files\trend micro
2015-05-20 22:08 - 2015-05-20 22:08 - 00089016 _____ C:\spyhunter.log
2015-05-20 20:20 - 2015-06-12 09:36 - 00000000 ____D C:\AdwCleaner
2015-05-20 20:09 - 2015-05-20 20:10 - 00031313 _____ C:\sh4_service.log
2015-05-20 19:55 - 2013-10-18 15:01 - 00285747 _____ C:\shldr
2015-05-20 19:55 - 2013-10-18 15:01 - 00008192 _____ C:\shldr.mbr
2015-05-20 16:45 - 2015-05-20 16:45 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-05-20 16:44 - 2015-05-20 20:30 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-02-01 14:44 - 2015-02-01 14:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Users\Mermeoth\AppData\Roaming\Seznam.cz
2015-06-12 00:09 - 2015-06-12 00:25 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
Task: {636E99A1-0795-4C9E-8E8C-052AED8CF5C6} - System32\Tasks\Installer_iwebar => C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe [2015-06-12] () <==== ATTENTION
C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-2017746565-3527076051-863224216-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Util Swift Record => Service removed successfully
"C:\Program Files (x86)\Swift Record" => File/Folder not found.
esgiguard => Service removed successfully
C:\Program Files (x86)\Enigma Software Group => moved successfully.
C:\rsit => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\spyhunter.log => moved successfully.
C:\AdwCleaner => moved successfully.
C:\sh4_service.log => moved successfully.
C:\shldr => moved successfully.
C:\shldr.mbr => moved successfully.
"C:\Program Files (x86)\Enigma Software Group" => File/Folder not found.
C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
C:\Users\Mermeoth\AppData\Roaming\Seznam.cz => moved successfully.
C:\Program Files (x86)\Seznam.cz => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{636E99A1-0795-4C9E-8E8C-052AED8CF5C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{636E99A1-0795-4C9E-8E8C-052AED8CF5C6}" => key removed successfully
C:\Windows\System32\Tasks\Installer_iwebar => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_iwebar" => key removed successfully
C:\Users\Mermeoth\AppData\Local\Installer\Installiwebar_14784\DCytaiesmt_smtyc_setup.exe => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\SlimDrivers Startup.job => moved successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 2.4 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 16:44:37 ====
Re: Neustále objevující se malware
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Neustále objevující se malware
Hmm to už bude takový off-topic, ale za zeptání nic nedám.
Zhruba před měsícem, když jsem měl napadený prohlížeče, tak jsem použil původně nějakej spyhunter a pak adwcleaner.
Od tý doby mi ovšem nefunguje aplikace k tiskárně, která sleduje barvu, skenuje se přes ní, atd. Prostě po kliknutí to zapřemýšlí a nic.
Myslel jsem, že možná třeba se něco odstranilo z registrů a tak jsem to několikrát úplně přeinstaloval a stejnak neběží.
Nějaký nápad co jsem s tim vyvedl a co by to mohlo dát dohromady?
Zhruba před měsícem, když jsem měl napadený prohlížeče, tak jsem použil původně nějakej spyhunter a pak adwcleaner.
Od tý doby mi ovšem nefunguje aplikace k tiskárně, která sleduje barvu, skenuje se přes ní, atd. Prostě po kliknutí to zapřemýšlí a nic.
Myslel jsem, že možná třeba se něco odstranilo z registrů a tak jsem to několikrát úplně přeinstaloval a stejnak neběží.
Nějaký nápad co jsem s tim vyvedl a co by to mohlo dát dohromady?
Re: Neustále objevující se malware
SpyHunter odmita ucast na srovnavacich testech antimalwarovych nastroju a nektere zdroje ho radi mezi tzv. rogueware. Zkratka jeho cinnost i ucinnost je velice diskutabilni. Nedoporucuji jej do PC vubec instalovat.
Jednim ze zpusobu by mohlo byt pouziti bodu obnoveni k datu, kdy jeste tiskarna korektne fungovala (pokud takovy je). Pak muzete zkusit odinstalovat pomoci Revo Uninstalleru a nasledne nainstalovat. Nebo odinstalovat, vycistit registry pomoci CCleaneru (udelat zalohu!) a software nasledne nainstalovat. Vyzkousejte take tiskarnu zapojit do jineho USB portu.
Jednim ze zpusobu by mohlo byt pouziti bodu obnoveni k datu, kdy jeste tiskarna korektne fungovala (pokud takovy je). Pak muzete zkusit odinstalovat pomoci Revo Uninstalleru a nasledne nainstalovat. Nebo odinstalovat, vycistit registry pomoci CCleaneru (udelat zalohu!) a software nasledne nainstalovat. Vyzkousejte take tiskarnu zapojit do jineho USB portu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Neustále objevující se malware
Jo jo, nevěděl jsem, vyzkoušel jsem a nejsem se spyhunterem kámoš.
Odinstalovat a vyčistit registry před opětovanou instalací jsem zkoušel. Jiný USB port také.
Revo uninstaller jsem teďka zkusil, ale ten software k tiskárně tam není vůbec ve výběru.
Strávil jsem pár pěkných hodin při pokusech to rozšlapat, ale neúspěšně. Kdybych před tim tušil, že mi to nepujde, tak bych použil bod obnovení, jenže to jsem nechtěl právě kvůli tomu, že jsem to měl zavirovaný. Teďka už mám smůlu.
Odinstalovat a vyčistit registry před opětovanou instalací jsem zkoušel. Jiný USB port také.
Revo uninstaller jsem teďka zkusil, ale ten software k tiskárně tam není vůbec ve výběru.
Strávil jsem pár pěkných hodin při pokusech to rozšlapat, ale neúspěšně. Kdybych před tim tušil, že mi to nepujde, tak bych použil bod obnovení, jenže to jsem nechtěl právě kvůli tomu, že jsem to měl zavirovaný. Teďka už mám smůlu.
Re: Neustále objevující se malware
Pokud tak stary bod obnoveni stale v PC mate, klidne jej pouzijte (idealne v nouzovem rezimu, at mu nic nekeca do prace) - odvirovani pro nas ve vetsine pripadu neni problem.
Pak uz doporucim jen technickou podporu/specializovane forum vyrobce.
Pak uz doporucim jen technickou podporu/specializovane forum vyrobce.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Neustále objevující se malware
Pár jich tam je těch bodů, ale všechno mi hází blue screeny a nebo mi počítač jen klekne, takže z toho nic nebude.
Re: Neustále objevující se malware
Jiny zpusob nez kontaktovat technickou podporu uz me nenapada.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?